Update set_profile_displayname to use UserID type

This is required as the function was updated to take this explicit type,
rather than just the localpart, in matrix-org/synapse#15458 as part of
version 1.83.

This is stacked atop #10 to ensure everything is updated.

README.md

@@ -21,34 +21,28 @@ your own backend, following the [Integration section](#integrate). This module s
 and profile information into actionables in synapse, and adapt your user profile with what is given.
 
 ## Install
-### From Synapse v0.34.0/py3
-Copy in whichever directory python3.x can pick it up as a module.  
+Copy in whichever directory python can pick it up as a module.
 
-If you installed synapse using the Matrix debian repos:
 ```
-sudo curl https://raw.githubusercontent.com/ma1uta/matrix-synapse-rest-password-provider/master/rest_auth_provider.py -o /opt/venvs/matrix-synapse/lib/python3.7/site-packages/rest_auth_provider.py
+sudo pip install git+https://github.com/ma1uta/matrix-synapse-rest-password-provider
 ```
-If the command fail, double check that the python version still matches. If not, please let us know by opening an issue.
 
-### Before Synapse v0.34.0/py3 or any py2-based release
-Copy in whichever directory python2.x can pick it up as a module.  
-
-If you installed synapse using the Matrix debian repos:
-```
-sudo curl https://raw.githubusercontent.com/ma1uta/matrix-synapse-rest-password-provider/master/rest_auth_provider.py -o /usr/lib/python2.7/dist-packages/rest_auth_provider.py
-```
 If the command fail, double check that the python version still matches. If not, please let us know by opening an issue.
 
 ## Configure
-Add or amend the `password_providers` entry like so:
+Add or amend the `modules` entry like so:
 ```yaml
-password_providers:
+modules:
   - module: "rest_auth_provider.RestAuthProvider"
     config:
       endpoint: "http://change.me.example.com:12345"
 ```
 Set `endpoint` to the value documented with the endpoint provider.
 
+**NOTE:** This requires Synapse 1.46 or later! If you migrate from the legacy `password_providers`, make sure
+to remove the old `RestAuthProvider` entry. If the `password_providers` list is empty, you can also remove it completely or
+comment it out.
+
 ## Use
 1. Install, configure, restart synapse
 2. Try to login with a valid username and password for the endpoint configured

rest_auth_provider.py

@@ -20,18 +20,21 @@
 #
 
 import logging
-from twisted.internet import defer
+from typing import Tuple, Optional, Callable, Awaitable
+
 import requests
-import json
 import time
+import synapse
+from synapse import module_api
+from synapse.types import UserID
 
 logger = logging.getLogger(__name__)
 
 
 class RestAuthProvider(object):
 
-    def __init__(self, config, account_handler):
-        self.account_handler = account_handler
+    def __init__(self, config: dict, api: module_api):
+        self.account_handler = api
 
         if not config.endpoint:
             raise RuntimeError('Missing endpoint config')
@@ -43,8 +46,37 @@ class RestAuthProvider(object):
         logger.info('Endpoint: %s', self.endpoint)
         logger.info('Enforce lowercase username during registration: %s', self.regLower)
 
-    @defer.inlineCallbacks
-    def check_password(self, user_id, password):
+        # register an auth callback handler
+        # see https://matrix-org.github.io/synapse/latest/modules/password_auth_provider_callbacks.html
+        api.register_password_auth_provider_callbacks(
+            auth_checkers={
+                ("m.login.password", ("password",)): self.check_m_login_password
+            }
+        )
+
+    async def check_m_login_password(self, username: str,
+                                     login_type: str,
+                                     login_dict: "synapse.module_api.JsonDict") -> Optional[
+        Tuple[
+            str,
+            Optional[Callable[["synapse.module_api.LoginResponse"], Awaitable[None]]],
+        ]
+    ]:
+        if login_type != "m.login.password":
+            return None
+
+        # get the complete MXID
+        mxid = self.account_handler.get_qualified_user_id(username)
+
+        # check if the password is valid with the old function
+        password_valid = await self.check_password(mxid, login_dict.get("password"))
+
+        if password_valid:
+            return mxid, None
+        else:
+            return None
+
+    async def check_password(self, user_id, password):
         logger.info("Got password check for " + user_id)
         data = {'user': {'id': user_id, 'password': password}}
         r = requests.post(self.endpoint + '/_matrix-internal/identity/v1/check_credentials', json=data)
@@ -58,20 +90,22 @@ class RestAuthProvider(object):
         auth = r["auth"]
         if not auth["success"]:
             logger.info("User not authenticated")
-            defer.returnValue(False)
+            return False
 
