Split out the auth handler

9 years ago · 4a10510cd5
parent 07233a1ec8
commit 4a10510cd5
10 changed files with 23 additions and 24 deletions
--- a/synapse/handlers/init.py
+++ b/synapse/handlers/init.py
@ -24,7 +24,6 @@ from .federation import FederationHandler
 from .profile import ProfileHandler
 from .directory import DirectoryHandler
 from .admin import AdminHandler
-from .auth import AuthHandler
 from .identity import IdentityHandler
 from .receipts import ReceiptsHandler
 from .search import SearchHandler
@ -50,7 +49,6 @@ class Handlers(object):
        self.directory_handler = DirectoryHandler(hs)
        self.admin_handler = AdminHandler(hs)
        self.receipts_handler = ReceiptsHandler(hs)
-        self.auth_handler = AuthHandler(hs)
        self.identity_handler = IdentityHandler(hs)
        self.search_handler = SearchHandler(hs)
        self.room_context_handler = RoomContextHandler(hs)
--- a/synapse/handlers/register.py
+++ b/synapse/handlers/register.py
@ -413,7 +413,7 @@ class RegistrationHandler(BaseHandler):
        defer.returnValue((user_id, token))

    def auth_handler(self):
-        return self.hs.get_handlers().auth_handler
+        return self.hs.get_auth_handler()

    @defer.inlineCallbacks
    def guest_access_token_for(self, medium, address, inviter_user_id):
--- a/synapse/rest/client/v1/login.py
+++ b/synapse/rest/client/v1/login.py
@ -58,6 +58,7 @@ class LoginRestServlet(ClientV1RestServlet):
        self.cas_required_attributes = hs.config.cas_required_attributes
        self.servername = hs.config.server_name
        self.http_client = hs.get_simple_http_client()
+        self.auth_handler = self.hs.get_auth_handler()

    def on_GET(self, request):
        flows = []
@ -143,7 +144,7 @@ class LoginRestServlet(ClientV1RestServlet):
                user_id, self.hs.hostname
            ).to_string()

-        auth_handler = self.handlers.auth_handler
+        auth_handler = self.auth_handler
        user_id, access_token, refresh_token = yield auth_handler.login_with_password(
            user_id=user_id,
            password=login_submission["password"])
@ -160,7 +161,7 @@ class LoginRestServlet(ClientV1RestServlet):
    @defer.inlineCallbacks
    def do_token_login(self, login_submission):
        token = login_submission['token']
-        auth_handler = self.handlers.auth_handler
+        auth_handler = self.auth_handler
        user_id = (
            yield auth_handler.validate_short_term_login_token_and_get_user_id(token)
        )
@ -194,7 +195,7 @@ class LoginRestServlet(ClientV1RestServlet):
                    raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)

        user_id = UserID.create(user, self.hs.hostname).to_string()
-        auth_handler = self.handlers.auth_handler
+        auth_handler = self.auth_handler
        user_exists = yield auth_handler.does_user_exist(user_id)
        if user_exists:
            user_id, access_token, refresh_token = (
@ -243,7 +244,7 @@ class LoginRestServlet(ClientV1RestServlet):
            raise LoginError(401, "Invalid JWT", errcode=Codes.UNAUTHORIZED)

        user_id = UserID.create(user, self.hs.hostname).to_string()
-        auth_handler = self.handlers.auth_handler
+        auth_handler = self.auth_handler
        user_exists = yield auth_handler.does_user_exist(user_id)
        if user_exists:
            user_id, access_token, refresh_token = (
@ -412,7 +413,7 @@ class CasTicketServlet(ClientV1RestServlet):
                    raise LoginError(401, "Unauthorized", errcode=Codes.UNAUTHORIZED)

        user_id = UserID.create(user, self.hs.hostname).to_string()
-        auth_handler = self.handlers.auth_handler
+        auth_handler = self.auth_handler
        user_exists = yield auth_handler.does_user_exist(user_id)
        if not user_exists:
            user_id, _ = (
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@ -35,7 +35,7 @@ class PasswordRestServlet(RestServlet):
        super(PasswordRestServlet, self).__init__()
        self.hs = hs
        self.auth = hs.get_auth()
-        self.auth_handler = hs.get_handlers().auth_handler
+        self.auth_handler = hs.get_auth_handler()

    @defer.inlineCallbacks
    def on_POST(self, request):
@ -97,7 +97,7 @@ class ThreepidRestServlet(RestServlet):
        self.hs = hs
        self.identity_handler = hs.get_handlers().identity_handler
        self.auth = hs.get_auth()
-        self.auth_handler = hs.get_handlers().auth_handler
+        self.auth_handler = hs.get_auth_handler()

