Browse Source

Djadhere password_provider for synapse

Guilhem Saurel 6 years ago
parent
commit
81d97fb34c
4 changed files with 49 additions and 1 deletions
  1. 5 0
      matrix/Dockerfile.app
  2. 3 1
      matrix/docker-compose.yml
  3. 4 0
      matrix/homeserver.yaml
  4. 37 0
      matrix/synapse_djadhere.py

+ 5 - 0
matrix/Dockerfile.app

@@ -0,0 +1,5 @@
+FROM matrixdotorg/synapse:v0.34.1.1-py3
+
+ADD homeserver.yaml /conf/homeserver.yaml.tail
+ADD synapse_djadhere.py /usr/local/lib/python3.6/site-packages
+RUN cat /conf/homeserver.yaml.tail >> /conf/homeserver.yaml

+ 3 - 1
matrix/docker-compose.yml

@@ -6,7 +6,9 @@ networks:
 
 services:
   app:
-    image: matrixdotorg/synapse:v0.34.1.1-py3
+    build:
+      context: .
+      dockerfile: Dockerfile.app
     restart: unless-stopped
     env_file:
       - .env

+ 4 - 0
matrix/homeserver.yaml

@@ -0,0 +1,4 @@
+password_providers:
+    - module: "synapse_djadhere.SynapseDjadhere"
+      config:
+          auth_api_token: "{{ AUTH_API_TOKEN }}"

+ 37 - 0
matrix/synapse_djadhere.py

@@ -0,0 +1,37 @@
+"""
+try to use djadhere to authenticate users in matrix
+cf https://github.com/matrix-org/matrix-synapse-ldap3/blob/master/ldap_auth_provider.py
+"""
+
+import treq
+from twisted.internet import defer
+from twisted.web import http
+
+
+class SynapseDjadhere(object):
+    def __init__(self, config, account_handler):
+        self.auth_api_token = config.auth_api_token
+
+    @defer.inlineCallbacks
+    def check_password(self, user_id, password):
+        localpart = user_id.split(":", 1)[0][1:]
+
+        response = yield treq.post(
+            'https://adherents.tetaneutral.net/accounts/auth_api/%s/' %
+            self.auth_api_token, {
+                'username': localpart,
+                'password': password
+            })
+        defer.returnValue(response.code == http.OK)
+
+    @staticmethod
+    def parse_config(config):
+        class _DjadhereConf(object):
+            pass
+
+        conf = _DjadhereConf()
+        if 'auth_api_token' not in config:
+            raise Exception('Synapse-Djadhere needs AUTH_API_TOKEN')
+        conf.auth_api_token = config['auth_api_token']
+
+        return conf