+        types_user_id = UserID.from_string(user_id)
         localpart = user_id.split(":", 1)[0][1:]
+        domain = user_id.split(":", 1)[1][1:]
         logger.info("User %s authenticated", user_id)
 
         registration = False
-        if not (yield self.account_handler.check_user_exists(user_id)):
+        if not (await self.account_handler.check_user_exists(user_id)):
             logger.info("User %s does not exist yet, creating...", user_id)
 
             if localpart != localpart.lower() and self.regLower:
                 logger.info('User %s was cannot be created due to username lowercase policy', localpart)
-                defer.returnValue(False)
+                return False
 
-            user_id, access_token = (yield self.account_handler.register(localpart=localpart))
+            user_id, access_token = (await self.account_handler.register(localpart=localpart))
             registration = True
             logger.info("Registration based on REST data was successful for %s", user_id)
         else:
@@ -81,16 +115,12 @@ class RestAuthProvider(object):
             logger.info("Handling profile data")
             profile = auth["profile"]
 
-            # fixme: temporary fix
-            try:
-                store = yield self.account_handler._hs.get_profile_handler().store  # for synapse >= 1.9.0
-            except AttributeError:
-                store = yield self.account_handler.hs.get_profile_handler().store   # for synapse < 1.9.0
+            store = self.account_handler._hs.get_profile_handler().store
 
             if "display_name" in profile and ((registration and self.config.setNameOnRegister) or (self.config.setNameOnLogin)):
                 display_name = profile["display_name"]
                 logger.info("Setting display name to '%s' based on profile data", display_name)
-                yield store.set_profile_displayname(localpart, display_name)
+                await store.set_profile_displayname(types_user_id, display_name)
             else:
                 logger.info("Display name was not set because it was not given or policy restricted it")
 
@@ -106,9 +136,9 @@ class RestAuthProvider(object):
                         logger.info("Looking for 3PID %s:%s in user profile", medium, address)
 
                         validated_at = time_msec()
-                        if not (yield store.get_user_id_by_threepid(medium, address)):
+                        if not (await store.get_user_id_by_threepid(medium, address)):
                             logger.info("3PID is not present, adding")
-                            yield store.user_add_threepid(
+                            await store.user_add_threepid(
                                 user_id,
                                 medium,
                                 address,
@@ -119,12 +149,12 @@ class RestAuthProvider(object):
                             logger.info("3PID is present, skipping")
 
                     if (self.config.replaceThreepid):
-                        for threepid in (yield store.user_get_threepids(user_id)):
+                        for threepid in (await store.user_get_threepids(user_id)):
                             medium = threepid["medium"].lower()
                             address = threepid["address"].lower()
                             if {"medium": medium, "address": address} not in external_3pids:
                                 logger.info("3PID is not present in external datastore, deleting")
-                                yield store.user_delete_threepid(
+                                await store.user_delete_threepid(
                                     user_id,
                                     medium,
                                     address
@@ -135,7 +165,7 @@ class RestAuthProvider(object):
         else:
             logger.info("No profile data")
 
-        defer.returnValue(True)
+        return True
 
     @staticmethod
     def parse_config(config):

setup.py

@@ -0,0 +1,12 @@
+from setuptools import setup
+
+setup(
+    name="rest_auth_provider",
+    version="0.0.1",
+    py_modules=['rest_auth_provider'],
+    description="Password Provider for Synapse fetching data from a REST endpoint",
+    include_package_data=True,
+    zip_safe=True,
+    install_requires=[],
+)
+