|
@@ -13,41 +13,41 @@
|
|
|
# See the License for the specific language governing permissions and
|
|
|
# limitations under the License.
|
|
|
|
|
|
+import logging
|
|
|
from typing import TYPE_CHECKING
|
|
|
|
|
|
-import pkg_resources
|
|
|
-
|
|
|
from twisted.web.http import Request
|
|
|
from twisted.web.resource import Resource
|
|
|
-from twisted.web.static import File
|
|
|
|
|
|
+from synapse.api.errors import SynapseError
|
|
|
from synapse.handlers.sso import get_username_mapping_session_cookie_from_request
|
|
|
-from synapse.http.server import DirectServeHtmlResource, DirectServeJsonResource
|
|
|
+from synapse.http.server import (
|
|
|
+ DirectServeHtmlResource,
|
|
|
+ DirectServeJsonResource,
|
|
|
+ respond_with_html,
|
|
|
+)
|
|
|
from synapse.http.servlet import parse_string
|
|
|
from synapse.http.site import SynapseRequest
|
|
|
+from synapse.util.templates import build_jinja_env
|
|
|
|
|
|
if TYPE_CHECKING:
|
|
|
from synapse.server import HomeServer
|
|
|
|
|
|
+logger = logging.getLogger(__name__)
|
|
|
+
|
|
|
|
|
|
def pick_username_resource(hs: "HomeServer") -> Resource:
|
|
|
"""Factory method to generate the username picker resource.
|
|
|
|
|
|
- This resource gets mounted under /_synapse/client/pick_username. The top-level
|
|
|
- resource is just a File resource which serves up the static files in the resources
|
|
|
- "res" directory, but it has a couple of children:
|
|
|
+ This resource gets mounted under /_synapse/client/pick_username and has two
|
|
|
+ children:
|
|
|
|
|
|
- * "submit", which does the mechanics of registering the new user, and redirects the
|
|
|
- browser back to the client URL
|
|
|
-
|
|
|
- * "check": checks if a userid is free.
|
|
|
+ * "account_details": renders the form and handles the POSTed response
|
|
|
+ * "check": a JSON endpoint which checks if a userid is free.
|
|
|
"""
|
|
|
|
|
|
- # XXX should we make this path customisable so that admins can restyle it?
|
|
|
- base_path = pkg_resources.resource_filename("synapse", "res/username_picker")
|
|
|
-
|
|
|
- res = File(base_path)
|
|
|
- res.putChild(b"submit", SubmitResource(hs))
|
|
|
+ res = Resource()
|
|
|
+ res.putChild(b"account_details", AccountDetailsResource(hs))
|
|
|
res.putChild(b"check", AvailabilityCheckResource(hs))
|
|
|
|
|
|
return res
|
|
@@ -69,15 +69,54 @@ class AvailabilityCheckResource(DirectServeJsonResource):
|
|
|
return 200, {"available": is_available}
|
|
|
|
|
|
|
|
|
-class SubmitResource(DirectServeHtmlResource):
|
|
|
+class AccountDetailsResource(DirectServeHtmlResource):
|
|
|
def __init__(self, hs: "HomeServer"):
|
|
|
super().__init__()
|
|
|
self._sso_handler = hs.get_sso_handler()
|
|
|
|
|
|
- async def _async_render_POST(self, request: SynapseRequest):
|
|
|
- localpart = parse_string(request, "username", required=True)
|
|
|
+ def template_search_dirs():
|
|
|
+ if hs.config.sso.sso_template_dir:
|
|
|
+ yield hs.config.sso.sso_template_dir
|
|
|
+ yield hs.config.sso.default_template_dir
|
|
|
+
|
|
|
+ self._jinja_env = build_jinja_env(template_search_dirs(), hs.config)
|
|
|
+
|
|
|
+ async def _async_render_GET(self, request: Request) -> None:
|
|
|
+ try:
|
|
|
+ session_id = get_username_mapping_session_cookie_from_request(request)
|
|
|
+ session = self._sso_handler.get_mapping_session(session_id)
|
|
|
+ except SynapseError as e:
|
|
|
+ logger.warning("Error fetching session: %s", e)
|
|
|
+ self._sso_handler.render_error(request, "bad_session", e.msg, code=e.code)
|
|
|
+ return
|
|
|
+
|
|
|
+ idp_id = session.auth_provider_id
|
|
|
+ template_params = {
|
|
|
+ "idp": self._sso_handler.get_identity_providers()[idp_id],
|
|
|
+ "user_attributes": {
|
|
|
+ "display_name": session.display_name,
|
|
|
+ "emails": session.emails,
|
|
|
+ },
|
|
|
+ }
|
|
|
+
|
|
|
+ template = self._jinja_env.get_template("sso_auth_account_details.html")
|
|
|
+ html = template.render(template_params)
|
|
|
+ respond_with_html(request, 200, html)
|
|
|
|
|
|
- session_id = get_username_mapping_session_cookie_from_request(request)
|
|
|
+ async def _async_render_POST(self, request: SynapseRequest):
|
|
|
+ try:
|
|
|
+ session_id = get_username_mapping_session_cookie_from_request(request)
|
|
|
+ except SynapseError as e:
|
|
|
+ logger.warning("Error fetching session cookie: %s", e)
|
|
|
+ self._sso_handler.render_error(request, "bad_session", e.msg, code=e.code)
|
|
|
+ return
|
|
|
+
|
|
|
+ try:
|
|
|
+ localpart = parse_string(request, "username", required=True)
|
|
|
+ except SynapseError as e:
|
|
|
+ logger.warning("[session %s] bad param: %s", session_id, e)
|
|
|
+ self._sso_handler.render_error(request, "bad_param", e.msg, code=e.code)
|
|
|
+ return
|
|
|
|
|
|
await self._sso_handler.handle_submit_username_request(
|
|
|
request, localpart, session_id
|