Open ara4n opened 5 years ago
For now displayname is recorded to the user profile only when you first log in using SSO. If user's record already exists in the synapse database, the displayname from SSO source is ignored.
When I have a single identity provider that provides displayname atribute, I expect that the change of the displayname will spread to all integrated systems.
what would be the mechanism for getting updates from the IdP to synapse? Would the update only happen when the user re-authenticates?
Would the update only happen when the user re-authenticates?
I think that would be enough. In combination with _sessionlifetime - this will give you the actual display name for homeserver users.
This can be made easy with:
self._profile_handler = hs.get_profile_handler()
and
if not registered_user_id:
registered_user_id, _ = (
yield self._registration_handler.register(
localpart=localpart,
generate_token=False,
default_display_name=user_display_name,
)
)
elif user_display_name:
self._profile_handler.set_displayname(
UserID.from_string(user_id),
create_requester(user_id),
user_display_name
)
Any update to this?
See also #7023
Looks like we'd need to add an extra step somewhere in here:
that updates the user's mutable attributes (so not their UserID) if they've changed based off the response we get back from the IdP.
A solution is proposed in #10108
https://github.com/matrix-org/synapse/pull/10108 introduces a new config option, sso.update_profile_information
, which when enabled will override Matrix profile information from an SSO identity provider.
For now, only the display name is supported - I'm not sure whether we want to keep this issue open until other fields are supported as well, but given the issue's title I suspect so.
User information from OIDC is only fetch at the initial user creation and never again. If you add the email_template to the user_mapping_provider later existing users will not be updated. If a users email changes this change is never reflected. If you set the log level of the sso and oidc handler and log in with existing and new accounts it's clearly visible that user information is only fetched and successfully stored with the initial user creation.
Originally posted by @loelkes in https://github.com/matrix-org/synapse/issues/12605#issuecomment-1127586358
Profile only gets updated via on_successful_auth at registration, says @slipeer