From c9723a1c1fbae1cc172fc9257fd1f1f259d2a23f Mon Sep 17 00:00:00 2001 From: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Date: Thu, 13 Apr 2023 15:08:00 +0200 Subject: [PATCH] Only load the SSO redirect servlet if SSO is enabled. (#15421) --- changelog.d/15421.misc | 1 + synapse/rest/client/login.py | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 changelog.d/15421.misc diff --git a/changelog.d/15421.misc b/changelog.d/15421.misc new file mode 100644 index 0000000000..5deea3ac5b --- /dev/null +++ b/changelog.d/15421.misc @@ -0,0 +1 @@ +Only load the SSO redirect servlet if SSO is enabled. \ No newline at end of file diff --git a/synapse/rest/client/login.py b/synapse/rest/client/login.py index 32c2f5ce0c..a348720131 100644 --- a/synapse/rest/client/login.py +++ b/synapse/rest/client/login.py @@ -675,7 +675,12 @@ def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None: and hs.config.registration.refreshable_access_token_lifetime is not None ): RefreshTokenServlet(hs).register(http_server) - SsoRedirectServlet(hs).register(http_server) + if ( + hs.config.cas.cas_enabled + or hs.config.saml2.saml2_enabled + or hs.config.oidc.oidc_enabled + ): + SsoRedirectServlet(hs).register(http_server) if hs.config.cas.cas_enabled: CasTicketServlet(hs).register(http_server)