def create_resource_dict(self) -> Dict[str, Resource]: from synapse.rest.oidc import OIDCResource d = super().create_resource_dict() d["/_synapse/client/pick_username"] = pick_username_resource(self.hs) d["/_synapse/oidc"] = OIDCResource(self.hs) return d
def build_synapse_client_resource_tree(hs: "HomeServer") -> Mapping[str, Resource]: """Builds a resource tree to include synapse-specific client resources These are resources which should be loaded on all workers which expose a C-S API: ie, the main process, and any generic workers so configured. Returns: map from path to Resource. """ resources = { # SSO bits. These are always loaded, whether or not SSO login is actually # enabled (they just won't work very well if it's not) "/_synapse/client/pick_idp": PickIdpResource(hs), "/_synapse/client/pick_username": pick_username_resource(hs), "/_synapse/client/new_user_consent": NewUserConsentResource(hs), "/_synapse/client/sso_register": SsoRegisterResource(hs), } # provider-specific SSO bits. Only load these if they are enabled, since they # rely on optional dependencies. if hs.config.oidc_enabled: from synapse.rest.synapse.client.oidc import OIDCResource resources["/_synapse/client/oidc"] = OIDCResource(hs) if hs.config.saml2_enabled: from synapse.rest.synapse.client.saml2 import SAML2Resource res = SAML2Resource(hs) resources["/_synapse/client/saml2"] = res # This is also mounted under '/_matrix' for backwards-compatibility. resources["/_matrix/saml2"] = res return resources
def _configure_named_resource(self, name, compress=False): """Build a resource map for a named resource Args: name (str): named resource: one of "client", "federation", etc compress (bool): whether to enable gzip compression for this resource Returns: dict[str, Resource]: map from path to HTTP resource """ resources = {} if name == "client": client_resource = ClientRestResource(self) if compress: client_resource = gz_wrap(client_resource) resources.update({ "/_matrix/client/api/v1": client_resource, "/_matrix/client/r0": client_resource, "/_matrix/client/unstable": client_resource, "/_matrix/client/v2_alpha": client_resource, "/_matrix/client/versions": client_resource, "/.well-known/matrix/client": WellKnownResource(self), "/_synapse/admin": AdminRestResource(self), "/_synapse/client/pick_username": pick_username_resource(self), "/_synapse/client/pick_idp": PickIdpResource(self), }) if self.get_config().oidc_enabled: from synapse.rest.oidc import OIDCResource resources["/_synapse/oidc"] = OIDCResource(self) if self.get_config().saml2_enabled: from synapse.rest.saml2 import SAML2Resource resources["/_matrix/saml2"] = SAML2Resource(self) if self.get_config( ).threepid_behaviour_email == ThreepidBehaviour.LOCAL: from synapse.rest.synapse.client.password_reset import ( PasswordResetSubmitTokenResource, ) resources[ "/_synapse/client/password_reset/email/submit_token"] = PasswordResetSubmitTokenResource( self) if name == "consent": from synapse.rest.consent.consent_resource import ConsentResource consent_resource = ConsentResource(self) if compress: consent_resource = gz_wrap(consent_resource) resources.update({"/_matrix/consent": consent_resource}) if name == "federation": resources.update({FEDERATION_PREFIX: TransportLayerServer(self)}) if name == "openid": resources.update({ FEDERATION_PREFIX: TransportLayerServer(self, servlet_groups=["openid"]) }) if name in ["static", "client"]: resources.update({ STATIC_PREFIX: StaticResource( os.path.join(os.path.dirname(synapse.__file__), "static")) }) if name in ["media", "federation", "client"]: if self.get_config().enable_media_repo: media_repo = self.get_media_repository_resource() resources.update({ MEDIA_PREFIX: media_repo, LEGACY_MEDIA_PREFIX: media_repo }) elif name == "media": raise ConfigError( "'media' resource conflicts with enable_media_repo=False") if name in ["keys", "federation"]: resources[SERVER_KEY_V2_PREFIX] = KeyApiV2Resource(self) if name == "webclient": webclient_loc = self.get_config().web_client_location if webclient_loc is None: logger.warning( "Not enabling webclient resource, as web_client_location is unset." ) elif webclient_loc.startswith( "http://") or webclient_loc.startswith("https://"): resources[WEB_CLIENT_PREFIX] = RootRedirect(webclient_loc) else: logger.warning( "Running webclient on the same domain is not recommended: " "https://github.com/matrix-org/synapse#security-note - " "after you move webclient to different host you can set " "web_client_location to its full URL to enable redirection." ) # GZip is disabled here due to # https://twistedmatrix.com/trac/ticket/7678 resources[WEB_CLIENT_PREFIX] = File(webclient_loc) if name == "metrics" and self.get_config().enable_metrics: resources[METRICS_PREFIX] = MetricsResource(RegistryProxy) if name == "replication": resources[REPLICATION_PREFIX] = ReplicationRestResource(self) return resources