Brendan Abolivier
600ec04739
Make sure we're not registering the same 3pid twice
2019-04-17 14:23:01 +01:00
Erik Johnston
fd2fcb817c
Merge pull request #5070 from matrix-org/erikj/postpath
...
Remove usage of request.postpath
2019-04-17 09:03:26 +01:00
Erik Johnston
ad010f6306
Remove usage of request.postpath
...
This is an undocumented variable in twisted, and relies on the servlet
being mounted in the right way.
This also breaks getting push rules on workers.
2019-04-16 17:42:50 +01:00
Erik Johnston
6e27a8620f
Merge pull request #5063 from matrix-org/erikj/move_endpoints
...
Move some rest endpoints to client reader
2019-04-15 18:55:01 +01:00
Erik Johnston
ec638a1602
Only handle GET requests for /push_rules
2019-04-15 18:51:48 +01:00
Andrew Morgan
caa76e6021
Remove periods from copyright headers ( #5046 )
2019-04-11 17:08:13 +01:00
Erik Johnston
c192bf8970
Add admin API for group deletion
2019-04-03 16:29:52 +01:00
Andrew Morgan
4a4d5c4fd6
Fix grammar and document get_current_users_in_room ( #4998 )
2019-04-03 14:32:20 +01:00
Neil Johnson
e8419554ff
Remove presence lists ( #4989 )
...
Remove presence list support as per MSC 1819
2019-04-03 11:11:15 +01:00
Erik Johnston
8f549c1177
Merge pull request #4982 from matrix-org/erikj/msc1915
...
Implement MSC1915 - 3PID unbind APIs
2019-04-03 11:07:09 +01:00
Erik Johnston
862d6e5ba5
Add unbind API to /r0 as it is now stabalised
2019-04-01 15:25:19 +01:00
Erik Johnston
057715aaa2
Allowing specifying IS to use in unbind API.
...
By default the homeserver will use the identity server used during the
binding of the 3PID to unbind the 3PID. However, we need to allow
clients to explicitly ask the homeserver to unbind via a particular
identity server, for the case where the 3PID was bound out of band from
the homeserver.
Implements MSC915.
2019-04-01 15:25:18 +01:00
Richard van der Hoff
54a87a7b08
Collect room-version variations into one place ( #4969 )
...
Collect all the things that make room-versions different to one another into
one place, so that it's easier to define new room versions.
2019-04-01 10:24:38 +01:00
Neil Johnson
c7296bcb98
remove log line for password ( #4965 )
...
Remove log line for password.
2019-03-28 17:38:01 +00:00
Andrew Morgan
bbd244c7b2
Support 3PID login in password providers ( #4931 )
...
Adds a new method, check_3pid_auth, which gives password providers
the chance to allow authentication with third-party identifiers such
as email or msisdn.
2019-03-26 17:48:30 +00:00
Erik Johnston
3959858eaa
Merge pull request #4904 from matrix-org/erikj/fix_shutdown
...
Fixup shutdown room API
2019-03-21 11:24:42 +00:00
Erik Johnston
aa959a6c07
Use flags
2019-03-20 17:40:29 +00:00
Erik Johnston
72a14860ab
Gracefully handle failing to kick user
2019-03-20 16:54:21 +00:00
Erik Johnston
6b28890543
Log new room ID
2019-03-20 16:52:28 +00:00
Erik Johnston
320667a479
Add option to disable searching in the user dir
...
We still populate it, as it can still be accessed via the admin API.
2019-03-19 16:40:19 +00:00
Brendan Abolivier
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
Matthew Hodgson
2326e00bc4
fix incorrect encoding of filenames with spaces in ( #2090 )
...
fixes https://github.com/vector-im/riot-web/issues/3155
2019-03-11 09:53:45 +00:00
Erik Johnston
b879870b2d
Send message after room has been shutdown
...
Currently the explanation message is sent to the abuse room before any
users are forced joined, which means it tends to get lost in the backlog
of joins.
So instead we send the message *after* we've forced joined everyone.
2019-03-06 17:35:11 +00:00
Brendan Abolivier
6f3cde8b25
Make registration ratelimiter separate from the main events one
2019-03-06 11:02:42 +00:00
Brendan Abolivier
f4195f4118
Revert "Split ratelimiters in two (one for events, one for registration)"
...
