Commit Graph

481 Commits

Author SHA1 Message Date
David Baker
c77048e12f Add endpoint that proxies ID server request token and errors if the given email is in use on this Home Server. 2015-08-04 14:37:09 +01:00
David Baker
7148aaf5d0 Don't try & check the username if we don't have one (which we won't if it's been saved in the auth layer) 2015-08-03 17:03:27 +01:00
Kegan Dougal
11b0a34074 Use the same reg paths as register v1 for ASes.
Namely this means using registration_handler.appservice_register.
2015-07-29 10:00:54 +01:00
Kegan Dougal
a4d62ba36a Fix v2_alpha registration. Add unit tests.
V2 Registration forced everyone (including ASes) to create a password for a
user, when ASes should be able to omit passwords. Also unbreak AS registration
in general which checked too early if the given username was claimed by an AS;
it was checked before knowing if the AS was the one doing the registration! Add
unit tests for AS reg, user reg and disabled_registration flag.
2015-07-28 17:34:12 +01:00
Mark Haines
2da3b1e60b Get the end-to-end key federation working 2015-07-24 18:26:46 +01:00
Mark Haines
62c010283d Add federation support for end-to-end key requests 2015-07-23 16:03:38 +01:00
Erik Johnston
459085184c Factor out thumbnail() 2015-07-23 15:59:53 +01:00
Erik Johnston
2b4f47db9c Generate local thumbnails on a thread 2015-07-23 14:52:29 +01:00
Erik Johnston
33d83f3615 Fix remote thumbnailing 2015-07-23 14:24:21 +01:00
Erik Johnston
ff7c2e41de Always return a thumbnail of the requested size.
Before, we returned a thumbnail that was at least as big (if possible)
as the requested size. Now, if we don't have a thumbnail of the given
size we generate (and persist) one of that size.
2015-07-23 14:12:49 +01:00
Erik Johnston
103e1c2431 Pick larger than desired thumbnail for 'crop' 2015-07-23 11:12:49 +01:00
David Baker
a56eccbbfc Query for all the ones we were asked about, not just the last... 2015-07-21 16:38:16 -07:00
Mark Haines
3b5823c74d s/take/claim/ for end to end key APIs 2015-07-20 18:23:54 +01:00
Kegan Dougal
ddef5ea126 Remove semicolon. 2015-07-20 14:02:36 +01:00
Kegan Dougal
b6ee0585bd Parse the ID given to /invite|ban|kick to make sure it looks like a user ID. 2015-07-20 13:55:19 +01:00
Erik Johnston
b6d4a4c6d8 Merge pull request #199 from matrix-org/erikj/receipts
Implement read receipts.
2015-07-16 18:18:36 +01:00
David Baker
09489499e7 pep8 + debug line 2015-07-15 19:39:18 +01:00
David Baker
4da05fa0ae Add back in support for remembering parameters submitted to a user-interactive auth call. 2015-07-15 19:28:57 +01:00
Matthew Hodgson
8cedf3ce95 bump up image quality a bit more as it looks crap 2015-07-14 23:53:13 +01:00
Erik Johnston
5989637f37 Merge branch 'develop' of github.com:matrix-org/synapse into erikj/receipts 2015-07-13 13:50:57 +01:00
Erik Johnston
b7cb37b189 Merge pull request #198 from matrix-org/markjh/client-end-to-end-key-management
Client end to end key management API
2015-07-10 13:36:17 +01:00
Mark Haines
a01097d60b Assume that each device for a user has only one of each type of key 2015-07-10 13:26:18 +01:00
Erik Johnston
f3049d0b81 Small tweaks to SAML2 configuration.
