Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Prevent email UIA failures from raising a LoginError (#9265)
Browse files Browse the repository at this point in the history
Context, Fixes: #9263

In the past to fix an issue with old Riots re-requesting threepid validation tokens, we raised a `LoginError` during UIA instead of `InteractiveAuthIncompleteError`. This is now breaking the way Tchap logs in - which isn't standard, but also isn't disallowed by the spec.

An easy fix is just to remove the 4 year old workaround.
  • Loading branch information
anoadragon453 authored Feb 1, 2021
1 parent 13c7ab8 commit a800603
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 10 deletions.
1 change: 1 addition & 0 deletions changelog.d/9265.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Prevent password hashes from getting dropped if a client failed threepid validation during a User Interactive Auth stage. Removes a workaround for an ancient bug in Riot Web <v0.7.4.
10 changes: 0 additions & 10 deletions synapse/handlers/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -567,16 +567,6 @@ async def check_ui_auth(
session.session_id, login_type, result
)
except LoginError as e:
if login_type == LoginType.EMAIL_IDENTITY:
# riot used to have a bug where it would request a new
# validation token (thus sending a new email) each time it
# got a 401 with a 'flows' field.
# (https://github.com/vector-im/vector-web/issues/2447).
#
# Grandfather in the old behaviour for now to avoid
# breaking old riot deployments.
raise

# this step failed. Merge the error dict into the response
# so that the client can have another go.
errordict = e.error_dict()
Expand Down

0 comments on commit a800603

Please sign in to comment.