This reverts commit d7dbad3526
.
2019-03-06 10:55:22 +00:00
Brendan Abolivier
d7dbad3526
Split ratelimiters in two (one for events, one for registration)
2019-03-05 18:41:27 +00:00
Erik Johnston
16c8b4ecbd
Merge pull request #4772 from jbweston/jbweston/server-version-api
...
Add 'server_version' endpoint to admin API
2019-03-05 16:31:00 +00:00
Brendan Abolivier
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
Joseph Weston
1e8388b311
Add 'server_version' endpoint to admin API
...
This is required because the 'Server' HTTP header is not always
passed through proxies.
2019-03-01 09:56:58 +01:00
Richard van der Hoff
68f47d6744
Fix parsing of Content-Disposition headers ( #4763 )
...
* Fix parsing of Content-Disposition headers
TIL: filenames in content-dispostion headers can contain semicolons, and aren't
%-encoded.
* fix python2 incompatibility
* Fix docstrings
2019-02-27 14:29:10 -08:00
Erik Johnston
899a119c2b
Don't log stack trace when client has gone away during media download ( #4738 )
...
* Don't log stack trace when client has gone away during media download
* Newsfile
* Fixup newsfile
2019-02-25 11:17:22 -08:00
Matthew Hodgson
70ea2f4e1d
switch from google.com to recaptcha.net for reCAPTCHA ( #4731 )
...
* add trivial clarification about jemalloc
* switch from google.com to recaptcha.net
because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
2019-02-25 11:15:36 -08:00
Erik Johnston
dbdc565dfd
Fix registration on workers ( #4682 )
...
* Move RegistrationHandler init to HomeServer
* Move post registration actions to RegistrationHandler
* Add post regisration replication endpoint
* Newsfile
2019-02-20 18:47:31 +11:00
Erik Johnston
fc2c245a1f
Merge pull request #4666 from matrix-org/erikj/register_login_split
...
Split out registration to worker
2019-02-18 17:18:06 +00:00
Erik Johnston
af691e415c
Move register_device into handler
2019-02-18 16:49:38 +00:00
Erik Johnston
092b541401
Fixup
2019-02-18 15:52:26 +00:00
Erik Johnston
8b9ae6d3a6
Update docs
2019-02-18 15:26:13 +00:00
Matthew Hodgson
04dad5ac16
fix missig import
2019-02-18 15:59:23 +01:00
Erik Johnston
eb2b8523ae
Split out registration to worker
...
This allows registration to be handled by a worker, though the actual
write to the database still happens on master.
Note: due to the in-memory session map all registration requests must be
handled by the same worker.
2019-02-18 12:12:57 +00:00
Matthew Hodgson
bfcefbb230
tabs
2019-02-14 19:53:12 +00:00
Matthew Hodgson
6f47bc3fb2
set CORS on .well-known URI to unbreak modular
...
otherwise a riot/web running on foo.riot.im can't query
the .well-known on foo.modular.im...
2019-02-14 19:51:41 +00:00
Erik Johnston
719e073f00
Merge pull request #4580 from matrix-org/uhoreg/e2e_backup_add_updating
...
add updating of backup versions
2019-02-11 13:45:49 +00:00
Valentin Anger
2dc2b6e9f1
Allow "unavailable" presence status for /sync ( #4592 )
...
* Allow "unavailable" presence status for /sync
Closes #3772 , closes #3779
Signed-off-by: Valentin Anger <valentin.an.1999@gmail.com>
* Add changelog for PR 4592
2019-02-08 21:09:56 +00:00
Hubert Chathi
afae8442b5
make sure version is in body and wrap in linearizer queue
...