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
Erik Johnston
9158ad1abb Merge pull request #201 from EricssonResearch/msba/saml2-develop
Integrate SAML2 basic authentication - uses pysaml2
2015-07-10 10:25:56 +01:00
Mark Haines
bf0d59ed30 Don't bother with a timeout for one time keys on the server. 2015-07-09 14:04:03 +01:00
Muthu Subramanian
8cd34dfe95 Make SAML2 optional and add some references/comments 2015-07-09 13:34:47 +05:30
Muthu Subramanian
d2caa5351a code beautify 2015-07-09 12:58:15 +05:30
Erik Johnston
304343f4d7 Merge branch 'develop' of github.com:matrix-org/synapse into erikj/receipts 2015-07-08 15:37:33 +01:00
Muthu Subramanian
77c5db5977 code beautify 2015-07-08 16:05:20 +05:30
Muthu Subramanian
81682d0f82 Integrate SAML2 basic authentication - uses pysaml2 2015-07-08 15:36:54 +05:30
Erik Johnston
ca041d5526 Wire together receipts and the notifer/federation 2015-07-07 15:25:30 +01:00
Erik Johnston
e8b2f6f8a1 Add a ReceiptServlet 2015-07-07 10:55:22 +01:00
Mark Haines
2ef182ee93 Add client API for uploading and querying keys for end to end encryption 2015-07-06 18:47:57 +01:00
Erik Johnston
12b83f1a0d If user supplies filename in URL when downloading from media repo, use that name in Content Disposition 2015-07-03 11:24:55 +01:00
Erik Johnston
9beaedd164 Enforce ascii filenames for uploads 2015-06-30 10:31:59 +01:00
Erik Johnston
2124f668db Add Content-Disposition headers to media repo v1 downloads 2015-06-30 09:35:44 +01:00
Erik Johnston
fb7def3344 Remove access_token from synapse.rest.client.v1.transactions {get,store}_response logging 2015-06-16 10:09:43 +01:00
Erik Johnston
5730b20c6d Merge pull request #175 from matrix-org/erikj/thumbnail_thread
Thumbnail images on a seperate thread
2015-06-03 17:26:56 +01:00
Erik Johnston
2ef2f6d593 SYN-403: Make content repository use its own http client. 2015-06-03 10:17:37 +01:00
Erik Johnston
5044e6c544 Thumbnail images on a seperate thread 2015-06-02 15:39:08 +01:00
Erik Johnston
a7b65bdedf Add config option to turn off freezing events. Use new encode_json api and ujson.loads 2015-05-29 12:17:33 +01:00
Erik Johnston
9ba3c1ede4 Merge pull request #165 from matrix-org/bugs/SYN-390
SYN-390: Don't modify the dictionary returned from the data store
2015-05-26 10:20:36 +01:00
Mark Haines
a0bebeda8b SYN-390: Don't modify the dictionary returned from the data store 2015-05-26 10:14:15 +01:00
David Baker
c37a6e151f Make shared secret registration work again 2015-05-14 12:03:13 +01:00
Erik Johnston
fca28d243e Change the way we create observers to deferreds so that we don't get spammed by 'unhandled errors' 2015-05-08 16:28:08 +01:00
David Baker
eb9bd2d949 user_id now in user_threepids 2015-05-01 15:04:37 +01:00
Mark Haines
4ad8b45155 Merge branch 'develop' into key_distribution
Conflicts:
	synapse/config/homeserver.py
2015-04-29 13:15:14 +01:00
Mark Haines
46d200a3a1 Implement minimum_valid_until_ts in the remote key resource 2015-04-29 11:57:26 +01:00
Mark Haines
9182f87664 Merge pull request #126 from matrix-org/csauth
Client / Server Auth Refactor
2015-04-28 11:00:27 +01:00
Mark Haines
f8b865264a Merge branch 'develop' into key_distribution
Conflicts:
	synapse/crypto/keyring.py
2015-04-27 18:29:32 +01:00
Erik Johnston
e701aec2d1 Implement locks using create_observer for fetching media and server keys 2015-04-27 14:20:26 +01:00
David Baker
03c4f0ed67 pep8 2015-04-27 12:36:59 +01:00
David Baker
f1acb9fd40 logging args 2015-04-27 11:56:34 +01:00
David Baker
7ac8a60c6f More underscores 2015-04-24 11:44:27 +01:00
David Baker
a218619626 Use underscores instead of camelcase for id server stuff 2015-04-24 11:27:38 +01:00
