From 0ef2315a99859217e319e4cb5a29d88a054952ff Mon Sep 17 00:00:00 2001 From: "Amanda H. L. de Andrade Katz" Date: Fri, 26 Apr 2024 05:44:54 -0300 Subject: Update event_cache_size and global_factor configurations documentation (#17071) ### Pull Request Checklist * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --- docs/usage/configuration/config_documentation.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs') diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index 985f90c8a1..bcd53145f1 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -1317,6 +1317,12 @@ Options related to caching. The number of events to cache in memory. Defaults to 10K. Like other caches, this is affected by `caches.global_factor` (see below). +For example, the default is 10K and the global_factor default is 0.5. + +Since 10K * 0.5 is 5K then the event cache size will be 5K. + +The cache affected by this configuration is named as "*getEvent*". + Note that this option is not part of the `caches` section. Example configuration: @@ -1342,6 +1348,8 @@ number of entries that can be stored. Defaults to 0.5, which will halve the size of all caches. + Note that changing this value also affects the HTTP connection pool. + * `per_cache_factors`: A dictionary of cache name to cache factor for that individual cache. Overrides the global cache factor for a given cache. -- cgit 1.5.1 From 516fd891eeb3cade255298a2239ca607bfbec16a Mon Sep 17 00:00:00 2001 From: Andrew Ferrazzutti Date: Fri, 26 Apr 2024 17:46:42 +0900 Subject: Use recommended endpoint for MSC3266 requests (#17078) Keep the existing endpoint for backwards compatibility Signed-off-by: Andrew Ferrazzutti --- changelog.d/17078.bugfix | 1 + docs/workers.md | 2 +- synapse/rest/client/room.py | 6 ++++++ 3 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 changelog.d/17078.bugfix (limited to 'docs') diff --git a/changelog.d/17078.bugfix b/changelog.d/17078.bugfix new file mode 100644 index 0000000000..286a772a1e --- /dev/null +++ b/changelog.d/17078.bugfix @@ -0,0 +1 @@ +For MSC3266 room summaries, support queries at the recommended endpoint of `/_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}`. The existing endpoint of `/_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summary` is deprecated. diff --git a/docs/workers.md b/docs/workers.md index ab9c1db86b..9a0cc9f2f4 100644 --- a/docs/workers.md +++ b/docs/workers.md @@ -232,7 +232,7 @@ information. ^/_matrix/client/v1/rooms/.*/hierarchy$ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ ^/_matrix/client/v1/rooms/.*/threads$ - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ + ^/_matrix/client/unstable/im.nheko.summary/summary/.*$ ^/_matrix/client/(r0|v3|unstable)/account/3pid$ ^/_matrix/client/(r0|v3|unstable)/account/whoami$ ^/_matrix/client/(r0|v3|unstable)/devices$ diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py index e4c7dd1a58..fb4d44211e 100644 --- a/synapse/rest/client/room.py +++ b/synapse/rest/client/room.py @@ -1442,10 +1442,16 @@ class RoomHierarchyRestServlet(RestServlet): class RoomSummaryRestServlet(ResolveRoomIdMixin, RestServlet): PATTERNS = ( + # deprecated endpoint, to be removed re.compile( "^/_matrix/client/unstable/im.nheko.summary" "/rooms/(?P[^/]*)/summary$" ), + # recommended endpoint + re.compile( + "^/_matrix/client/unstable/im.nheko.summary" + "/summary/(?P[^/]*)$" + ), ) CATEGORY = "Client API requests" -- cgit 1.5.1 From 90cc9e5b29bc6c2433df5e62da1ad8bcb83ac038 Mon Sep 17 00:00:00 2001 From: "Amanda H. L. de Andrade Katz" Date: Fri, 26 Apr 2024 05:52:58 -0300 Subject: Rephrase enable_notifs configuration (#17116) --- changelog.d/17116.doc | 1 + docs/usage/configuration/config_documentation.md | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 changelog.d/17116.doc (limited to 'docs') diff --git a/changelog.d/17116.doc b/changelog.d/17116.doc new file mode 100644 index 0000000000..8712737c05 --- /dev/null +++ b/changelog.d/17116.doc @@ -0,0 +1 @@ +Update enable_notifs configuration documentation. diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index bcd53145f1..0c582d0387 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -676,8 +676,8 @@ This setting has the following sub-options: trailing 's'. * `app_name`: `app_name` defines the default value for '%(app)s' in `notif_from` and email subjects. It defaults to 'Matrix'. -* `enable_notifs`: Set to true to enable sending emails for messages that the user - has missed. Disabled by default. +* `enable_notifs`: Set to true to allow users to receive e-mail notifications. If this is not set, + users can configure e-mail notifications but will not receive them. Disabled by default. * `notif_for_new_users`: Set to false to disable automatic subscription to email notifications for new users. Enabled by default. * `notif_delay_before_mail`: The time to wait before emailing about a notification. -- cgit 1.5.1 From 9c918739220bb548d9e5e5c2f5692c79bd38668d Mon Sep 17 00:00:00 2001 From: villepeh <100730729+villepeh@users.noreply.github.com> Date: Fri, 26 Apr 2024 11:56:20 +0300 Subject: Add RuntimeDirectory to matrix-synapse.service (#17084) This makes it easy to store UNIX sockets with correct permissions. Those would be located in /run/synapse which is the directory used in many examples in Synapse configuration manual. Additionally, the directory and sockets are deleted when Synapse is shut down. --- changelog.d/17084.doc | 1 + docs/systemd-with-workers/system/matrix-synapse.service | 1 + 2 files changed, 2 insertions(+) create mode 100644 changelog.d/17084.doc (limited to 'docs') diff --git a/changelog.d/17084.doc b/changelog.d/17084.doc new file mode 100644 index 0000000000..8b97c81096 --- /dev/null +++ b/changelog.d/17084.doc @@ -0,0 +1 @@ +Add RuntimeDirectory to example matrix-synapse.service systemd unit. diff --git a/docs/systemd-with-workers/system/matrix-synapse.service b/docs/systemd-with-workers/system/matrix-synapse.service index 0c73fb55fb..31ceccb77f 100644 --- a/docs/systemd-with-workers/system/matrix-synapse.service +++ b/docs/systemd-with-workers/system/matrix-synapse.service @@ -9,6 +9,7 @@ ReloadPropagatedFrom=matrix-synapse.target Type=notify NotifyAccess=main User=matrix-synapse +RuntimeDirectory=synapse WorkingDirectory=/var/lib/matrix-synapse EnvironmentFile=-/etc/default/matrix-synapse ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys -- cgit 1.5.1 From 0fd6b269d32340c367a67ee34b963c32da080697 Mon Sep 17 00:00:00 2001 From: devonh Date: Fri, 26 Apr 2024 18:10:45 +0000 Subject: Fix various typos in docs (#17114) ### Pull Request Checklist * [X] Pull request is based on the develop branch * [X] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [X] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --- changelog.d/17114.doc | 1 + docs/admin_api/room_membership.md | 2 +- docs/message_retention_policies.md | 6 +++--- docs/postgres.md | 2 +- docs/setup/installation.md | 4 ++-- docs/usage/administration/admin_api/background_updates.md | 2 +- docs/usage/administration/admin_faq.md | 2 +- docs/user_directory.md | 4 ++-- docs/workers.md | 2 +- 9 files changed, 13 insertions(+), 12 deletions(-) create mode 100644 changelog.d/17114.doc (limited to 'docs') diff --git a/changelog.d/17114.doc b/changelog.d/17114.doc new file mode 100644 index 0000000000..042bd89618 --- /dev/null +++ b/changelog.d/17114.doc @@ -0,0 +1 @@ +Fix various small typos throughout the docs. diff --git a/docs/admin_api/room_membership.md b/docs/admin_api/room_membership.md index 94bc95a8d5..6cbaba3dcc 100644 --- a/docs/admin_api/room_membership.md +++ b/docs/admin_api/room_membership.md @@ -1,6 +1,6 @@ # Edit Room Membership API -This API allows an administrator to join an user account with a given `user_id` +This API allows an administrator to join a user account with a given `user_id` to a room with a given `room_id_or_alias`. You can only modify the membership of local users. The server administrator must be in the room and have permission to invite users. diff --git a/docs/message_retention_policies.md b/docs/message_retention_policies.md index c64d1539b0..01f67c952a 100644 --- a/docs/message_retention_policies.md +++ b/docs/message_retention_policies.md @@ -51,8 +51,8 @@ clients. ## Server configuration -Support for this feature can be enabled and configured by adding a the -`retention` in the Synapse configuration file (see +Support for this feature can be enabled and configured by adding the +`retention` option in the Synapse configuration file (see [configuration manual](usage/configuration/config_documentation.md#retention)). To enable support for message retention policies, set the setting @@ -117,7 +117,7 @@ In this example, we define three jobs: policy's `max_lifetime` is greater than a week. Note that this example is tailored to show different configurations and -features slightly more jobs than it's probably necessary (in practice, a +features slightly more jobs than is probably necessary (in practice, a server admin would probably consider it better to replace the two last jobs with one that runs once a day and handles rooms which policy's `max_lifetime` is greater than 3 days). diff --git a/docs/postgres.md b/docs/postgres.md index 921bae9877..ae34f7689b 100644 --- a/docs/postgres.md +++ b/docs/postgres.md @@ -128,7 +128,7 @@ can read more about that [here](https://www.postgresql.org/docs/10/kernel-resour ### Overview The script `synapse_port_db` allows porting an existing synapse server -backed by SQLite to using PostgreSQL. This is done in as a two phase +backed by SQLite to using PostgreSQL. This is done as a two phase process: 1. Copy the existing SQLite database to a separate location and run diff --git a/docs/setup/installation.md b/docs/setup/installation.md index 9126874d44..ed3e59c470 100644 --- a/docs/setup/installation.md +++ b/docs/setup/installation.md @@ -259,9 +259,9 @@ users, etc.) to the developers via the `--report-stats` argument. This command will generate you a config file that you can then customise, but it will also generate a set of keys for you. These keys will allow your homeserver to -identify itself to other homeserver, so don't lose or delete them. It would be +identify itself to other homeservers, so don't lose or delete them. It would be wise to back them up somewhere safe. (If, for whatever reason, you do need to -change your homeserver's keys, you may find that other homeserver have the +change your homeserver's keys, you may find that other homeservers have the old key cached. If you update the signing key, you should change the name of the key in the `.signing.key` file (the second word) to something different. See the [spec](https://matrix.org/docs/spec/server_server/latest.html#retrieving-server-keys) for more information on key management). diff --git a/docs/usage/administration/admin_api/background_updates.md b/docs/usage/administration/admin_api/background_updates.md index 9f6ac7d567..7b75ee5587 100644 --- a/docs/usage/administration/admin_api/background_updates.md +++ b/docs/usage/administration/admin_api/background_updates.md @@ -44,7 +44,7 @@ For each update: ## Enabled -This API allow pausing background updates. +This API allows pausing background updates. Background updates should *not* be paused for significant periods of time, as this can affect the performance of Synapse. diff --git a/docs/usage/administration/admin_faq.md b/docs/usage/administration/admin_faq.md index 092dcc1c84..0d98f73fb1 100644 --- a/docs/usage/administration/admin_faq.md +++ b/docs/usage/administration/admin_faq.md @@ -241,7 +241,7 @@ in memory constrained environments, or increased if performance starts to degrade. However, degraded performance due to a low cache factor, common on -machines with slow disks, often leads to explosions in memory use due +machines with slow disks, often leads to explosions in memory use due to backlogged requests. In this case, reducing the cache factor will make things worse. Instead, try increasing it drastically. 2.0 is a good starting value. diff --git a/docs/user_directory.md b/docs/user_directory.md index 1271cfb862..be8664a016 100644 --- a/docs/user_directory.md +++ b/docs/user_directory.md @@ -86,9 +86,9 @@ The search term is then split into words: * If unavailable, then runs of ASCII characters, numbers, underscores, and hyphens are considered words. -The queries for PostgreSQL and SQLite are detailed below, by their overall goal +The queries for PostgreSQL and SQLite are detailed below, but their overall goal is to find matching users, preferring users who are "real" (e.g. not bots, -not deactivated). It is assumed that real users will have an display name and +not deactivated). It is assumed that real users will have a display name and avatar set. ### PostgreSQL diff --git a/docs/workers.md b/docs/workers.md index 9a0cc9f2f4..82f4bfc1d1 100644 --- a/docs/workers.md +++ b/docs/workers.md @@ -634,7 +634,7 @@ worker application type. #### Push Notifications -You can designate generic worker to sending push notifications to +You can designate generic workers to send push notifications to a [push gateway](https://spec.matrix.org/v1.5/push-gateway-api/) such as [sygnal](https://github.com/matrix-org/sygnal) and email. -- cgit 1.5.1 From 7ab0f630da0ab16c4d5dc0603695df888e2a7ab0 Mon Sep 17 00:00:00 2001 From: devonh Date: Mon, 29 Apr 2024 15:23:05 +0000 Subject: Apply user `email` & `picture` during OIDC registration if present & selected (#17120) This change will apply the `email` & `picture` provided by OIDC to the new user account when registering a new user via OIDC. If the user is directed to the account details form, this change makes sure they have been selected before applying them, otherwise they are omitted. In particular, this change ensures the values are carried through when Synapse has consent configured, and the redirect to the consent form/s are followed. I have tested everything manually. Including: - with/without consent configured - allowing/not allowing the use of email/avatar (via `sso_auth_account_details.html`) - with/without automatic account detail population (by un/commenting the `localpart_template` option in synapse config). ### Pull Request Checklist * [X] Pull request is based on the develop branch * [X] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [X] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --- changelog.d/17120.bugfix | 1 + docs/sso_mapping_providers.md | 1 + synapse/handlers/sso.py | 10 ++ synapse/rest/synapse/client/pick_username.py | 4 +- tests/rest/client/test_login.py | 204 +++++++++++++++++++++++++-- 5 files changed, 205 insertions(+), 15 deletions(-) create mode 100644 changelog.d/17120.bugfix (limited to 'docs') diff --git a/changelog.d/17120.bugfix b/changelog.d/17120.bugfix new file mode 100644 index 0000000000..85b34c2e98 --- /dev/null +++ b/changelog.d/17120.bugfix @@ -0,0 +1 @@ +Apply user email & picture during OIDC registration if present & selected. diff --git a/docs/sso_mapping_providers.md b/docs/sso_mapping_providers.md index 10c695029f..d6c4e860ae 100644 --- a/docs/sso_mapping_providers.md +++ b/docs/sso_mapping_providers.md @@ -98,6 +98,7 @@ A custom mapping provider must specify the following methods: either accept this localpart or pick their own username. Otherwise this option has no effect. If omitted, defaults to `False`. - `display_name`: An optional string, the display name for the user. + - `picture`: An optional string, the avatar url for the user. - `emails`: A list of strings, the email address(es) to associate with this user. If omitted, defaults to an empty list. * `async def get_extra_attributes(self, userinfo, token)` diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py index 8e39e76c97..f275d4f35a 100644 --- a/synapse/handlers/sso.py +++ b/synapse/handlers/sso.py @@ -169,6 +169,7 @@ class UsernameMappingSession: # attributes returned by the ID mapper display_name: Optional[str] emails: StrCollection + avatar_url: Optional[str] # An optional dictionary of extra attributes to be provided to the client in the # login response. @@ -183,6 +184,7 @@ class UsernameMappingSession: # choices made by the user chosen_localpart: Optional[str] = None use_display_name: bool = True + use_avatar: bool = True emails_to_use: StrCollection = () terms_accepted_version: Optional[str] = None @@ -660,6 +662,9 @@ class SsoHandler: remote_user_id=remote_user_id, display_name=attributes.display_name, emails=attributes.emails, + avatar_url=attributes.picture, + # Default to using all mapped emails. Will be overwritten in handle_submit_username_request. + emails_to_use=attributes.emails, client_redirect_url=client_redirect_url, expiry_time_ms=now + self._MAPPING_SESSION_VALIDITY_PERIOD_MS, extra_login_attributes=extra_login_attributes, @@ -966,6 +971,7 @@ class SsoHandler: session_id: str, localpart: str, use_display_name: bool, + use_avatar: bool, emails_to_use: Iterable[str], ) -> None: """Handle a request to the username-picker 'submit' endpoint @@ -988,6 +994,7 @@ class SsoHandler: # update the session with the user's choices session.chosen_localpart = localpart session.use_display_name = use_display_name + session.use_avatar = use_avatar emails_from_idp = set(session.emails) filtered_emails: Set[str] = set() @@ -1068,6 +1075,9 @@ class SsoHandler: if session.use_display_name: attributes.display_name = session.display_name + if session.use_avatar: + attributes.picture = session.avatar_url + # the following will raise a 400 error if the username has been taken in the # meantime. user_id = await self._register_mapped_user( diff --git a/synapse/rest/synapse/client/pick_username.py b/synapse/rest/synapse/client/pick_username.py index e671774aeb..7d16b796d4 100644 --- a/synapse/rest/synapse/client/pick_username.py +++ b/synapse/rest/synapse/client/pick_username.py @@ -113,6 +113,7 @@ class AccountDetailsResource(DirectServeHtmlResource): "display_name": session.display_name, "emails": session.emails, "localpart": localpart, + "avatar_url": session.avatar_url, }, } @@ -134,6 +135,7 @@ class AccountDetailsResource(DirectServeHtmlResource): try: localpart = parse_string(request, "username", required=True) use_display_name = parse_boolean(request, "use_display_name", default=False) + use_avatar = parse_boolean(request, "use_avatar", default=False) try: emails_to_use: List[str] = [ @@ -147,5 +149,5 @@ class AccountDetailsResource(DirectServeHtmlResource): return await self._sso_handler.handle_submit_username_request( - request, session_id, localpart, use_display_name, emails_to_use + request, session_id, localpart, use_display_name, use_avatar, emails_to_use ) diff --git a/tests/rest/client/test_login.py b/tests/rest/client/test_login.py index 3a1f150082..3fb77fd9dd 100644 --- a/tests/rest/client/test_login.py +++ b/tests/rest/client/test_login.py @@ -20,7 +20,17 @@ # import time import urllib.parse -from typing import Any, Collection, Dict, List, Optional, Tuple, Union +from typing import ( + Any, + BinaryIO, + Callable, + Collection, + Dict, + List, + Optional, + Tuple, + Union, +) from unittest.mock import Mock from urllib.parse import urlencode @@ -34,8 +44,9 @@ import synapse.rest.admin from synapse.api.constants import ApprovalNoticeMedium, LoginType from synapse.api.errors import Codes from synapse.appservice import ApplicationService +from synapse.http.client import RawHeaders from synapse.module_api import ModuleApi -from synapse.rest.client import devices, login, logout, register +from synapse.rest.client import account, devices, login, logout, profile, register from synapse.rest.client.account import WhoamiRestServlet from synapse.rest.synapse.client import build_synapse_client_resource_tree from synapse.server import HomeServer @@ -48,6 +59,7 @@ from tests.handlers.test_saml import has_saml2 from tests.rest.client.utils import TEST_OIDC_CONFIG from tests.server import FakeChannel from tests.test_utils.html_parsers import TestHtmlParser +from tests.test_utils.oidc import FakeOidcServer from tests.unittest import HomeserverTestCase, override_config, skip_unless try: @@ -1421,7 +1433,19 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase): class UsernamePickerTestCase(HomeserverTestCase): """Tests for the username picker flow of SSO login""" - servlets = [login.register_servlets] + servlets = [ + login.register_servlets, + profile.register_servlets, + account.register_servlets, + ] + + def make_homeserver(self, reactor: MemoryReactor, clock: Clock) -> HomeServer: + self.http_client = Mock(spec=["get_file"]) + self.http_client.get_file.side_effect = mock_get_file + hs = self.setup_test_homeserver( + proxied_blocklisted_http_client=self.http_client + ) + return hs def default_config(self) -> Dict[str, Any]: config = super().default_config() @@ -1430,7 +1454,11 @@ class UsernamePickerTestCase(HomeserverTestCase): config["oidc_config"] = {} config["oidc_config"].update(TEST_OIDC_CONFIG) config["oidc_config"]["user_mapping_provider"] = { - "config": {"display_name_template": "{{ user.displayname }}"} + "config": { + "display_name_template": "{{ user.displayname }}", + "email_template": "{{ user.email }}", + "picture_template": "{{ user.picture }}", + } } # whitelist this client URI so we redirect straight to it rather than @@ -1443,15 +1471,22 @@ class UsernamePickerTestCase(HomeserverTestCase): d.update(build_synapse_client_resource_tree(self.hs)) return d - def test_username_picker(self) -> None: - """Test the happy path of a username picker flow.""" - - fake_oidc_server = self.helper.fake_oidc_server() - + def proceed_to_username_picker_page( + self, + fake_oidc_server: FakeOidcServer, + displayname: str, + email: str, + picture: str, + ) -> Tuple[str, str]: # do the start of the login flow channel, _ = self.helper.auth_via_oidc( fake_oidc_server, - {"sub": "tester", "displayname": "Jonny"}, + { + "sub": "tester", + "displayname": displayname, + "picture": picture, + "email": email, + }, TEST_CLIENT_REDIRECT_URL, ) @@ -1478,16 +1513,132 @@ class UsernamePickerTestCase(HomeserverTestCase): ) session = username_mapping_sessions[session_id] self.assertEqual(session.remote_user_id, "tester") - self.assertEqual(session.display_name, "Jonny") + self.assertEqual(session.display_name, displayname) + self.assertEqual(session.emails, [email]) + self.assertEqual(session.avatar_url, picture) self.assertEqual(session.client_redirect_url, TEST_CLIENT_REDIRECT_URL) # the expiry time should be about 15 minutes away expected_expiry = self.clock.time_msec() + (15 * 60 * 1000) self.assertApproximates(session.expiry_time_ms, expected_expiry, tolerance=1000) + return picker_url, session_id + + def test_username_picker_use_displayname_avatar_and_email(self) -> None: + """Test the happy path of a username picker flow with using displayname, avatar and email.""" + + fake_oidc_server = self.helper.fake_oidc_server() + + mxid = "@bobby:test" + displayname = "Jonny" + email = "bobby@test.com" + picture = "mxc://test/avatar_url" + + picker_url, session_id = self.proceed_to_username_picker_page( + fake_oidc_server, displayname, email, picture + ) + + # Now, submit a username to the username picker, which should serve a redirect + # to the completion page. + # Also specify that we should use the provided displayname, avatar and email. + content = urlencode( + { + b"username": b"bobby", + b"use_display_name": b"true", + b"use_avatar": b"true", + b"use_email": email, + } + ).encode("utf8") + chan = self.make_request( + "POST", + path=picker_url, + content=content, + content_is_form=True, + custom_headers=[ + ("Cookie", "username_mapping_session=" + session_id), + # old versions of twisted don't do form-parsing without a valid + # content-length header. + ("Content-Length", str(len(content))), + ], + ) + self.assertEqual(chan.code, 302, chan.result) + location_headers = chan.headers.getRawHeaders("Location") + assert location_headers + + # send a request to the completion page, which should 302 to the client redirectUrl + chan = self.make_request( + "GET", + path=location_headers[0], + custom_headers=[("Cookie", "username_mapping_session=" + session_id)], + ) + self.assertEqual(chan.code, 302, chan.result) + location_headers = chan.headers.getRawHeaders("Location") + assert location_headers + + # ensure that the returned location matches the requested redirect URL + path, query = location_headers[0].split("?", 1) + self.assertEqual(path, "https://x") + + # it will have url-encoded the params properly, so we'll have to parse them + params = urllib.parse.parse_qsl( + query, keep_blank_values=True, strict_parsing=True, errors="strict" + ) + self.assertEqual(params[0:2], EXPECTED_CLIENT_REDIRECT_URL_PARAMS) + self.assertEqual(params[2][0], "loginToken") + + # fish the login token out of the returned redirect uri + login_token = params[2][1] + + # finally, submit the matrix login token to the login API, which gives us our + # matrix access token, mxid, and device id. + chan = self.make_request( + "POST", + "/login", + content={"type": "m.login.token", "token": login_token}, + ) + self.assertEqual(chan.code, 200, chan.result) + self.assertEqual(chan.json_body["user_id"], mxid) + + # ensure the displayname and avatar from the OIDC response have been configured for the user. + channel = self.make_request( + "GET", "/profile/" + mxid, access_token=chan.json_body["access_token"] + ) + self.assertEqual(channel.code, 200, channel.result) + self.assertIn("mxc://test", channel.json_body["avatar_url"]) + self.assertEqual(displayname, channel.json_body["displayname"]) + + # ensure the email from the OIDC response has been configured for the user. + channel = self.make_request( + "GET", "/account/3pid", access_token=chan.json_body["access_token"] + ) + self.assertEqual(channel.code, 200, channel.result) + self.assertEqual(email, channel.json_body["threepids"][0]["address"]) + + def test_username_picker_dont_use_displayname_avatar_or_email(self) -> None: + """Test the happy path of a username picker flow without using displayname, avatar or email.""" + + fake_oidc_server = self.helper.fake_oidc_server() + + mxid = "@bobby:test" + displayname = "Jonny" + email = "bobby@test.com" + picture = "mxc://test/avatar_url" + username = "bobby" + + picker_url, session_id = self.proceed_to_username_picker_page( + fake_oidc_server, displayname, email, picture + ) + # Now, submit a username to the username picker, which should serve a redirect - # to the completion page - content = urlencode({b"username": b"bobby"}).encode("utf8") + # to the completion page. + # Also specify that we should not use the provided displayname, avatar or email. + content = urlencode( + { + b"username": username, + b"use_display_name": b"false", + b"use_avatar": b"false", + } + ).encode("utf8") chan = self.make_request( "POST", path=picker_url, @@ -1536,4 +1687,29 @@ class UsernamePickerTestCase(HomeserverTestCase): content={"type": "m.login.token", "token": login_token}, ) self.assertEqual(chan.code, 200, chan.result) - self.assertEqual(chan.json_body["user_id"], "@bobby:test") + self.assertEqual(chan.json_body["user_id"], mxid) + + # ensure the displayname and avatar from the OIDC response have not been configured for the user. + channel = self.make_request( + "GET", "/profile/" + mxid, access_token=chan.json_body["access_token"] + ) + self.assertEqual(channel.code, 200, channel.result) + self.assertNotIn("avatar_url", channel.json_body) + self.assertEqual(username, channel.json_body["displayname"]) + + # ensure the email from the OIDC response has not been configured for the user. + channel = self.make_request( + "GET", "/account/3pid", access_token=chan.json_body["access_token"] + ) + self.assertEqual(channel.code, 200, channel.result) + self.assertListEqual([], channel.json_body["threepids"]) + + +async def mock_get_file( + url: str, + output_stream: BinaryIO, + max_size: Optional[int] = None, + headers: Optional[RawHeaders] = None, + is_allowed_content_type: Optional[Callable[[str], bool]] = None, +) -> Tuple[int, Dict[bytes, List[bytes]], str, int]: + return 0, {b"Content-Type": [b"image/png"]}, "", 200 -- cgit 1.5.1 From 5b6a75935e560945f69af72e9768bbaac10c9b4f Mon Sep 17 00:00:00 2001 From: jahway603 <64485701+jahway603@users.noreply.github.com> Date: Thu, 2 May 2024 09:57:29 -0400 Subject: upgrade.md: Bump minimum Rust version to 1.66.0 (element-hq#17079) (#17140) upgrade.md: Bump minimum Rust version to 1.66.0 (element-hq#17079) --- changelog.d/17140.doc | 1 + docs/upgrade.md | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 changelog.d/17140.doc (limited to 'docs') diff --git a/changelog.d/17140.doc b/changelog.d/17140.doc new file mode 100644 index 0000000000..2d447ed928 --- /dev/null +++ b/changelog.d/17140.doc @@ -0,0 +1 @@ +Update the upgrade.md with the latest minimum supported Rust version of 1.66.0. Contributed by @jahway603. diff --git a/docs/upgrade.md b/docs/upgrade.md index e7247676d1..99be4122bb 100644 --- a/docs/upgrade.md +++ b/docs/upgrade.md @@ -117,6 +117,14 @@ each upgrade are complete before moving on to the next upgrade, to avoid stacking them up. You can monitor the currently running background updates with [the Admin API](usage/administration/admin_api/background_updates.html#status). +# Upgrading to v1.106.0 + +## Minimum supported Rust version +The minimum supported Rust version has been increased from v1.65.0 to v1.66.0. +Users building from source will need to ensure their `rustc` version is up to +date. + + # Upgrading to v1.100.0 ## Minimum supported Rust version -- cgit 1.5.1