Patrick Cloke
5d64fefd6c
Do not validate that the client dict is stable during UI Auth. ( #7483 )
...
This backs out some of the validation for the client dictionary and logs if
this changes during a user interactive authentication session instead.
2020-05-13 14:26:44 -04:00
Patrick Cloke
0ad6d28b0d
Rework UI Auth session validation for registration ( #7455 )
...
Be less strict about validation of UI authentication sessions during
registration to match client expecations.
2020-05-08 16:08:58 -04:00
Patrick Cloke
627b0f5f27
Persist user interactive authentication sessions ( #7302 )
...
By persisting the user interactive authentication sessions to the database, this fixes
situations where a user hits different works throughout their auth session and also
allows sessions to persist through restarts of Synapse.
2020-04-30 13:47:49 -04:00
Brendan Abolivier
2e3b9a0fcb
Revert "Revert "Merge pull request #7315 from matrix-org/babolivier/request_token""
...
This reverts commit 1adf6a5587
.
2020-04-23 11:23:53 +02:00
Richard van der Hoff
2aa5bf13c8
Merge branch 'release-v1.12.4' into develop
2020-04-22 13:09:23 +01:00
Richard van der Hoff
974c0d726a
Support GET account_data requests on a worker ( #7311 )
2020-04-21 10:46:30 +01:00
Patrick Cloke
054c231e58
Use a template for the SSO success page to allow for customization. ( #7279 )
2020-04-17 13:34:55 -04:00
Andrew Morgan
b21000a44f
Improve error responses when a remote server doesn't allow you to access its public rooms list ( #6899 )
2020-04-06 12:35:30 +01:00
Patrick Cloke
694d8bed0e
Support CAS in UI Auth flows. ( #7186 )
2020-04-03 15:35:05 -04:00
Patrick Cloke
b9930d24a0
Support SAML in the user interactive authentication workflow. ( #7102 )
2020-04-01 08:48:00 -04:00
Dirk Klimpel
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
Andrew Morgan
12aa5a7fa7
Ensure is_verified on /_matrix/client/r0/room_keys/keys is a boolean ( #7150 )
2020-03-27 13:30:22 +00:00
Patrick Cloke
fa4f12102d
Refactor the CAS code (move the logic out of the REST layer to a handler) ( #7136 )
2020-03-26 15:05:26 -04:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
Patrick Cloke
1c1242acba
Validate that the session is not modified during UI-Auth ( #7068 )
2020-03-26 07:39:34 -04:00
Naugrimm
1fcf9c6f95
Fix CAS redirect url ( #6634 )
...
Build the same service URL when requesting the CAS ticket and when calling the proxyValidate URL.
2020-03-24 11:59:04 +00:00
Patrick Cloke
477c4f5b1c
Clean-up some auth/login REST code ( #7115 )
2020-03-20 16:22:47 -04:00
Patrick Cloke
88b41986db
Add an option to the set password API to choose whether to logout other devices. ( #7085 )
2020-03-18 07:50:00 -04:00
Patrick Cloke
60724c46b7
Remove special casing of m.room.aliases
events ( #7034 )
2020-03-17 07:37:04 -04:00
Richard van der Hoff
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b
, reversing
changes made to 6640460d05
.
2020-03-17 11:25:01 +00:00
Brendan Abolivier
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
dklimpel
885134529f
updates after review
2020-03-09 22:09:29 +01:00
dklimpel
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
Brendan Abolivier
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
Brendan Abolivier
65c73cdfec
Factor out complete_sso_login and expose it to the Module API
2020-03-03 10:54:44 +00:00
Richard van der Hoff
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
Brendan Abolivier
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
Andrew Morgan
8c75b621bf
Ensure 'deactivated' parameter is a boolean on user admin API, Fix error handling of call to deactivate user ( #6990 )
2020-02-26 12:22:55 +00:00
Patrick Cloke
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ( #6957 )
...
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
Richard van der Hoff
2fb7794e60
Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekable
...