Mark Haines
31e262e6b4 Copyright notice 2015-04-24 10:36:51 +01:00
Mark Haines
eede182df7 Merge branch 'develop' into key_distribution 2015-04-24 10:35:49 +01:00
Mark Haines
4e2f8b8722 Copyright notices 2015-04-24 10:35:29 +01:00
David Baker
6532b6e607 Merge branch 'develop' into csauth
Conflicts:
	synapse/http/server.py
2015-04-24 09:37:54 +01:00
David Baker
03eb4adc6e Dedicated error code for failed 3pid auth verification 2015-04-23 18:20:17 +01:00
Mark Haines
4bbf7156ef Update to match the specification for key/v2 2015-04-23 16:39:13 +01:00
Mark Haines
f30d47c876 Implement remote key lookup api 2015-04-22 14:21:08 +01:00
Mark Haines
3ba522bb23 Merge branch 'develop' into key_distribution 2015-04-21 17:10:25 +01:00
Mark Haines
812a99100b Set a version_string in BaseMediaResource so that the request_handler wrapper works 2015-04-21 16:43:58 +01:00
Mark Haines
1967650bc4 Combine the request wrappers in rest/media/v1 and http/server into a single wrapper decorator 2015-04-21 16:35:53 +01:00
Mark Haines
2f9157b427 Implement v2 key lookup 2015-04-20 16:23:47 +01:00
David Baker
8db6832db8 Password reset, finally. 2015-04-17 19:53:47 +01:00
David Baker
117f35ac4a Add endpoint to get threepids from server 2015-04-17 17:20:18 +01:00
David Baker
f96ab9d18d make add3pid servlet work 2015-04-17 16:44:49 +01:00
David Baker
0b1a8500a2 just the once would probably be fine 2015-04-17 13:53:54 +01:00
David Baker
cb03fafdf1 Merge branch 'develop' into csauth 2015-04-17 13:51:10 +01:00
David Baker
bf5e54f255 Register the 3pid servlet 2015-04-17 13:44:55 +01:00
David Baker
94e1e58b4d password -> account servlet and add start of an 'add 3pid' endpoint 2015-04-17 13:44:12 +01:00
David Baker
ea1776f556 Return user ID in use error straight away 2015-04-16 19:56:44 +01:00
David Baker
766bd8e880 Dummy login so we can do the first POST request to get login flows without it just succeeding 2015-04-15 17:14:25 +01:00
David Baker
a19b739909 Regstration with email in v2 2015-04-15 15:50:38 +01:00
Mark Haines
32e14d8181 Return a sha256 fingerprint rather than the entire tls certificate 2015-04-14 19:10:09 +01:00
Mark Haines
d488463fa3 Add a version 2 of the key server api 2015-04-14 16:04:52 +01:00
Mark Haines
3cbc286d06 Move server key api into rest/key/v1 2015-04-14 13:28:11 +01:00
David Baker
4eb6d66b45 Add app service auth back in to v2 register 2015-04-02 17:51:19 +01:00
David Baker
6b59650753 Throw sensible errors on not-json when allowing empty body 2015-04-02 17:45:16 +01:00
David Baker
41cd778d66 pep8 2015-04-02 17:06:17 +01:00
David Baker
70a84f17f3 Add shared secret auth into register v2 and switch the script over. 2015-04-02 17:01:29 +01:00
David Baker
e9c908ebc0 Completely replace fallback auth for C/S V2:
* Now only the auth part goes to fallback, not the whole operation
 * Auth fallback is a normal API endpoint, not a static page
 * Params like the recaptcha pubkey can just live in the config
Involves a little engineering on JsonResource so its servlets aren't always forced to return JSON. I should document this more, in fact I'll do that now.
2015-04-01 15:05:30 +01:00
David Baker
9f642a93ec pep8 2015-03-31 09:50:44 +01:00
Kegan Dougal
e7887e37a8 Remove appservice REST servlets 2015-03-31 09:32:40 +01:00
David Baker
59bf16eddc New registration for C/S API v2. Only ReCAPTCHA working currently. 2015-03-30 18:13:10 +01:00
David Baker
c1a256cc4c Allow multiple pushers for a single app ID & pushkey, honouring the 'append' flag in the API. 2015-03-25 19:06:22 +00:00
David Baker
c7023f2155 1) Pushers are now associated with an access token
2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it.
