Allow RedirectResponse in SAML response handler

Allow custom SAML handlers to redirect after processing an auth response. Fixes #7149 Signed-off-by: Jason Robinson <jasonr@matrix.org>
matrix-org · Mar 26, 2020 · 060e7dc · 060e7dc
1 parent 1c1242a
commit 060e7dc
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/changelog.d/7151.bugfix b/changelog.d/7151.bugfix
@@ -0,0 +1 @@
+Allow custom SAML handlers to redirect after processing an auth response.
diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py
@@ -26,6 +26,7 @@
 from synapse.http.server import finish_request
 from synapse.http.servlet import parse_string
 from synapse.module_api import ModuleApi
+from synapse.module_api.errors import RedirectException
 from synapse.types import (
     UserID,
     map_username_to_mxid_localpart,
@@ -119,6 +120,9 @@ async def handle_saml_response(self, request):
 
         try:
             user_id = await self._map_saml_response_to_user(resp_bytes, relay_state)
+        except RedirectException:
+            # Raise the exception as per the wishes of the SAML module response
+            raise
         except Exception as e:
             # If decoding the response or mapping it to a user failed, then log the
             # error and tell the user that something went wrong.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Allow custom SAML handlers to redirect after processing an auth response.