When trying to set up Complement against Venator, it failed on many tests because it couldn't register a user - Synapse admin registration isn't available, so it has to use RegisterUser. I'll use TestWriteMDirectAccountData as the example here because it was the first that ran.
After setting up the deployment, complement attempts to register users:
|
deployment := complement.Deploy(t, 1) |
|
defer func() { |
|
// additional logging to debug https://github.com/matrix-org/synapse/issues/13334 |
|
t.Logf("%s: TestWriteMDirectAccountData complete: destroying HS deployment", time.Now()) |
|
deployment.Destroy(t) |
|
}() |
|
|
|
alice := deployment.Register(t, "hs1", helpers.RegistrationOpts{}) |
|
bob := deployment.Register(t, "hs1", helpers.RegistrationOpts{}) |
Deployment.Register uses standard client registration (/_matrix/client/v3/register) if synapse admin isn't available:
|
var userID, accessToken, deviceID string |
|
if opts.IsAdmin { |
|
userID, accessToken, deviceID = client.RegisterSharedSecret(t, localpart, password, opts.IsAdmin) |
|
} else { |
|
userID, accessToken, deviceID = client.RegisterUser(t, localpart, password) |
|
} |
CSApi.RegisterUser then attempts to register a user via UIA:
|
func (c *CSAPI) RegisterUser(t ct.TestLike, localpart, password string) (userID, accessToken, deviceID string) { |
|
t.Helper() |
|
reqBody := map[string]interface{}{ |
|
"auth": map[string]string{ |
|
"type": "m.login.dummy", |
|
}, |
|
"username": localpart, |
|
"password": password, |
|
} |
|
res := c.MustDo(t, "POST", []string{"_matrix", "client", "v3", "register"}, WithJSONBody(t, reqBody)) |
|
|
However it does so by trying to one-shot the authentication flow. This is not spec-compliant behaviour,. which instead mandates clients must receive an auth session ID from a challenge response before continuing with a flow. Venator strictly enforces this, so registration fails, as there is no auth session to complete.
Related issue for the same problem for Element Web which may provide additional context: element-hq/element-web#33179
Relevant complement logs:
Details
❌ TestWriteMDirectAccountData (FAIL; 23.22s)
direct_messaging_test.go:24: Deploy times: 16.342173056s blueprints, 5.626827524s containers
client.go:860: [CSAPI] POST hs1/_matrix/client/v3/register => 401 Unauthorized (423.99µs)
deployment.go:133: CSAPI.MustDo POST http://127.0.0.1:32965/_matrix/client/v3/register returned non-2xx code: 401 Unauthorized - body: {"flows":[{"stages":["m.login.dummy"]}],"session":"3HOhe4vUuesi7pdBXa3rP55D9b5p582p"}
direct_messaging_test.go:27: 2026-07-13 21:30:13.77868982 +0100 BST m=+23.303586837: TestWriteMDirectAccountData complete: destroying HS deployment
2026/07/13 21:30:15 ============================================
2026/07/13 21:30:15 33e29fc49cf9a9aa65fb9b55aa20b285a309c40dcc5f6063fb6f865e3a58c533 : Server logs:
+ venatorctl run
Overriding server name: hs1
Overriding TLS certificate: /venator/hs1.crt + /venator/hs1.key
=== Venator v0.1.0a2+gunknown ===
Initialising logging
Switching output to configured logging stream
2026-07-13T20:30:08Z WRN Open registration is enabled, you likely do not want this
2026-07-13T20:30:08Z INF Initialising server
2026-07-13T20:30:08Z TRC Opening database connection database_url=postgresql://venator:venator@127.0.0.1:5432/venator?sslmode=disable
2026-07-13T20:30:08Z DBG Opened database connection
2026-07-13T20:30:08Z INF database > Database logger attached.
2026-07-13T20:30:08Z DBG Initialising media repository
2026-07-13T20:30:08Z INF DeviceManager.worker > Worker starting
2026-07-13T20:30:08Z INF ServerNoticeManager.worker > Worker starting
2026-07-13T20:30:08Z DBG Initialised media repository
2026-07-13T20:30:08Z DBG Federation is disabled - skipping init
2026-07-13T20:30:08Z DBG Initialising router
2026-07-13T20:30:08Z DBG Initialised router
2026-07-13T20:30:08Z DBG Running database migrations
2026-07-13T20:30:09Z INF database > Preparing to update database schema current_version=0 latest_known_version=21 oldest_compatible_version=0
2026-07-13T20:30:09Z INF database > Upgrading database description="Current schema" from=0 to=21 txn_mode=on
2026-07-13T20:30:09Z DBG Finished running database migrations elapsed_ms=267
2026-07-13T20:30:09Z DBG Fetching owned signing key
2026-07-13T20:30:09Z WRN No active owned signing key found, generating a new one
2026-07-13T20:30:09Z INF Generated new signing key key_id=ed25519:Es5FSA
2026-07-13T20:30:09Z DBG Fetched signing key key_id=ed25519:Es5FSA
2026-07-13T20:30:09Z DBG Deleting unused media IDs
2026-07-13T20:30:09Z TRC Server initialised elapsed_ms=320
2026-07-13T20:30:09Z INF Passing off server startup to server instance
2026-07-13T20:30:09Z INF Starting 2 listeners...
2026-07-13T20:30:09Z INF Server started. ^C to shut down.
2026-07-13T20:30:09Z INF Starting listener address=:8448 protocol=tcp tls=true
2026-07-13T20:30:09Z INF Starting listener address=:8008 protocol=tcp tls=false
2026-07-13T20:30:09Z DBG Starting server on listener address=:8448 protocol=tcp tls=true
2026-07-13T20:30:09Z DBG Starting server on listener address=:8008 protocol=tcp tls=false
2026-07-13T20:30:13Z TRC Handled request bytes_written=85 elapsed_ms=0 ip=172.18.0.1 method=POST path=/_matrix/client/v3/register request=WRQU0LHONfLL status=401
2026-07-13T20:30:13Z TRC Request complete
2026/07/13 21:30:15 ============== 33e29fc49cf9a9aa65fb9b55aa20b285a309c40dcc5f6063fb6f865e3a58c533 : END LOGS ==============
When trying to set up Complement against Venator, it failed on many tests because it couldn't register a user - Synapse admin registration isn't available, so it has to use
RegisterUser. I'll useTestWriteMDirectAccountDataas the example here because it was the first that ran.After setting up the deployment, complement attempts to register users:
complement/tests/direct_messaging_test.go
Lines 24 to 32 in f002aff
Deployment.Registeruses standard client registration (/_matrix/client/v3/register) if synapse admin isn't available:complement/internal/docker/deployment.go
Lines 129 to 134 in f002aff
CSApi.RegisterUserthen attempts to register a user via UIA:complement/client/auth.go
Lines 103 to 113 in f002aff
However it does so by trying to one-shot the authentication flow. This is not spec-compliant behaviour,. which instead mandates clients must receive an
authsession ID from a challenge response before continuing with a flow. Venator strictly enforces this, so registration fails, as there is no auth session to complete.Related issue for the same problem for Element Web which may provide additional context: element-hq/element-web#33179
Relevant complement logs:
Details