2015-03-24 17:24:15 +00:00
David Baker
d19e79ecc9 Make deleting other access tokens when you change your password actually work 2015-03-24 15:33:48 +00:00
David Baker
78adccfaf4 pep8 / pyflakes 2015-03-23 14:23:51 +00:00
David Baker
d98660a60d Implement password changing (finally) along with a start on making client/server auth more general. 2015-03-23 14:20:28 +00:00
Erik Johnston
f88db7ac0b Factor out user id validation checks 2015-03-18 11:34:18 +00:00
Erik Johnston
57976f646f Do more validation of incoming request 2015-03-18 11:30:04 +00:00
Erik Johnston
250e143084 Use 403 instead of 400 2015-03-16 13:11:42 +00:00
Erik Johnston
69135f59aa Implement registering with shared secret. 2015-03-13 15:23:37 +00:00
Matthew Hodgson
f55bd3f94b bump dep on syweb 0.6.5 2015-03-12 18:56:53 +00:00
David Baker
04f8478aaa Add the master push rule for the break-my-push button. Allow server default rules to be disabled by default. 2015-03-10 17:26:25 +00:00
David Baker
92b3dc3219 Merge branch 'develop' into pushrules2 2015-03-04 14:56:41 +00:00
David Baker
6fab7bd2c1 s/user_name/user/ as per mjark's comment 2015-03-02 18:17:19 +00:00
David Baker
09f9e8493c Oops, missed a replacement. 2015-03-02 17:37:22 +00:00
David Baker
20436cdf75 Blank lines 2015-03-02 15:58:12 +00:00
David Baker
2a6dedd7cc It's set_tweak now, not set_sound 2015-02-27 18:38:56 +00:00
Kegan Dougal
16b90764ad Convert expected format for AS regex to include exclusivity.
Previously you just specified the regex as a string, now it expects a JSON
object with a 'regex' key and an 'exclusive' boolean, as per spec.
2015-02-27 10:44:32 +00:00
David Baker
1959088156 Add API for getting/setting enabled-ness of push rules. 2015-02-26 18:07:44 +00:00
David Baker
a025055643 SYWEB-278 Don't allow rules with no rule_id. 2015-02-25 14:02:38 +00:00
Erik Johnston
15e2d7e387 Always allow AS to register 2015-02-20 11:39:53 +00:00
Erik Johnston
0722f982d3 Disable registration if config option was set. 2015-02-19 14:22:20 +00:00
Mark Haines
6375bd3e33 SYN-282: Don't log tracebacks for client errors 2015-02-18 12:01:37 +00:00
Mark Haines
0d872f5aa6 Merge pull request #50 from matrix-org/application-services
Application Services
2015-02-13 15:06:14 +00:00
Erik Johnston
4ebbaf0d43 Blunty replace json with simplejson 2015-02-11 14:23:10 +00:00
Kegan Dougal
14d413752b Fix newline on __init__ 2015-02-11 10:53:47 +00:00
Kegan Dougal
fd40d992ad PEP8-ify 2015-02-11 10:41:33 +00:00
Kegan Dougal
8beb613916 Add newline to EOF 2015-02-11 10:36:48 +00:00
Kegan Dougal
c7783d6fee Notify ASes for events sent by other users in a room which an AS user is a part of. 2015-02-11 10:36:08 +00:00
Kegan Dougal
9978c5c103 Merge branch 'develop' into application-services 2015-02-11 10:03:24 +00:00
Mark Haines
84a769cdb7 Fix code-style 2015-02-10 17:58:36 +00:00
Mark Haines
b085fac735 Code-style fixes 2015-02-10 16:30:48 +00:00
Kegan Dougal
53557fc532 Merge branch 'develop' into application-services 2015-02-09 15:20:56 +00:00
Erik Johnston
24cc6979fb Log when we receive a request, when we send a response and how long it took to process it. 2015-02-09 13:46:22 +00:00
Matthew Hodgson
582019f870 ...and here's the actual impl. git fail. 2015-02-07 13:32:14 +00:00
Matthew Hodgson
e117bc3fc5 thou shalt specify a content-length 2015-02-07 12:56:21 +00:00
Matthew Hodgson
34c39398fa i hate weakly typed languages 2015-02-07 12:55:13 +00:00
Kegan Dougal
c3ae8def75 Grant ASes the ability to delete aliases in their own namespace. 2015-02-06 11:32:07 +00:00
Kegan Dougal
e426df8e10 Grant ASes the ability to create alias in their own namespace.
