Daniel Wagner-Hall
2d3462714e
Issue macaroons as opaque auth tokens
...
This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.
In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.
Follow-up commits will actually enforce the expiration, and allow for
token refresh.
See https://bit.ly/matrix-auth for more information
2015-08-18 14:22:02 +01:00
Mark Haines
7bbaab9432
Fix the --generate-keys option. Make it do the same thing as --generate-config does when the config file exists, but without printing a warning
2015-08-12 11:57:37 +01:00
Paul "LeoNerd" Evans
e3c8e2c13c
Add a --generate-keys option
2015-08-07 16:42:27 +01:00
Paul "LeoNerd" Evans
efe60d5e8c
Only print the pidfile path on startup if requested by a commandline flag
2015-08-07 16:36:42 +01:00
Erik Johnston
90dbd71c13
Merge branch 'master' of github.com:matrix-org/synapse into develop
2015-07-21 09:25:30 +01:00
David Baker
62b4b72fe4
Close, but no cigar.
2015-07-14 10:33:25 +01:00
Erik Johnston
f3049d0b81
Small tweaks to SAML2 configuration.
...
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
Erik Johnston
9158ad1abb
Merge pull request #201 from EricssonResearch/msba/saml2-develop
...
Integrate SAML2 basic authentication - uses pysaml2
2015-07-10 10:25:56 +01:00
Erik Johnston
294dbd712f
We don't want semicolons.
2015-07-09 11:47:24 +01:00
Muthu Subramanian
8cd34dfe95
Make SAML2 optional and add some references/comments
2015-07-09 13:34:47 +05:30
Matthew Hodgson
fb8d2862c1
remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates
2015-07-09 00:45:41 +01:00
Matthew Hodgson
8ad2d2d1cb
document tls_certificate_chain_path more clearly
2015-07-09 00:06:01 +01:00
Matthew Hodgson
f26a3df1bf
oops, context.tls_certificate_chain_file() expects a file, not a certificate.
2015-07-08 21:33:02 +01:00
Matthew Hodgson
465acb0c6a
*cough*
2015-07-08 18:30:59 +01:00
Matthew Hodgson
64afbe6ccd
add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs
2015-07-08 18:20:02 +01:00
Matthew Hodgson
04192ee05b
typo
2015-07-08 17:49:15 +01:00
Muthu Subramanian
f53bae0c19
code beautify
2015-07-08 16:05:46 +05:30
Muthu Subramanian
81682d0f82
Integrate SAML2 basic authentication - uses pysaml2
2015-07-08 15:36:54 +05:30
Eric Myhre
9e5a353663
Make upload dir a configurable path.
...
Fixes SYN-425.
Signed-off-by: Eric Myhre <hash@exultant.us>
2015-06-18 23:38:20 -05:00
Paul "LeoNerd" Evans
9a3cd1c00d
Correct -H SERVER_NAME in config-missing complaint message
2015-06-16 16:03:35 +01:00
Erik Johnston
9d0326baa6
Remove redundant newline
2015-06-15 11:27:29 +01:00
Erik Johnston
186f61a3ac
Document listener config. Remove deprecated config options
2015-06-15 11:25:53 +01:00
Erik Johnston
a005b7269a
Add backwards compat support for metrics, manhole and webclient config options
2015-06-12 17:44:23 +01:00
Erik Johnston
9c5fc81c2d
Correctly handle x_forwaded listener option
2015-06-12 17:13:23 +01:00
Erik Johnston
fd2c07bfed
Use config.listeners
2015-06-12 15:33:07 +01:00
Erik Johnston
f7f07dc517
Begin changing the config format
2015-06-11 15:48:52 +01:00
Erik Johnston
522f285f9b
Add config option to disable compression of http responses
2015-06-01 13:36:30 +01:00
Mark Haines
d70c847b4f
Merge pull request #170 from matrix-org/markjh/SYT-8-recaptcha
...
Allow endpoint for verifying recaptcha to be configured
2015-05-29 15:32:54 +01:00
Mark Haines
784aaa53df
Merge branch 'develop' into markjh/SYT-8-recaptcha
...
Conflicts:
synapse/handlers/auth.py
2015-05-29 13:49:44 +01:00
Erik Johnston
a7b65bdedf
Add config option to turn off freezing events. Use new encode_json api and ujson.loads
2015-05-29 12:17:33 +01:00
Mark Haines
d94590ed48
Add config for setting the recaptcha verify api endpoint, so we can test it in sytest
2015-05-29 12:11:40 +01:00
Erik Johnston
36b3b75b21
Registration should be disabled by default
2015-05-28 11:01:34 +01:00
Erik Johnston
1ce1509989
s/metric_interface/metric_bind_host/
2015-05-22 14:51:22 +01:00
Erik Johnston
59a0682f3e
Enable changing the interface the metrics listener binds to
2015-05-22 13:13:07 +01:00
David Baker
97a64f3ebe
Merge branch 'develop' of github.com:matrix-org/synapse into develop
2015-05-07 09:33:42 +01:00
David Baker
b850c9fa04
Typo
2015-05-07 09:33:30 +01:00
Mark Haines
e45b05647e
Fix the --help option for synapse
2015-05-05 17:39:59 +01:00
Mark Haines
3bcdf3664c
Use the daemonize key from the config if it exists
2015-05-01 14:34:55 +01:00
Mark Haines
46a65c282f
Allow generate-config to run against an existing config file to generate default keys
2015-05-01 13:54:38 +01:00
Mark Haines
50c87b8eed
Allow "manhole" to be ommited from the config
2015-04-30 18:11:47 +01:00
Mark Haines
345995fcde
Remove the ~, comment the lines instead
2015-04-30 18:10:19 +01:00
Mark Haines
62cebee8ee
Update key.py
2015-04-30 17:54:01 +01:00
Mark Haines
95cbfee8ae
Update metrics.py
2015-04-30 17:52:20 +01:00
Mark Haines
2d4d2bbae4
Merge branch 'develop' into markjh/config_cleanup
...
Conflicts:
synapse/config/captcha.py
2015-04-30 16:54:55 +01:00
Mark Haines
2f1348f339
Write a default log_config when generating config
2015-04-30 16:52:57 +01:00
David Baker
5b02f33451
Undo changes to logger config, ie. remove the access_log_file option: decision is to support this through log_config rather tan adding an option.
2015-04-30 16:21:39 +01:00
David Baker
054aa0d58c
Do access log using python's logging stuff, just under a separate logger name
2015-04-30 16:21:38 +01:00
Mark Haines
74aaacf82a
Don't break when sizes or durations are given as integers
2015-04-30 16:04:02 +01:00
Mark Haines
c28f1d16f0
Add a random string to the auto generated key id
2015-04-30 15:13:14 +01:00
Mark Haines
265f30bd3f
Allow --enable-registration to be passed on the commandline
2015-04-30 15:04:06 +01:00