Patrick Cloke
22c6c19f91
Fix a regression that mapping providers should be able to redirect users. ( #8878 )
...
This was broken in #8801 .
2020-12-04 08:25:15 -05:00
Patrick Cloke
8388384a64
Fix a regression when grandfathering SAML users. ( #8855 )
...
This was broken in #8801 when abstracting code shared with OIDC.
After this change both SAML and OIDC have a concept of
grandfathering users, but with different implementations.
2020-12-02 07:45:42 -05:00
Patrick Cloke
4fd222ad70
Support trying multiple localparts for OpenID Connect. ( #8801 )
...
Abstracts the SAML and OpenID Connect code which attempts to regenerate
the localpart of a matrix ID if it is already in use.
2020-11-25 10:04:22 -05:00
Patrick Cloke
6fde6aa9c0
Properly report user-agent/IP during registration of SSO users. ( #8784 )
...
This also expands type-hints to the SSO and registration code.
Refactors the CAS code to more closely match OIDC/SAML.
2020-11-23 13:28:03 -05:00
Patrick Cloke
79bfe966e0
Improve error checking for OIDC/SAML mapping providers ( #8774 )
...
Checks that the localpart returned by mapping providers for SAML and
OIDC are valid before registering new users.
Extends the OIDC tests for existing users and invalid data.
2020-11-19 14:25:17 -05:00
Patrick Cloke
ee382025b0
Abstract shared SSO code. ( #8765 )
...
De-duplicates code between the SAML and OIDC implementations.
2020-11-17 09:46:23 -05:00
Patrick Cloke
34a5696f93
Fix typos and spelling errors. ( #8639 )
2020-10-23 12:38:40 -04:00
Erik Johnston
c850dd9a8e
Fix handling of User-Agent headers with bad utf-8. ( #8632 )
2020-10-23 17:12:59 +01:00
BBBSnowball
05ee048f2c
Add config option for always using "userinfo endpoint" for OIDC ( #7658 )
...
This allows for connecting to certain IdPs, e.g. GitLab.
2020-10-01 13:54:35 -04:00
Patrick Cloke
8b40843392
Allow additional SSO properties to be passed to the client ( #8413 )
2020-09-30 13:02:43 -04:00
Tdxdxoz
abd04b6af0
Allow existing users to login via OpenID Connect. ( #8345 )
...
Co-authored-by: Benjamin Koch <bbbsnowball@gmail.com>
This adds configuration flags that will match a user to pre-existing users
when logging in via OpenID Connect. This is useful when switching to
an existing SSO system.
2020-09-25 07:01:45 -04:00
Patrick Cloke
6605470bfb
Improve SAML error messages ( #8248 )
2020-09-14 09:05:36 -04:00
Patrick Cloke
b055dc9322
Ensure that the OpenID Connect remote ID is a string. ( #8190 )
2020-08-28 08:56:36 -04:00
Patrick Cloke
3f91638da6
Allow denying or shadow banning registrations via the spam checker ( #8034 )
2020-08-20 15:42:58 -04:00
Patrick Cloke
eebf52be06
Be stricter about JSON that is accepted by Synapse ( #8106 )
2020-08-19 07:26:03 -04:00
Andrew Morgan
e04e465b4d
Use the default templates when a custom template file cannot be found ( #8037 )
...
Fixes https://github.com/matrix-org/synapse/issues/6583
2020-08-17 17:05:00 +01:00
Erik Johnston
0f1afbe8dc
Change HomeServer definition to work with typing.
...
Duplicating function signatures between server.py and server.pyi is
silly. This commit changes that by changing all `build_*` methods to
`get_*` methods and changing the `_make_dependency_method` to work work
as a descriptor that caches the produced value.
There are some changes in other files that were made to fix the typing
in server.py.
2020-08-11 18:00:17 +01:00
Patrick Cloke
ea26e9a98b
Ensure that HTML pages served from Synapse include headers to avoid embedding.
2020-07-02 09:58:31 -04:00
Richard van der Hoff
11de843626
Cleanups to the OpenID Connect integration ( #7628 )
...
docs, default configs, comments. Nothing very significant.
2020-06-03 21:13:17 +01:00
Patrick Cloke
a3cf36f76e
Support UI Authentication for OpenID Connect accounts ( #7457 )
2020-05-15 12:26:02 -04:00
Quentin Gliech
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00