Add a new errcode type M_EXCLUSIVE when users try to create aliases inside
AS namespaces, and when ASes try to create aliases outside their own
namespace.
2015-02-06 10:57:14 +00:00
Kegan Dougal
0227618d3c Add m.login.application_service registration procedure.
This allows known application services to register any user ID under their
own user namespace(s).
2015-02-05 17:29:27 +00:00
Kegan Dougal
c20281ee33 Merge branch 'develop' into application-services 2015-02-05 16:11:34 +00:00
David Baker
a93fa42bce priority class now dealt with in namespaced rule_id 2015-02-05 15:45:16 +00:00
Kegan Dougal
fc8bcc809d Merge branch 'develop' into application-services 2015-02-05 15:32:45 +00:00
David Baker
aaf50bf6f3 Give server default rules the 'default' attribute and fix various brokenness. 2015-02-05 15:11:38 +00:00
David Baker
2df41aa138 Server default rules now of all kinds rather than all being at lowest prio. 2015-02-05 14:46:37 +00:00
David Baker
f90782a658 namespace rule IDs to be unique within their scope and rule type. 2015-02-05 14:46:37 +00:00
Kegan Dougal
951690e54d Merge branch 'develop' into application-services 2015-02-05 14:28:03 +00:00
Kegan Dougal
27091f146a Add hs_token column and generate a different token f.e application service. 2015-02-05 10:08:12 +00:00
David Baker
2e77ba637a More s/instance_handle/profile_tag/ 2015-02-04 16:24:15 +00:00
Kegan Dougal
ce8bc642ae Merge branch 'develop' into application-services 2015-02-04 15:31:02 +00:00
David Baker
dc7bb70f22 s/instance_handle/profile_tag/ 2015-02-03 16:51:07 +00:00
Mark Haines
1bb0528316 Add Cache-Control header to identicon 2015-02-02 16:57:26 +00:00
Mark Haines
f2eda123b7 Fix setting identicon width and height 2015-02-02 16:32:33 +00:00
Mark Haines
038f5afb07 Spell height more correctly 2015-02-02 16:29:18 +00:00
Mark Haines
22c1ffb0a0 Add a media/v1/identicon resource for generating identicons using pydenticon 2015-02-02 16:02:31 +00:00
Kegan Dougal
c059c9fea5 Merge branch 'develop' into application-services
Conflicts:
	synapse/handlers/__init__.py
	synapse/storage/__init__.py
2015-02-02 15:57:59 +00:00
David Baker
b4b892f4a3 Spit out server default rules too. 2015-01-30 15:54:51 +00:00
Mark Haines
6dc92d3427 Merge pull request #41 from matrix-org/client_v2_sync
Client v2 sync
2015-01-30 15:54:25 +00:00
David Baker
4ffac34a64 Add glob asterisks when running rules.
Means that now you can't do exact matches even in override rules,
but I think we can live with that. Advantage is that you'll now
always get back what was put in to the API.
2015-01-30 15:03:56 +00:00
Erik Johnston
471c47441d Merge pull request #37 from matrix-org/client_v2_filter
Client v2 filter
2015-01-30 14:56:08 +00:00
Mark Haines
4a67834bc8 Pass client info to the sync_config 2015-01-30 11:50:15 +00:00
Mark Haines
22dd1cde2d Filter the recent events before applying the limit when doing an incremental sync with a gap 2015-01-30 11:32:35 +00:00
Mark Haines
365a186729 Add basic filtering support 2015-01-29 18:11:28 +00:00
Mark Haines
7ceda8bf3d Merge branch 'client_v2_filter' into client_v2_sync 2015-01-29 18:04:07 +00:00