Merge pull request #750 from matrix-org/erikj/jwt_optional

Make pyjwt dependency optional
9 years ago · 3306cf45ca
parent c487c42492 52ecbc2843
commit 3306cf45ca
3 changed files with 23 additions and 7 deletions
--- a/synapse/config/jwt.py
+++ b/synapse/config/jwt.py
@ -13,7 +13,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-from ._base import Config
+from ._base import Config, ConfigError
+
+
+MISSING_JWT = (
+    """Missing jwt library. This is required for jwt login.
+
+    Install by running:
+        pip install pyjwt
+    """
+)


 class JWTConfig(Config):
@ -23,6 +32,12 @@ class JWTConfig(Config):
            self.jwt_enabled = jwt_config.get("enabled", False)
            self.jwt_secret = jwt_config["secret"]
            self.jwt_algorithm = jwt_config["algorithm"]
+
+            try:
+                import jwt
+                jwt  # To stop unused lint.
+            except ImportError:
+                raise ConfigError(MISSING_JWT)
        else:
            self.jwt_enabled = False
            self.jwt_secret = None
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@ -36,7 +36,6 @@ REQUIREMENTS = {
    "blist": ["blist"],
    "pysaml2>=3.0.0,<4.0.0": ["saml2>=3.0.0,<4.0.0"],
    "pymacaroons-pynacl": ["pymacaroons"],
-    "pyjwt": ["jwt"],
 }
 CONDITIONAL_REQUIREMENTS = {
    "web_client": {
--- a/synapse/rest/client/v1/login.py
+++ b/synapse/rest/client/v1/login.py
@ -33,9 +33,6 @@ from saml2.client import Saml2Client

 import xml.etree.ElementTree as ET

-import jwt
-from jwt.exceptions import InvalidTokenError
-

 logger = logging.getLogger(__name__)

@ -226,8 +223,13 @@ class LoginRestServlet(ClientV1RestServlet):
    def do_jwt_login(self, login_submission):
        token = login_submission.get("token", None)
        if token is None:
-            raise LoginError(401, "Token field for JWT is missing",
-                             errcode=Codes.UNAUTHORIZED)
+            raise LoginError(
+                401, "Token field for JWT is missing",
+                errcode=Codes.UNAUTHORIZED
+            )
+
+        import jwt
+        from jwt.exceptions import InvalidTokenError

        try:
            payload = jwt.decode(token, self.jwt_secret, algorithms=[self.jwt_algorithm])