Make room alias lists peekable
2020-02-19 11:19:11 +00:00
Richard van der Hoff
880aaac1d8
Move MSC2432 stuff onto unstable prefix ( #6948 )
...
it's not in the spec yet, so needs to be unstable. Also add a feature flag for it. Also add a test for admin users.
2020-02-19 10:40:27 +00:00
Richard van der Hoff
a0a1fd0bec
Add allow_departed_users
param to check_in_room_or_world_readable
...
... and set it everywhere it's called.
while we're here, rename it for consistency with `check_user_in_room` (and to
help check that I haven't missed any instances)
2020-02-19 08:52:51 +00:00
Richard van der Hoff
adfaea8c69
Implement GET /_matrix/client/r0/rooms/{roomId}/aliases ( #6939 )
...
per matrix-org/matrix-doc#2432
2020-02-18 16:23:25 +00:00
Aaron Raimist
dc3f998706
Remove m.lazy_load_members from unstable features since it is in CS r0.5.0 ( #6877 )
...
Fixes #5528
2020-02-13 12:02:32 +00:00
Richard van der Hoff
184303b865
MSC2260: Block direct sends of m.room.aliases events ( #6794 )
...
as per MSC2260
2020-01-30 17:20:55 +00:00
Erik Johnston
8df862e45d
Add rooms.room_version
column ( #6729 )
...
This is so that we don't have to rely on pulling it out from `current_state_events` table.
2020-01-27 14:30:57 +00:00
Andrew Morgan
9f7aaf90b5
Validate client_secret parameter ( #6767 )
2020-01-24 14:28:40 +00:00
Andrew Morgan
90a28fb475
Admin API to list, filter and sort rooms ( #6720 )
2020-01-22 13:36:43 +00:00
Erik Johnston
b0a66ab83c
Fixup synapse.rest to pass mypy ( #6732 )
2020-01-20 17:38:21 +00:00
Erik Johnston
74b74462f1
Fix /events/:event_id
deprecated API. ( #6731 )
2020-01-20 17:38:09 +00:00
Neil Johnson
38e0e59f42
Add org.matrix.e2e_cross_signing to unstable_features in /versions as per MSC1756 ( #6712 )
2020-01-16 09:46:14 +00:00
Andrew Morgan
edc244eec4
Remove duplicate session check in web fallback servlet ( #6702 )
2020-01-15 18:05:18 +00:00
Richard van der Hoff
d6752ce5da
Clean up startup for the pusher ( #6558 )
...
* Remove redundant python2 support code
`str.decode()` doesn't exist on python3, so presumably this code was doing
nothing
* Filter out pushers with corrupt data
When we get a row with unparsable json, drop the row, rather than returning a
row with null `data`, which will then cause an explosion later on.
* Improve logging when we can't start a pusher
Log the ID to help us understand the problem
* Make email pusher setup more robust
We know we'll have a `data` member, since that comes from the database. What we
*don't* know is if that is a dict, and if that has a `brand` member, and if
that member is a string.
2019-12-18 14:26:58 +00:00
Erik Johnston
72acca6a32
Back out change preventing setting null avatar URLs
2019-12-11 11:46:55 +00:00
Andrew Morgan
5e8abe9013
Better errors regarding changing avatar_url ( #6497 )
2019-12-09 14:54:33 +00:00
Erik Johnston
9c41ba4c5f
Port rest.client.v2
2019-12-05 16:56:23 +00:00
Erik Johnston
1a0997bbd5
Port rest/v1 to async/await
2019-12-05 15:57:28 +00:00
Brendan Abolivier
9dc84b7989
Merge branch 'develop' into babolivier/context_filters
2019-12-04 14:23:44 +00:00
Andrew Morgan
23ea572125
Add User-Interactive Auth to /account/3pid/add ( #6119 )
2019-11-29 13:51:14 +00:00
Erik Johnston
69d8fb83c6
MSC2367 Allow reason field on all member events
2019-11-28 11:02:04 +00:00