also add tests
2019-02-08 01:32:45 -05:00
Hubert Chathi
8248637173
add new endpoint to update backup versions
2019-02-06 17:57:10 -05:00
Neil Johnson
b37e8c9572
Merge branch 'neilj/room_capabilities' of github.com:matrix-org/synapse into neilj/room_capabilities
2019-01-30 10:56:47 +00:00
Neil Johnson
f834d98402
isort
2019-01-30 10:55:42 +00:00
Neil Johnson
ee4df7fd7a
Merge branch 'develop' into neilj/room_capabilities
2019-01-30 10:28:08 +00:00
Neil Johnson
9c850d9d5e
formatting and use constants where available
2019-01-30 10:23:26 +00:00
Neil Johnson
2f46804055
Populate default room version from Constants
2019-01-30 09:39:10 +00:00
Neil Johnson
c7837dce24
reflect that rooms v3 is a stable room version
2019-01-30 09:33:30 +00:00
Neil Johnson
e4bef9d470
rework format of change password capability
2019-01-29 18:04:56 +00:00
Neil Johnson
f03b3a7a3a
support change_password in capabilities end-point
2019-01-29 15:58:37 +00:00
Andrew Morgan
e65a17b26f
Check consent dir path on startup
2019-01-29 15:30:33 +00:00
Neil Johnson
a124025dab
enforce auth for capabilities endpoint
2019-01-29 11:37:56 +00:00
Neil Johnson
327b992e17
register capabilities servlet
2019-01-29 10:28:35 +00:00
Neil Johnson
893107be78
backout v3
2019-01-25 17:27:36 +00:00
Neil Johnson
95f871fc0d
Support room version capabilities in CS API (MSC1804)
2019-01-25 11:16:29 +00:00
Andrew Morgan
821b65aeb5
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/dm_room_upgrade
2019-01-25 11:09:53 +00:00
Neil Johnson
c99c2d58d7
move guard out of is_threepid_reserved and into register.py
2019-01-22 17:47:00 +00:00
Neil Johnson
d619b113ed
Fix None guard in config.server.is_threepid_reserved
2019-01-22 16:52:29 +00:00
Andrew Morgan
25d64a846a
Fix typos
2019-01-22 11:00:04 +00:00
Neil Johnson
5349262302
Config option to disable requesting MSISDN on registration
2019-01-21 14:59:37 +00:00
Erik Johnston
b970cb0e96
Refactor request sending to have better excpetions ( #4358 )
...
* Correctly retry and back off if we get a HTTPerror response
* Refactor request sending to have better excpetions
MatrixFederationHttpClient blindly reraised exceptions to the caller
without differentiating "expected" failures (e.g. connection timeouts
etc) versus more severe problems (e.g. programming errors).
This commit adds a RequestSendFailed exception that is raised when
"expected" failures happen, allowing the TransactionQueue to log them as
warnings while allowing us to log other exceptions as actual exceptions.
2019-01-08 11:04:28 +00:00
Travis Ralston
bc1fa8cd01
Add GET account data routes ( #4303 )
...
As per https://github.com/matrix-org/matrix-doc/issues/1339
2019-01-07 10:27:54 +00:00
Amber Brown
d7843f47b6
Remove v1 only REST APIs now we don't ship matrix console ( #4334 )
2018-12-29 23:12:30 +11:00
Richard van der Hoff
f85676cc93
Return well_known in /login response ( #4319 )
...
... as per MSC1730.
2018-12-24 10:44:33 +01:00
Amber Brown
ea6abf6724
Fix IP URL previews on Python 3 ( #4215 )
2018-12-22 01:56:13 +11:00
Neil Johnson
d2f7c4e6b1
create support user ( #4141 )
...
Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
2018-12-14 18:20:59 +00:00
David Baker
89ac2a5bdb
Add 'sandbox' to CSP for media repo ( #4284 )
...
* Add 'sandbox' to the CSP for media repo
* Changelog
2018-12-11 04:05:02 +11:00
Will Hunt
fee831c040
Move imports to one line
2018-12-10 13:52:33 +00:00
Will Hunt
466c1f3e01
Use send_cors
2018-12-10 13:11:37 +00:00
Will Hunt
91206e09f2
changelog & isort
2018-12-09 17:39:44 +00:00
Will Hunt
dbf736ba66
Make /config more CORS-y
2018-12-09 13:27:22 +00:00
Richard van der Hoff
30da50a5b8
Initialise user displayname from SAML2 data ( #4272 )
...
When we register a new user from SAML2 data, initialise their displayname
correctly.
2018-12-07 14:44:46 +01:00
Richard van der Hoff
c7401a697f
Implement SAML2 authentication ( #4267 )
...
This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.
What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader.
