use of login_with_email_allowed at caller level

2025-07-30 15:15:40 +02:00
parent 0e79ed5268
commit 70cf833f0d
2 changed files with 19 additions and 44 deletions
--- a/crates/data-model/src/oauth2/authorization_grant.rs
+++ b/crates/data-model/src/oauth2/authorization_grant.rs
@@ -179,28 +179,22 @@ impl AuthorizationGrant {
    ///
    /// Returns `LoginHint::MXID` for valid mxid 'mxid:@john.doe:example.com'
    ///
-    /// Returns `LoginHint::Email` for valid email 'john.doe@example.com' if
-    /// email supports is enabled
+    /// Returns `LoginHint::Email` for valid email 'john.doe@example.com'
    ///
    /// Otherwise returns `LoginHint::None`
    #[must_use]
-    pub fn parse_login_hint(&self, homeserver: &str, login_with_email_allowed: bool) -> LoginHint {
+    pub fn parse_login_hint(&self, homeserver: &str) -> LoginHint {
        let Some(login_hint) = &self.login_hint else {
            return LoginHint::None;
        };

        let Some((prefix, value)) = login_hint.split_once(':') else {
-            // If email supports for login_hint is enabled
-            if login_with_email_allowed {
-                // Validate the email
-                let Ok(address) = lettre::Address::from_str(login_hint) else {
-                    // Return none if the format is incorrect
-                    return LoginHint::None;
-                };
-                return LoginHint::Email(address);
-            }
-            // Unknown hint type, treat as none
-            return LoginHint::None;
+            // Validate the email
+            let Ok(address) = lettre::Address::from_str(login_hint) else {
+                // Return none if the format is incorrect
+                return LoginHint::None;
+            };
+            return LoginHint::Email(address);
        };

        match prefix {
@@ -308,7 +302,7 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", false);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::None));
    }
@@ -326,7 +320,7 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", false);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::MXID(mxid) if mxid.localpart() == "example-user"));
    }
@@ -344,29 +338,11 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", true);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::Email(email) if email.to_string() == "example@user"));
    }

-    #[test]
-    fn valid_login_hint_with_email_when_login_with_email_not_allowed() {
-        #[allow(clippy::disallowed_methods)]
-        let mut rng = thread_rng();
-
-        #[allow(clippy::disallowed_methods)]
-        let now = Utc::now();
-
-        let grant = AuthorizationGrant {
-            login_hint: Some(String::from("example@user")),
-            ..AuthorizationGrant::sample(now, &mut rng)
-        };
-
-        let hint = grant.parse_login_hint("example.com", false);
-
-        assert!(matches!(hint, LoginHint::None));
-    }
-
    #[test]
    fn invalid_login_hint() {
        #[allow(clippy::disallowed_methods)]
@@ -380,7 +356,7 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", false);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::None));
    }
@@ -398,7 +374,7 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", false);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::None));
    }
@@ -416,7 +392,7 @@ mod tests {
            ..AuthorizationGrant::sample(now, &mut rng)
        };

-        let hint = grant.parse_login_hint("example.com", false);
+        let hint = grant.parse_login_hint("example.com");

        assert!(matches!(hint, LoginHint::None));
    }
--- a/crates/handlers/src/views/login.rs
+++ b/crates/handlers/src/views/login.rs
@@ -387,13 +387,12 @@ fn handle_login_hint(
    }

    if let PostAuthContextInner::ContinueAuthorizationGrant { ref grant } = next.ctx {
-        let value = match grant.parse_login_hint(
-            homeserver.homeserver(),
-            site_config.login_with_email_allowed,
-        ) {
+        let value = match grant.parse_login_hint(homeserver.homeserver()) {
            LoginHint::MXID(mxid) => Some(mxid.localpart().to_owned()),
-            LoginHint::Email(email) => Some(email.to_string()),
-            LoginHint::None => None,
+            LoginHint::Email(email) if site_config.login_with_email_allowed => {
+                Some(email.to_string())
+            }
+            _ => None,
        };
        form_state.set_value(LoginFormField::Username, value);
    }