| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
* Remove references to handler._auth_handler
(and replace them with hs.get_auth_handler)
* Factor out a utility function for building Requests
* Remove mocks of `OidcHandler._map_userinfo_to_user`
This method is going away, so mocking it out is no longer a valid approach.
Instead, we mock out lower-level methods (eg _remote_id_from_userinfo), or
simply allow the regular implementation to proceed and update the expectations
accordingly.
* Remove references to `OidcHandler._map_userinfo_to_user` from tests
This method is going away, so we can no longer use it as a test point. Instead
we build mock "callback" requests which we pass into `handle_oidc_callback`,
and verify correct behaviour by mocking out `AuthHandler.complete_sso_login`.
|
|
Spam checker modules can now provide async methods. This is implemented
in a backwards-compatible manner.
|
|
|
|
Fixes #8846.
|
|
|
|
|
|
Fixes #8866
|
|
|
|
Fixes #8892
|
|
* Factor out _call_attribute_mapper and _register_mapped_user
This is mostly an attempt to simplify `get_mxid_from_sso`.
* Move mapping_lock down into SsoHandler.
|
|
this was using `canonical_json` without setting it, so when you used it as a
standalone class, you would get exceptions.
|
|
Deprecate both APIs in favour of the Delete Room API.
Related: #8663 and #8810
|
|
This defaults `ip_range_blacklist` to reserved IP ranges and also adds an
`ip_range_whitelist` setting to override it.
|
|
|
|
Related: #8810
Also a few small improvements.
Signed-off-by: Dirk Klimpel dirk@klimpel.org
|
|
It seems that letting CircleCI use its default docker version (17.09.0-ce,
apparently) did not interact well with multiarch builds: in particular, we saw
weird effects where running an amd64 build at the same time as an arm64 build
caused the arm64 builds to fail with:
Error while loading /usr/sbin/dpkg-deb: No such file or directory
|
|
|
|
|
|
|
|
This pins pysaml2 to < 6.4.0 on Python 3.5, as the last known working version.
|
|
* Consistently use room_id from federation request body
Some federation APIs have a redundant `room_id` path param (see
https://github.com/matrix-org/matrix-doc/issues/2330). We should make sure we
consistently use either the path param or the body param, and the body param is
easier.
* Kill off some references to "context"
Once upon a time, "rooms" were known as "contexts". I think this kills of the
last references to "contexts".
|
|
Fixes / related to: https://github.com/matrix-org/synapse/issues/6533
This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag
Signed-off-by: Aaron Raimist <aaron@raim.ist>
|
|
This pins pysaml2 to < 6.4.0 on Python 3.5, as the last known working version.
|
|
The idea is that the parse_config method of extension modules can raise either a ConfigError or a JsonValidationError,
and it will be magically turned into a legible error message. There's a few components to it:
* Separating the "path" and the "message" parts of a ConfigError, so that we can fiddle with the path bit to turn it
into an absolute path.
* Generally improving the way ConfigErrors get printed.
* Passing in the config path to load_module so that it can wrap any exceptions that get caught appropriately.
|
|
* SsoHandler: remove inheritance from BaseHandler
* Simplify the flow for SSO UIA
We don't need to do all the magic for mapping users when we are doing UIA, so
let's factor that out.
|
|
|
|
* Call set_avatar_url with target_user, not user_id
Fixes https://github.com/matrix-org/synapse/issues/8871
* Create 8872.bugfix
* Update synapse/rest/admin/users.py
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Testing
* Update changelog.d/8872.bugfix
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
|
|
|
|
|
|
|
|
Authentication is done by checking a shared secret provided
in the Synapse configuration file.
|
|
This is so that we can choose which algorithm to use based on the room ID.
|
|
Pusher URLs now must end in `/_matrix/push/v1/notify` per the
specification.
|
|
Instead return the proper 400 error.
|
|
|
|
|
|
(#8878)
This was broken in #8801.
|
|
This removes the version pin of the `prometheus_client` dependency, in direct response to #8831. If merged, this will close #8831
As far as I can tell, no other changes are needed, but as I'm no synapse expert, I'm |