2018-12-07 13:11:11 +01:00
Richard van der Hoff
c588b9b9e4
Factor SSO success handling out of CAS login ( #4264 )
...
This is mostly factoring out the post-CAS-login code to somewhere we can reuse
it for other SSO flows, but it also fixes the userid mapping while we're at it.
2018-12-07 13:10:07 +01:00
Richard van der Hoff
b0c24a66ec
Rip out half-implemented m.login.saml2 support ( #4265 )
...
* Rip out half-implemented m.login.saml2 support
This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.
* drop undocumented dependency on dateutil
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
2018-12-06 19:44:38 +11:00
Richard van der Hoff
e8d98466b0
Implement .well-known handling ( #4262 )
...
Sometimes it's useful for synapse to generate its own .well-known file.
2018-12-05 14:38:58 +01:00
Amber Brown
fd96dd75a3
Fix non-ASCII pushrules ( #4248 )
2018-12-04 12:44:02 +01:00
Amber Brown
d3c61ef906
fix type error
2018-12-03 22:27:41 +11:00
Neil Johnson
7039ece8fb
Neilj/fix autojoin ( #4223 )
...
* Fix auto join failures for servers that require user consent
* Fix auto join failures for servers that require user consent
2018-11-28 22:24:57 +11:00
Richard van der Hoff
944d524f18
Support m.login.sso ( #4220 )
...
* Clean up the CSS for the fallback login form
I was finding this hard to work with, so simplify a bunch of things. Each
flow is now a form inside a div of class login_flow.
The login_flow class now has a fixed width, as that looks much better than each
flow having a differnt width.
* Support m.login.sso
MSC1721 renames m.login.cas to m.login.sso. This implements the change
(retaining support for m.login.cas for older clients).
* changelog
2018-11-27 18:51:52 +11:00
Amber Brown
80cac86b2c
Fix fallback auth on Python 3 ( #4197 )
2018-11-19 12:27:33 -06:00
Travis Ralston
ab4526a153
Remove duplicate slashes in generated consent URLs
2018-11-15 20:41:53 -07:00
Amber Brown
8b1affe7d5
Fix Content-Disposition in media repository ( #4176 )
2018-11-15 15:55:58 -06:00
Amber Brown
df758e155d
Use <meta> tags to discover the per-page encoding of html previews ( #4183 )
2018-11-15 11:05:08 -06:00
Richard van der Hoff
c1efcd7c6a
Add a test for the public T&Cs form
2018-11-14 10:46:27 +00:00
Richard van der Hoff
83a5f459aa
Fix an internal server error when viewing the public privacy policy
2018-11-14 10:21:07 +00:00
hera
2b075fb03a
Fix encoding error for consent form on python3
...
The form was rendering this as "b'01234....'".
-- richvdh
2018-11-08 11:05:39 +00:00
Amber Brown
b3708830b8
Fix URL preview bugs (type error when loading cache from db, content-type including quotes) ( #4157 )
2018-11-08 01:37:43 +11:00
Travis Ralston
0f5e51f726
Add config variables for enabling terms auth and the policy name ( #4142 )
...
So people can still collect consent the old way if they want to.
2018-11-06 10:32:34 +00:00
Hubert Chathi
f1087106cf
handle empty backups according to latest spec proposal ( #4123 )
...
fixes #4056
2018-11-05 17:59:29 -05:00
Amber Brown
efdcbbe46b
Tests for user consent resource ( #4140 )
2018-11-06 05:53:44 +11:00
Travis Ralston
642505abc3
Fix logic error that prevented guests from seeing the privacy policy
2018-11-01 16:48:32 -06:00
Travis Ralston
a8d41c6aff
Include a version query string arg for the consent route
2018-10-31 13:19:28 -06:00
Travis Ralston
d1e7b9c44c
Merge branch 'develop' into travis/login-terms
2018-10-31 13:15:14 -06:00
Amber Brown
f79f454485
Remove deprecated v1 key exchange endpoint ( #4119 )
2018-10-31 22:29:02 +11:00
Amber Brown
4cd1c9f2ff
Delete the disused & unspecced identicon functionality ( #4106 )
2018-10-29 23:57:24 +11:00
Richard van der Hoff
193cadc988
Address review comments
...
Improve comments, get old room state from the context we already have
2018-10-26 17:10:30 +01:00