Commit Graph

35 Commits

Author SHA1 Message Date
Erik Johnston
0b5c967813
Refactor to ensure we call check_consistency ()
The idea here is to stop people forgetting to call `check_consistency`. Folks can still just pass in `None` to the new args in `build_sequence_generator`, but hopefully they won't.
2021-02-24 10:13:53 +00:00
Dirk Klimpel
c8d9383cfb
Add the shadow-banning status to the display user admin API. () 2021-02-17 15:19:23 -05:00
Eric Eastwood
0a00b7ff14
Update black, and run auto formatting over the codebase ()
- Update black version to the latest
 - Run black auto formatting over the codebase
    - Run autoformatting according to [`docs/code_style.md
`](80d6dc9783/docs/code_style.md)
 - Update `code_style.md` docs around installing black to use the correct version
2021-02-16 22:32:34 +00:00
Richard van der Hoff
18ab35284a Merge branch 'social_login' into develop 2021-02-01 17:28:37 +00:00
Richard van der Hoff
9c715a5f19
Fix SSO on workers ()
Fixes .

* Factor out build_synapse_client_resource_tree

Start a function which will mount resources common to all workers.

* Move sso init into build_synapse_client_resource_tree

... so that we don't have to do it for each worker

* Fix SSO-login-via-a-worker

Expose the SSO login endpoints on workers, like the documentation says.

* Update workers config for new endpoints

Add documentation for endpoints recently added (, , )

* remove submit_token from workers endpoints list

this *doesn't* work on workers (yet).

* changelog

* Add a comment about the odd path for SAML2Resource
2021-02-01 15:47:59 +00:00
Patrick Cloke
4a55d267ee
Add an admin API for shadow-banning users. ()
This expands the current shadow-banning feature to be usable via
the admin API and adds documentation for it.

A shadow-banned users receives successful responses to their
client-server API requests, but the events are not propagated into rooms.

Shadow-banning a user should be used as a tool of last resort and may lead
to confusing or broken behaviour for the client.
2021-01-25 14:49:39 -05:00
Erik Johnston
7a43482f19
Use execute_batch in more places ()
* Use execute_batch in more places

* Newsfile
2021-01-21 14:44:12 +00:00
Patrick Cloke
5d4c330ed9
Allow re-using a UI auth validation for a period of time () 2020-12-18 07:33:57 -05:00
Richard van der Hoff
0bac276890 UIA: offer only available auth flows
During user-interactive auth, do not offer password auth to users with no
password, nor SSO auth to users with no SSO.

Fixes .
2020-12-02 18:54:15 +00:00
Erik Johnston
f737368a26
Add admin API for logging in as a user () 2020-11-17 10:51:25 +00:00
Erik Johnston
f21e24ffc2
Add ability for access tokens to belong to one user but grant access to another user. ()
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't).

A future PR will add an API for creating such a token.

When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
2020-10-29 15:58:44 +00:00
Patrick Cloke
10f45d85bb
Add type hints for account validity handler ()
This also fixes a bug by fixing handling of an account which doesn't expire.
2020-10-26 14:17:31 -04:00
Erik Johnston
a9f90fa73a
Type hints for RegistrationStore () 2020-10-22 11:56:58 +01:00
Patrick Cloke
629a951b49
Move additional tasks to the background worker, part 4 () 2020-10-13 08:20:32 -04:00
Erik Johnston
b2486f6656
Fix message duplication if something goes wrong after persisting the event ()
Should fix .
2020-10-13 12:07:56 +01:00
Patrick Cloke
fe0f4a3591
Move additional tasks to the background worker, part 3 () 2020-10-09 07:37:51 -04:00
Patrick Cloke
a93f3121f8
Add type hints to some handlers () 2020-10-09 07:20:51 -04:00
Patrick Cloke
e4f72ddc44
Move additional tasks to the background worker () 2020-10-07 11:27:56 -04:00
Hubert Chathi
4cb44a1585
Add support for MSC2697: Dehydrated devices ()
This allows a user to store an offline device on the server and
then restore it at a subsequent login.
2020-10-07 08:00:17 -04:00
Erik Johnston
bd380d942f
Add checks for postgres sequence consistency () 2020-09-28 18:00:30 +01:00
Tdxdxoz
abd04b6af0
Allow existing users to login via OpenID Connect. ()
Co-authored-by: Benjamin Koch <bbbsnowball@gmail.com>

This adds configuration flags that will match a user to pre-existing users
when logging in via OpenID Connect. This is useful when switching to
an existing SSO system.
2020-09-25 07:01:45 -04:00
Mathieu Velten
916bb9d0d1
Don't push if an user account has expired () 2020-09-23 16:06:28 +01:00
Patrick Cloke
8a4a4186de
Simplify super() calls to Python 3 syntax. ()
This converts calls like super(Foo, self) -> super().

Generated with:

    sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
2020-09-18 09:56:44 -04:00
Andrew Morgan
b4826d6eb1 Fix incorrect return signature 2020-08-28 17:39:48 +01:00
Patrick Cloke
d58fda99ff
Convert event_push_actions, registration, and roommember datastores to async () 2020-08-28 11:34:50 -04:00
Patrick Cloke
b71d4a094c
Convert simple_delete to async/await. () 2020-08-27 14:16:41 -04:00
Patrick Cloke
9b7ac03af3
Convert calls of async database methods to async () 2020-08-27 13:38:41 -04:00
Patrick Cloke
4a739c73b4
Convert simple_update* and simple_select* to async () 2020-08-27 07:08:38 -04:00
Patrick Cloke
4c6c56dc58
Convert simple_select_one and simple_select_one_onecol to async () 2020-08-26 07:19:32 -04:00
Brendan Abolivier
3f49f74610
Don't fail /submit_token requests on incorrect session ID if request_token_inhibit_3pid_errors is turned on ()
* Don't raise session_id errors on submit_token if request_token_inhibit_3pid_errors is set

* Changelog

* Also wait some time before responding to /requestToken

* Incorporate review

* Update synapse/storage/databases/main/registration.py

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Incorporate review

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2020-08-24 11:33:55 +01:00
Patrick Cloke
050e20e7ca
Convert some of the general database methods to async () 2020-08-17 12:18:01 -04:00
Patrick Cloke
ac77cdb64e
Add a shadow-banned flag to users. () 2020-08-14 12:37:59 -04:00
Patrick Cloke
6b7ce1d332
Remove some unused database functions. () 2020-08-14 09:25:40 -04:00
Patrick Cloke
a0acdfa9e9
Converts event_federation and registration databases to async/await () 2020-08-11 17:21:13 -04:00
Erik Johnston
a7bdf98d01
Rename database classes to make some sense () 2020-08-05 21:38:57 +01:00