summary refs log tree commit diff
path: root/synapse/api/auth (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add stricter mypy options (#15694)Patrick Cloke2023-05-311-1/+1
| | | | Enable warn_unused_configs, strict_concatenate, disallow_subclassing_any, and disallow_incomplete_defs.
* Enforce that an admin token also has the basic Matrix API scopeQuentin Gliech2023-05-301-5/+2
|
* Reject tokens with multiple device scopesQuentin Gliech2023-05-301-6/+24
|
* Make OIDC scope constantsQuentin Gliech2023-05-301-10/+15
|
* Handle errors when introspecting tokensQuentin Gliech2023-05-301-5/+37
| | | | | This returns a proper 503 when the introspection endpoint is not working for some reason, which should avoid logging out clients in those cases.
* Make AS tokens work & allow ASes to /registerQuentin Gliech2023-05-303-83/+88
|
* Add an admin token for MAS -> Synapse callsQuentin Gliech2023-05-301-0/+15
|
* Refactor config to be an experimental featureHugh Nimmo-Smith2023-05-301-25/+28
| | | | Also enforce you can't combine it with incompatible config options
* Actually enforce guest + return www-authenticate headerHugh Nimmo-Smith2023-05-301-2/+16
|
* MSC2967: Check access token scope for use as user and add guest supportHugh Nimmo-Smith2023-05-301-10/+20
|
* Use `name` claim as display name when registering users on the fly.Hugh Nimmo-Smith2023-05-301-1/+8
| | | | | This makes is so that the `name` claim got when introspecting the token is used as the display name when registering a user on the fly.
* Record the `sub` claims as an external_idQuentin Gliech2023-05-301-22/+37
|
* Handle the Synapse admin scopeQuentin Gliech2023-05-301-0/+3
|
* Save the scopes in the requesterQuentin Gliech2023-05-301-0/+1
|
* Initial MSC3964 support: delegation of auth to OIDC serverQuentin Gliech2023-05-301-0/+227
|
* Make the api.auth.Auth a ProtocolQuentin Gliech2023-05-303-0/+817
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-05-02 22:49:27 +0000