Tulir Asokan
a4b1f64562
Fix /refresh endpoint version ( #14364 )
2022-11-04 16:43:51 +00:00
Quentin Gliech
cc3a52b33d
Support OIDC backchannel logouts ( #11414 )
...
If configured an OIDC IdP can log a user's session out of
Synapse when they log out of the identity provider.
The IdP sends a request directly to Synapse (and must be
configured with an endpoint) when a user logs out.
2022-10-31 13:07:30 -04:00
Quentin Gliech
9192d74b0b
Refactor OIDC tests to better mimic an actual OIDC provider. ( #13910 )
...
This implements a fake OIDC server, which intercepts calls to the HTTP client.
Improves accuracy of tests by covering more internal methods.
One particular example was the ID token validation, which previously mocked.
This uncovered an incorrect dependency: Synapse actually requires at least
authlib 0.15.1, not 0.14.0.
2022-10-25 14:25:02 +00:00
Brendan Abolivier
be76cd8200
Allow admins to require a manual approval process before new accounts can be used (using MSC3866) ( #13556 )
2022-09-29 15:23:24 +02:00
reivilibre
7b88f5a107
Add an option allowing users to use their password to reauthenticate even though password authentication is disabled. ( #12883 )
2022-05-27 09:44:51 +00:00
Dirk Klimpel
64c73c6ac8
Add type hints to tests/rest/client
( #12066 )
2022-02-23 08:33:19 -05:00
reivilibre
235d2916ce
Fix slow performance of /logout
in some cases where refresh tokens are in use. The slowness existed since the initial implementation of refresh tokens. ( #12056 )
2022-02-22 13:29:04 +00:00
reivilibre
365e9482fe
Use HTTPStatus constants in place of literals in tests.rest.client.test_auth
. ( #11520 )
2021-12-08 14:54:47 +00:00
reivilibre
2d42e586a8
Fix the test breakage introduced by #11435 as a result of concurrent PRs ( #11522 )
2021-12-07 10:49:39 +00:00
reivilibre
2f053f3f82
Stabilise support for MSC2918 refresh tokens as they have now been merged into the Matrix specification. ( #11435 )
2021-12-06 19:11:43 +00:00
reivilibre
637df95de6
Support configuring the lifetime of non-refreshable access tokens separately to refreshable access tokens. ( #11445 )
2021-12-03 16:42:44 +00:00
reivilibre
1b6691dce4
Update MSC2918 refresh token support to confirm with the latest revision: accept the refresh_tokens
parameter in the request body rather than in the URL parameters. ( #11430 )
2021-11-26 19:06:16 +00:00
reivilibre
1d8b80b334
Support expiry of refresh tokens and expiry of the overall session when refresh tokens are in use. ( #11425 )
2021-11-26 14:27:14 +00:00
reivilibre
f25c75d376
Rename unstable access_token_lifetime
configuration option to refreshable_access_token_lifetime
to make it clear it only concerns refreshable access tokens. ( #11388 )
2021-11-23 17:01:34 +00:00
David Robertson
ecd823d766
Flatten tests/rest/client/{v1,v2_alpha} too ( #10667 )
2021-08-20 17:50:44 +01:00