summary refs log tree commit diff
path: root/synapse/handlers/saml_handler.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Clean up exception handling in SAML2ResponseResource (#7614)Richard van der Hoff2020-06-031-30/+11
| | | | | | | | | | | | | * Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string * Clean up exception handling in SAML2ResponseResource * use the existing code in `return_html_error` instead of re-implementing it (giving it a jinja2 template rather than inventing a new form of template) * do the exception-catching in the REST layer rather than in the handler layer, to make sure we catch all exceptions.
* allow emails to be passed through SAML (#7385)Christopher Cooper2020-05-271-2/+10
| | | Signed-off-by: Christopher Cooper <cooperc@ocf.berkeley.edu>
* Add more type hints to SAML handler. (#7445)Patrick Cloke2020-05-071-12/+16
|
* Persist user interactive authentication sessions (#7302)Patrick Cloke2020-04-301-1/+1
| | | | | By persisting the user interactive authentication sessions to the database, this fixes situations where a user hits different works throughout their auth session and also allows sessions to persist through restarts of Synapse.
* Do not allow a deactivated user to login via SSO. (#7240)Patrick Cloke2020-04-091-1/+1
|
* Support SAML in the user interactive authentication workflow. (#7102)Patrick Cloke2020-04-011-10/+41
|
* Allow RedirectResponse in SAML response handlerJason Robinson2020-03-261-0/+4
| | | | | | | | Allow custom SAML handlers to redirect after processing an auth response. Fixes #7149 Signed-off-by: Jason Robinson <jasonr@matrix.org>
* SAML2: render a comprehensible error page if something goes wrongBrendan Abolivier2020-03-101-1/+19
| | | | | | If an error happened while processing a SAML AuthN response, or a client ends up doing a `GET` request to `/authn_response`, then render a customisable error page rather than a confusing error.
* Fix wrong handler being used in SAML handlerBrendan Abolivier2020-03-031-3/+2
|
* Merge pull request #6724 from matrix-org/rav/log_saml_attributesRichard van der Hoff2020-01-171-1/+12
|\ | | | | Log saml assertions rather than the whole response
| * Log saml assertions rather than the whole responseRichard van der Hoff2020-01-161-1/+12
| | | | | | | | | | | | ... since the whole response is huge. We even need to break up the assertions, since kibana otherwise truncates them.
* | Delegate remote_user_id mapping to the saml mapping provider (#6723)Richard van der Hoff2020-01-171-6/+21
|/ | | Turns out that figuring out a remote user id for the SAML user isn't quite as obvious as it seems. Factor it out to the SamlMappingProvider so that it's easy to control.
* Pass client redirect URL into SAML mapping providersRichard van der Hoff2020-01-121-4/+11
|
* Pass the module_api into the SamlMappingProviderRichard van der Hoff2020-01-121-2/+5
| | | | | ... for consistency with other modules, and because we'll need it sooner or later and it will be a pain to introduce later.
* Allow SAML username provider plugins (#6411)Andrew Morgan2019-12-101-28/+170
|
* More better loggingRichard van der Hoff2019-09-201-1/+2
|
* better loggingRichard van der Hoff2019-09-191-0/+2
|
* Record mappings from saml users in an external tableRichard van der Hoff2019-09-131-8/+95
| | | | | | We want to assign unique mxids to saml users based on an incrementing suffix. For that to work, we need to record the allocated mxid in a separate table.
* Address review commentsRichard van der Hoff2019-07-011-5/+7
|
* cleanupsRichard van der Hoff2019-06-271-0/+121
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-08 11:41:49 +0000