Upgrade matrix-synapse-shared-secret-auth (1.0.2 -> 2.0)

It seems to work well (and is backward compatible by default), but suffers from this issue with Element: element-hq/element-web#19605
spantaleev · Nov 3, 2021 · 21efe1c · 21efe1c
1 parent 7b8b595
commit 21efe1c
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 9 deletions.
diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml
@@ -302,6 +302,10 @@ matrix_synapse_additional_loggers: []
 # You may wish to use this together with `matrix_synapse_container_additional_volumes` or `matrix_synapse_container_extra_arguments`.
 matrix_synapse_app_service_config_files: []
 
+# This is set dynamically during execution depending on whether
+# any modules have been enabled or not.
+matrix_synapse_modules_enabled: false
+
 # This is set dynamically during execution depending on whether
 # any password providers have been enabled or not.
 matrix_synapse_password_providers_enabled: false
@@ -485,8 +489,9 @@ matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: fals
 # Enable this to activate the Shared Secret Auth password provider module.
 # See: https://github.com/devture/matrix-synapse-shared-secret-auth
 matrix_synapse_ext_password_provider_shared_secret_auth_enabled: false
-matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0.2/shared_secret_authenticator.py"
+matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/2.0/shared_secret_authenticator.py"
 matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
+matrix_synapse_ext_password_provider_shared_secret_auth_m_login_password_support_enabled: true
 
 # Enable this to activate LDAP password provider
 matrix_synapse_ext_password_provider_ldap_enabled: false

diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml
@@ -15,7 +15,7 @@
     group: "{{ matrix_user_groupname }}"
 
 - set_fact:
-    matrix_synapse_password_providers_enabled: true
+    matrix_synapse_modules_enabled: true
 
     matrix_synapse_container_extra_arguments: >
       {{ matrix_synapse_container_extra_arguments|default([]) }}

diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
@@ -15,13 +15,21 @@
 # See https://matrix-org.github.io/synapse/develop/modules.html for more
 # documentation on how to configure or create custom modules for Synapse.
 #
-modules:
+# modules:
     # - module: my_super_module.MySuperClass
     #   config:
     #       do_thing: true
     # - module: my_other_super_module.SomeClass
     #   config: {}
-
+{% if matrix_synapse_modules_enabled %}
+{% if matrix_synapse_ext_password_provider_shared_secret_auth_enabled %}
+modules:
+  - module: shared_secret_authenticator.SharedSecretAuthProvider
+    config:
+        shared_secret: {{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret|string|to_json }}
+        m_login_password_support_enabled: {{ matrix_synapse_ext_password_provider_shared_secret_auth_m_login_password_support_enabled|string|to_json }}
+{% endif %}
+{% endif %}
 
 ## Server ##
 
@@ -2487,11 +2495,6 @@ email:
 #        #filter: "(objectClass=posixAccount)"
 {% if matrix_synapse_password_providers_enabled %}
 password_providers:
-{% if matrix_synapse_ext_password_provider_shared_secret_auth_enabled %}
-  - module: "shared_secret_authenticator.SharedSecretAuthenticator"
-    config:
-      sharedSecret: {{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret|string|to_json }}
-{% endif %}
 {% if matrix_synapse_ext_password_provider_rest_auth_enabled %}
   - module: "rest_auth_provider.RestAuthProvider"
     config: