Richard van der Hoff
321fe5c44c
Merge pull request #1656 from matrix-org/rav/remove_time_caveat
...
Stop putting a time caveat on access tokens
2016-11-30 16:53:20 +00:00
Richard van der Hoff
77eca2487c
Merge pull request #1653 from matrix-org/rav/guest_e2e
...
Implement E2E for guests
2016-11-29 17:41:35 +00:00
Richard van der Hoff
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
Richard van der Hoff
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
Richard van der Hoff
f62b69e32a
Allow guest access to endpoints for E2E
...
Expose /devices, /keys, and /sendToDevice to guest users, so that they can use
E2E.
2016-11-25 15:26:34 +00:00
Richard van der Hoff
7f02e4d008
Give guest users a device_id
...
We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one.
2016-11-25 15:25:30 +00:00
Erik Johnston
feec718265
Shuffle receipt handler around so that worker apps don't need to load it
2016-11-23 15:14:24 +00:00
Kegsay
d4a459f7cb
Merge pull request #1638 from matrix-org/kegan/sync-event-fields
...
Implement "event_fields" in filters
2016-11-22 14:02:38 +00:00
Kegan Dougal
cea4e4e7b2
Glue only_event_fields into the sync rest servlet
2016-11-22 10:14:05 +00:00
Mark Haines
a289150943
Fix flake8
2016-11-18 17:15:02 +00:00
David Baker
544722bad2
Work around client replacing reg params
...
Works around https://github.com/vector-im/vector-android/issues/715
and equivalent for iOS
2016-11-18 17:07:35 +00:00
Kegan Dougal
3991b4cbdb
Clean transactions based on time. Add HttpTransactionCache tests.
2016-11-14 11:19:24 +00:00
Kegan Dougal
af4a1bac50
Move .observe() up to the cache to make things neater
2016-11-14 09:52:41 +00:00
Kegan Dougal
8ecaff51a1
Review comments
2016-11-11 17:47:03 +00:00
Kegan Dougal
f6c48802f5
More flake8
2016-11-11 15:08:24 +00:00
Kegan Dougal
a88bc67f88
Flake8 and fix whoopsie
2016-11-11 15:02:29 +00:00
Kegan Dougal
42c43cfafd
Use ObservableDeferreds instead of Deferreds as they behave as intended
2016-11-11 14:54:10 +00:00
Kegan Dougal
c7daf3136c
Use observable deferreds because they are sane
2016-11-11 14:13:32 +00:00
Kegan Dougal
8a8ad46f48
Flake8
2016-11-10 15:22:11 +00:00
Kegan Dougal
2771447c29
Store Promise<Response> instead of Response for HTTP API transactions
...
This fixes a race whereby:
- User hits an endpoint.
- No cached transaction so executes main code.
- User hits same endpoint.
- No cache transaction so executes main code.
- Main code finishes executing and caches response and returns.
- Main code finishes executing and caches response and returns.
This race is common in the wild when Synapse is struggling under load.
This commit fixes the race by:
- User hits an endpoint.
- Caches the promise to execute the main code and executes main code.
- User hits same endpoint.
- Yields on the same promise as the first request.
- Main code finishes executing and returns, unblocking both requests.
2016-11-10 14:49:26 +00:00
Mark Haines
b1c27975d0
Set CORs headers on responses from the media repo
2016-11-02 11:29:25 +00:00
Erik Johnston
78c083f159
Merge pull request #1164 from pik/error-codes
...
Clarify Error codes for GET /filter/
2016-10-19 14:26:17 +01:00
pik
e8b1d2a452
Refactor test_filter to use real DataStore
...
* add tests for filter api errors
2016-10-18 12:17:38 -05:00
Alexander Maznev
d9350b0db8
Error codes for filters
...
* add tests
Signed-off-by: Alexander Maznev <alexander.maznev@gmail.com>
2016-10-14 10:18:28 -05:00
Richard van der Hoff
f7aed3d7a2
Merge pull request #1168 from matrix-org/rav/ui_auth_on_device_delete
...
User-interactive auth on delete device
2016-10-13 09:38:41 +01:00
Richard van der Hoff
9009143fb9
Handle delete device requests with no body
...
We should probably return a 401 rather than a 400 for existing clients that
don't know they have to do the UIA dance to delete a device.
2016-10-12 18:47:28 +01:00
Richard van der Hoff
fbd3866bc6
User-interactive auth on delete device
2016-10-12 16:16:31 +01:00
Mark Haines
9e18e0b1cb
Merge pull request #1167 from matrix-org/markjh/fingerprints
...
Add config option for adding additional TLS fingerprints
2016-10-12 15:27:44 +01:00
Mark Haines
0af6213019
Improve comment formatting
2016-10-12 14:45:13 +01:00
Mark Haines
6e9f3ab415
Add config option for adding additional TLS fingerprints
2016-10-11 19:14:46 +01:00
Erik Johnston
a2f2516199
Merge pull request #1157 from Rugvip/nolimit
...
Remove rate limiting from app service senders and fix get_or_create_user requester
2016-10-11 11:20:54 +01:00
Patrik Oldsberg
7b5546d077
rest/client/v1/register: use the correct requester in createUser
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 22:12:32 +02:00
Richard van der Hoff
f382117852
window.postmessage for Interactive Auth fallback
...
If you're a webapp running the fallback in an iframe, you can't set set a
window.onAuthDone function. Let's post a message back to window.opener instead.
2016-10-06 18:16:59 +01:00
Patrik Oldsberg
9bfc617791
storage/appservice: make appservice methods only relying on the cache synchronous
2016-10-06 15:24:59 +02:00
Erik Johnston
22578545a0
Time out typing over federation
2016-09-23 14:00:52 +01:00
Erik Johnston
87528f0756
Support /initialSync in synchrotron worker
2016-09-21 11:46:28 +01:00
Erik Johnston
ddc89df89d
Enable guest access to POST /publicRooms
2016-09-17 15:55:24 +01:00
Erik Johnston
2e67cabd7f
Make POST /publicRooms require auth
2016-09-16 11:32:51 +01:00
Erik Johnston
c33b25fd8d
Change the way we calculate new_limit in /publicRooms and add POST API
2016-09-15 17:35:20 +01:00
Erik Johnston
68c1ed4d1a
Remove default public rooms limit
2016-09-15 13:56:20 +01:00
Erik Johnston
1d98cf26be
By default limit /publicRooms to 100 entries
2016-09-15 13:18:35 +01:00
Erik Johnston
5810cffd33
Pass since/from parameters over federation
2016-09-15 10:36:19 +01:00
Erik Johnston
f3eead0660
Allow paginating both forwards and backwards
2016-09-15 10:15:37 +01:00
Erik Johnston
4131381123
Remove support for aggregate room lists
2016-09-15 09:28:15 +01:00
Mark Haines
18ab019a4a
Move the E2E key handling into the e2e handler
2016-09-13 11:35:35 +01:00
Mark Haines
949c2c5435
Add a timeout parameter for end2end key queries.
...
Add a timeout parameter for controlling how long synapse will wait
for responses from remote servers. For servers that fail include how
they failed to make it easier to debug.
Fetch keys from different servers in parallel rather than in series.
Set the default timeout to 10s.
2016-09-12 18:17:09 +01:00
Shell Turner
29205e9596
Conform better to the CAS protocol specification
...
Redirect to CAS's /login endpoint properly, and
don't require an <attributes> element.
Signed-off-by: Shell Turner <cam.turn@gmail.com>
2016-09-09 21:20:14 +01:00
Mark Haines
dbff7e9436
Merge pull request #1096 from matrix-org/markjh/get_access_token
...
Add helper function for getting access_tokens from requests
2016-09-09 17:09:27 +01:00
Mark Haines
8aee5aa068
Add helper function for getting access_tokens from requests
...
Rather than reimplementing the token parsing in the various places.
This will make it easier to change the token parsing to allow access_tokens
in HTTP headers.
2016-09-09 16:33:15 +01:00
Paul Evans
56f38d1776
Merge pull request #1091 from matrix-org/paul/third-party-lookup
...
Improvements to 3PE lookup API
2016-09-09 15:43:11 +01:00
Paul "LeoNerd" Evans
d271383e63
Filter returned events for client-facing format
2016-09-09 14:40:15 +01:00
Paul "LeoNerd" Evans
0fc0a3bdff
Allow clients to specify the format a room state event is returned in
2016-09-09 14:34:29 +01:00
Paul "LeoNerd" Evans
bdbcfc2a80
appease pep8
2016-09-09 13:31:39 +01:00
Paul "LeoNerd" Evans
6eb0c8a2e4
Python isn't JavaScript; have to quote dict keys
2016-09-09 13:31:17 +01:00
Paul "LeoNerd" Evans
25eb769b26
Efficiency fix for lookups of a single protocol
2016-09-09 13:25:02 +01:00
Paul "LeoNerd" Evans
3328428d05
Allow lookup of a single 3PE protocol query metadata
2016-09-09 13:19:04 +01:00
Matthew Hodgson
b8f84f99ff
Merge pull request #1081 from matrix-org/dbkr/notifications_only_highlight
...
Implement `only=highlight` on `/notifications`
2016-09-09 00:09:51 +01:00
Erik Johnston
257025ac89
Merge pull request #1082 from matrix-org/erikj/remote_public_rooms
...
Add server param to /publicRooms
2016-09-08 16:04:22 +01:00
Erik Johnston
3f9889bfd6
Use parse_string
2016-09-08 15:51:10 +01:00
Mark Haines
fa9d36e050
Merge branch 'develop' into markjh/direct_to_device_federation
2016-09-08 13:43:43 +01:00
David Baker
4ef222ab61
Implement only=highlight
on /notifications
2016-09-08 13:43:35 +01:00
Erik Johnston
791658b576
Add server param to /publicRooms
2016-09-08 11:53:05 +01:00
Mark Haines
d4a35ada28
Send device messages over federation
2016-09-06 18:16:20 +01:00
Erik Johnston
d51b8a1674
Add quotes and be explicity about script-src
2016-09-05 17:35:01 +01:00
Erik Johnston
662b031a30
Allow PDF to be rendered from media repo
2016-09-05 17:25:26 +01:00
Mark Haines
7ed5acacf4
Fix up the calls to the notifier for device messages
2016-09-01 18:08:40 +01:00
Mark Haines
1aa3e1d287
Add a replication stream for direct to device messages
2016-08-31 10:38:58 +01:00
Mark Haines
4bbef62124
Merge remote-tracking branch 'origin/develop' into markjh/direct_to_device
2016-08-26 14:35:31 +01:00
Paul "LeoNerd" Evans
1294d4a329
Move ThirdPartyEntityKind into api.constants so the expectation becomes that the value is significant
2016-08-25 18:34:47 +01:00
Mark Haines
ab34fdecb7
Merge branch 'develop' into markjh/direct_to_device
2016-08-25 18:34:46 +01:00
Mark Haines
b162cb2e41
Add some TODOs
2016-08-25 18:18:53 +01:00
Mark Haines
641efb6a39
Fix the deduplication of incoming direct-to-device messages
2016-08-25 18:14:02 +01:00
Mark Haines
e993925279
Add store-and-forward direct-to-device messaging
2016-08-25 17:35:37 +01:00
Paul Evans
d9dcb2ba3a
Merge pull request #1041 from matrix-org/paul/third-party-lookup
...
Extend 3PE lookup APIs for metadata query
2016-08-25 17:06:53 +01:00
Paul "LeoNerd" Evans
8e1ed09dff
Move static knowledge of protocol metadata into AS handler; cache the result
2016-08-24 13:01:53 +01:00
Paul "LeoNerd" Evans
965f33c901
Declare 'gitter' known protocol, with user lookup
2016-08-24 12:34:03 +01:00
Paul "LeoNerd" Evans
9899824b85
Initial hack at the 3PN protocols metadata lookup API
2016-08-24 12:33:01 +01:00
Erik Johnston
9219139351
Preserve some logcontexts
2016-08-24 11:58:40 +01:00
Paul "LeoNerd" Evans
63c19e1df9
Move 3PU/3PL lookup APIs into /thirdparty containing entity
2016-08-24 11:55:57 +01:00
Kegan Dougal
4b31426a02
Pass through user-supplied content in /join/$room_id
...
It was always intended to allow custom keys on the join event, but this has
at some point been lost. Restore it.
If the user specifies keys like "avatar_url" then they will be clobbered.
2016-08-23 16:32:04 +01:00
Matthew Hodgson
6e80c03d45
Merge branch 'develop' into dbkr/notifications_api
2016-08-20 00:16:18 +01:00
David Baker
0acdd0f1ea
Use tuple comparison
...
Hopefully easier to read
2016-08-18 17:51:08 +01:00
Paul "LeoNerd" Evans
b515f844ee
Avoid so much copypasta between 3PU and 3PL query by unifying around a ThirdPartyEntityKind enumeration
2016-08-18 17:19:55 +01:00
David Baker
602c84cd9c
Merge remote-tracking branch 'origin/develop' into dbkr/notifications_api
2016-08-18 17:15:26 +01:00
Paul "LeoNerd" Evans
105ff162d4
Authenticate 3PE lookup requests
2016-08-18 16:19:23 +01:00
Paul "LeoNerd" Evans
06964c4a0a
Copypasta the 3PU support code to also do 3PL
2016-08-18 16:09:50 +01:00
Paul "LeoNerd" Evans
f3afd6ef1a
Remove TODO note about request fields being strings - they're always strings
2016-08-18 15:53:01 +01:00
Paul "LeoNerd" Evans
d5bf7a4a99
Merge remote-tracking branch 'origin/develop' into paul/thirdpartylookup
2016-08-18 14:21:01 +01:00
Paul "LeoNerd" Evans
3856582741
Ensure that 3PU lookup request fields actually get passed in
2016-08-18 14:06:02 +01:00
Erik Johnston
0af9e1a637
Set Content-Security-Policy
on media repo
...
This is to inform browsers that they should sandbox the returned
media. This is particularly cruical for javascript/HTML files.
2016-08-17 16:27:39 +01:00
Paul "LeoNerd" Evans
fa87c981e1
Thread 3PU lookup through as far as the AS API object; which currently noöps it
2016-08-17 16:17:28 +01:00
Erik Johnston
f90b3d83a3
Add None check to _iterate_over_text
2016-08-17 15:17:17 +01:00
Paul "LeoNerd" Evans
e3e3fbc23a
Initial empty implementation that just registers an API endpoint handler
2016-08-17 12:46:49 +01:00
Erik Johnston
109a560905
Flake8
2016-08-16 14:57:21 +01:00
Erik Johnston
48b5829aea
Fix up preview URL API. Add tests.
...
This includes:
- Splitting out methods of a class into stand alone functions, to make
them easier to test.
- Adding unit tests to split out functions, testing HTML -> preview.
- Handle the fact that elements in lxml may have tail text.
2016-08-16 14:53:24 +01:00
Erik Johnston
4e1cebd56f
Make synchrotron accept /events
2016-08-12 15:31:44 +01:00
Erik Johnston
866a5320de
Dont invoke get_handlers fromClientV1RestServlet
...
hs.get_handlers() can not be invoked from split out processes. Moving
the invocations down a level means that we can slowly split out
individual servlets.
2016-08-12 10:03:19 +01:00
David Baker
b4ecf0b886
Merge remote-tracking branch 'origin/develop' into dbkr/notifications_api
2016-08-11 14:09:13 +01:00
Will Hunt
2510db3e76
Don't change status_msg on /sync
2016-08-10 12:59:59 +01:00
Erik Johnston
fa1ce4d8ad
Don't print stack traces when failing to get remote keys
2016-08-10 10:44:37 +01:00