    @defer.inlineCallbacks
    def on_GET(self, request):
--- a/synapse/rest/client/v2_alpha/auth.py
+++ b/synapse/rest/client/v2_alpha/auth.py
@ -104,7 +104,7 @@ class AuthRestServlet(RestServlet):
        super(AuthRestServlet, self).__init__()
        self.hs = hs
        self.auth = hs.get_auth()
-        self.auth_handler = hs.get_handlers().auth_handler
+        self.auth_handler = hs.get_auth_handler()
        self.registration_handler = hs.get_handlers().registration_handler

    @defer.inlineCallbacks
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@ -49,7 +49,7 @@ class RegisterRestServlet(RestServlet):
        self.hs = hs
        self.auth = hs.get_auth()
        self.store = hs.get_datastore()
-        self.auth_handler = hs.get_handlers().auth_handler
+        self.auth_handler = hs.get_auth_handler()
        self.registration_handler = hs.get_handlers().registration_handler
        self.identity_handler = hs.get_handlers().identity_handler

--- a/synapse/rest/client/v2_alpha/tokenrefresh.py
+++ b/synapse/rest/client/v2_alpha/tokenrefresh.py
@ -38,7 +38,7 @@ class TokenRefreshRestServlet(RestServlet):
        body = parse_json_object_from_request(request)
        try:
            old_refresh_token = body["refresh_token"]
-            auth_handler = self.hs.get_handlers().auth_handler
+            auth_handler = self.hs.get_auth_handler()
            (user_id, new_refresh_token) = yield self.store.exchange_refresh_token(
                old_refresh_token, auth_handler.generate_refresh_token)
            new_access_token = yield auth_handler.issue_access_token(user_id)
--- a/synapse/server.py
+++ b/synapse/server.py
@ -33,6 +33,7 @@ from synapse.handlers.presence import PresenceHandler
 from synapse.handlers.sync import SyncHandler
 from synapse.handlers.typing import TypingHandler
 from synapse.handlers.room import RoomListHandler
+from synapse.handlers.auth import AuthHandler
 from synapse.handlers.appservice import ApplicationServicesHandler
 from synapse.state import StateHandler
 from synapse.storage import DataStore
@ -89,6 +90,7 @@ class HomeServer(object):
        'sync_handler',
        'typing_handler',
        'room_list_handler',
+        'auth_handler',
        'application_service_api',
        'application_service_scheduler',
        'application_service_handler',
@ -190,6 +192,9 @@ class HomeServer(object):
    def build_room_list_handler(self):
        return RoomListHandler(self)

+    def build_auth_handler(self):
+        return AuthHandler(self)
+
    def build_application_service_api(self):
        return ApplicationServiceApi(self)

--- a/tests/rest/client/v2_alpha/test_register.py
+++ b/tests/rest/client/v2_alpha/test_register.py
@ -33,7 +33,6 @@ class RegisterRestServletTestCase(unittest.TestCase):

        # do the dance to hook it up to the hs global
        self.handlers = Mock(
-            auth_handler=self.auth_handler,
            registration_handler=self.registration_handler,
            identity_handler=self.identity_handler,
            login_handler=self.login_handler
@ -42,6 +41,7 @@ class RegisterRestServletTestCase(unittest.TestCase):
        self.hs.hostname = "superbig~testing~thing.com"
        self.hs.get_auth = Mock(return_value=self.auth)
        self.hs.get_handlers = Mock(return_value=self.handlers)
+        self.hs.get_auth_handler = Mock(return_value=self.auth_handler)
        self.hs.config.enable_registration = True

        # init the thing we're testing
--- a/tests/utils.py
+++ b/tests/utils.py
@ -81,16 +81,11 @@ def setup_test_homeserver(name="test", datastore=None, config=None, **kargs):
        )

    # bcrypt is far too slow to be doing in unit tests
-    def swap_out_hash_for_testing(old_build_handlers):
-        def build_handlers():
-            handlers = old_build_handlers()
-            auth_handler = handlers.auth_handler
-            auth_handler.hash = lambda p: hashlib.md5(p).hexdigest()
-            auth_handler.validate_hash = lambda p, h: hashlib.md5(p).hexdigest() == h
-            return handlers
-        return build_handlers
-
-    hs.build_handlers = swap_out_hash_for_testing(hs.build_handlers)
+    # Need to let the HS build an auth handler and then mess with it
+    # because AuthHandler's constructor requires the HS, so we can't make one
+    # beforehand and pass it in to the HS's constructor (chicken / egg)
+    hs.get_auth_handler().hash = lambda p: hashlib.md5(p).hexdigest()
+    hs.get_auth_handler().validate_hash = lambda p, h: hashlib.md5(p).hexdigest() == h

    fed = kargs.get("resource_for_federation", None)
    if fed: