summary refs log tree commit diff
path: root/synapse/config/cas.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'v1.27.0rc2' into developPatrick Cloke2021-02-111-7/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.27.0rc2 (2021-02-11) ============================== Features -------- - Further improvements to the user experience of registration via single sign-on. ([\#9297](https://github.com/matrix-org/synapse/issues/9297)) Bugfixes -------- - Fix ratelimiting introduced in v1.27.0rc1 for invites to respect the `ratelimit` flag on application services. ([\#9302](https://github.com/matrix-org/synapse/issues/9302)) - Do not automatically calculate `public_baseurl` since it can be wrong in some situations. Reverts behaviour introduced in v1.26.0. ([\#9313](https://github.com/matrix-org/synapse/issues/9313)) Improved Documentation ---------------------- - Clarify the sample configuration for changes made to the template loading code. ([\#9310](https://github.com/matrix-org/synapse/issues/9310))
| * Backout changes for automatically calculating the public baseurl. (#9313)Patrick Cloke2021-02-111-7/+9
| | | | | | | | This breaks some people's configurations (if their Client-Server API is not accessed via port 443).
* | Combine the CAS & SAML implementations for required attributes. (#9326)Patrick Cloke2021-02-111-2/+30
|/
* Do not require the CAS service URL setting (use public_baseurl instead). (#9199)Patrick Cloke2021-01-261-5/+7
| | | | The current configuration is handled for backwards compatibility, but is considered deprecated.
* Land support for multiple OIDC providers (#9110)Richard van der Hoff2021-01-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | This is the final step for supporting multiple OIDC providers concurrently. First of all, we reorganise the config so that you can specify a list of OIDC providers, instead of a single one. Before: oidc_config: enabled: true issuer: "https://oidc_provider" # etc After: oidc_providers: - idp_id: prov1 issuer: "https://oidc_provider" - idp_id: prov2 issuer: "https://another_oidc_provider" The old format is still grandfathered in. With that done, it's then simply a matter of having OidcHandler instantiate a new OidcProvider for each configured provider.
* Improve the sample config for SSO (OIDC, SAML, and CAS). (#8635)Patrick Cloke2020-10-301-12/+34
|
* cas: support setting display name (#6114)Valérian Rousset2019-10-111-0/+3
| | | Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
* Refactor HomeserverConfig so it can be typechecked (#6137)Amber Brown2019-10-101-0/+2
|
* Don't load the generated config as the default.Richard van der Hoff2019-06-241-1/+1
| | | | It's too confusing.
* Pass config_dir_path and data_dir_path into Config.read_config. (#5522)Richard van der Hoff2019-06-241-1/+1
| | | | | | * Pull config_dir_path and data_dir_path calculation out of read_config_files * Pass config_dir_path and data_dir_path into read_config
* Attempt to make default config more consistentRichard van der Hoff2019-02-191-0/+1
| | | | | | The general idea here is that config examples should just have a hash and no extraneous whitespace, both to make it easier for people who don't understand yaml, and to make the examples stand out from the comments.
* fix typoMatthew Hodgson2017-10-291-1/+1
|
* copyrightsMatthew Hodgson2016-01-071-1/+1
|
* Allow hs to do CAS login completely and issue the client with a login token ↵Steven Hammerton2015-11-051-1/+1
| | | | that can be redeemed for the usual successful login response
* Add service URL to CAS configSteven Hammerton2015-11-041-0/+3
|
* Add config option to disable password loginErik Johnston2015-10-221-1/+2
|
* Default cas_required_attributes to empty dictionarySteven Hammerton2015-10-121-1/+1
|
* Support multiple required attributes in CAS response, and in a nicer config ↵Steven Hammerton2015-10-121-15/+4
| | | | format too
* Allow optional config params for a required attribute and it's value, if ↵Steven Hammerton2015-10-121-0/+15
| | | | specified any CAS user must have the given attribute and the value must equal
* Provide ability to login using CASSteven Hammerton2015-10-101-0/+39