POST updated to GET by Synapse ?

[r2d2leboss]

Hi,

I'm trying to use this auth provider but it doesn't seem to work. I'm using the master branch of synapse inside a Docker container. It looks like https://github.com/kamax-io/matrix-synapse-rest-auth/blob/master/rest_auth_provider.py#L47 request is updated by Synapse ? (mxisd complains about a GET request while it's a POST request, and so it results in an error 405)

Thanks

synapse_1 | 2017-10-06 19:46:04,536 - synapse.access.http.8008 - 59 - INFO - POST-0- 172.18.0.22 - 8008 - Received request: POST /_matrix/client/r0/login? synapse_1 | 2017-10-06 19:46:04,537 - rest_auth_provider - 45 - INFO - POST-0- Got password check for @myusername:matrix.example.com mxisd_1 | 2017-10-06 19:46:04.873 WARN [nio-8090-exec-1] o.s.web.servlet.PageNotFound : Request method 'GET' not supported synapse_1 | 2017-10-06 19:46:05,099 - synapse.http.server - 139 - ERROR - POST-0- Failed handle request synapse.http.server._async_render on <synapse.rest.ClientRestResource object at 0x7f68f8004750>: <SynapseRequest at 0x7f68f7fd0c68 method=POST uri=/_matrix/client/r0/login? clientproto=HTTP/1.0 site=8008> synapse_1 | Traceback (most recent call last): synapse_1 | File "/usr/local/lib/python2.7/dist-packages/synapse/http/server.py", line 116, in wrapped_request_handler synapse_1 | yield request_handler(self, request, request_metrics) synapse_1 | HTTPError: 405 Client Error: for url: https://matrix.example.com/_matrix-internal/identity/v1/check_credentials synapse_1 | 2017-10-06 19:46:05,102 - synapse.access.http.8008 - 91 - INFO - POST-0- 172.18.0.22 - 8008 - {None} Processed request: 565ms (43ms, 4ms) (0ms/0) 67B 500 "POST /_matrix/client/r0/login? HTTP/1.0" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Riot/0.12.4 Chrome/58.0.3029.110 Electron/1.7.5 Safari/537.36"

[maxidorius]

What happens if you try with the latest release instead of master?

[r2d2leboss]

master is currently the same as the latest release (0.23.1 / https://github.com/matrix-org/synapse/commit/6c1bb1601e43c89637ae5bd8720c255646ca8141)

[maxidorius]

What about the docker container, is it silvio's? or are you building it yourself?

[r2d2leboss]

Yes I'm using the silvio docker container adding your rest auth provider. Then, I build it myself. Here is the diff of the Dockerfile:

diff --git a/Dockerfile b/Dockerfile
index 2a9d5ee..dc39ef5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -62,6 +62,7 @@ RUN set -ex \
         libxml2-dev \
         libxslt1-dev \
         libxslt1.1 \
+        libyaml-dev \
         linux-headers-amd64 \
         make \
         pwgen \
@@ -90,7 +91,6 @@ RUN set -ex \
     apt-get autoremove -y \
         file \
         gcc \
-        git \
         libevent-dev \
         libffi-dev \
         libjpeg62-turbo-dev \
@@ -107,3 +107,8 @@ RUN set -ex \
     ; \
     apt-get autoremove -y ;\
     rm -rf /var/lib/apt/* /var/cache/apt/*
+
+RUN cd /tmp ;\
+    git clone https://github.com/maxidor/matrix-synapse-rest-auth.git ;\
+    cd matrix-synapse-rest-auth ;\
+    cp rest_auth_provider.py /usr/lib/python2.7/dist-packages/
\ No newline at end of file

Thanks @maxidor for considering this issue.

[maxidorius]

and what is your version of mxisd?

[r2d2leboss]

Directly your docker image available here https://hub.docker.com/r/kamax/mxisd (version latest / sha256:63dbb1738bed720773e07ac876d8c65ae1880ac2b484b67fc57815f8bada1537)

[maxidorius]

In the log, I see mxisd is contacted via HTTPS and not HTTP. If this was not a replacement on your part, I have a feeling you do not make synapse talk to mxisd directly (using an internal IP or DNS) and make it go through a reverse proxy or the like, which might change the request itself.

Could you double check please?

[r2d2leboss]

Thanks, you were right, it was the issue. I used the internal hostname in my docker-compose instead of the reverse proxy url and it works fine now.