summary refs log tree commit diff
path: root/synapse (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Some refactors around receipts stream (#16426)Erik Johnston2023-10-0413-69/+87
|
* mypy plugin to check `@cached` return types (#14911)David Robertson2023-10-026-21/+72
| | | | | | | | Co-authored-by: David Robertson <davidr@element.io> Co-authored-by: Patrick Cloke <patrickc@matrix.org> Co-authored-by: Erik Johnston <erik@matrix.org> Assert that the return type of callables wrapped in @cached and @cachedList are cachable (aka immutable).
* Remove Python version from `/_synapse/admin/v1/server_version` (#16380)MomentQYC2023-10-021-5/+1
| | | | There's no reason to expose the full Python version over what is frequently a public API.
* Downgrade repl stream time out error to warning (#16401)Erik Johnston2023-09-291-1/+1
| | | | | | This is because if a worker reaches ~100% CPU then everything starts lagging and we hit the log line a lot. When at error we invoke sentry and that has a lot of overhead, which then puts even more pressure on the worker.
* Support rendering some media downloads as inline (#15988)Will Hunt2023-09-291-2/+40
| | | | | Use an `inline` Content-Disposition header when the media is "safe" to display inline (some known text, image, video, audio formats).
* Improve state types. (#16395)Patrick Cloke2023-09-281-3/+2
|
* Add a cache around server ACL checking (#16360)Patrick Cloke2023-09-266-72/+87
| | | | | * Pre-compiles the server ACLs onto an object per room and invalidates them when new events come in. * Converts the server ACL checking into Rust.
* Implement MSC4028: push all encrypted events. (#16361)Patrick Cloke2023-09-262-0/+5
| | | | This unstable push rule is implemented behind an experimental configuration flag.
* Reduce calls to `send_presence_to_destinations` (#16385)Erik Johnston2023-09-261-15/+18
|
* Improve comments in StateGroupBackgroundUpdateStore. (#16383)Patrick Cloke2023-09-251-2/+16
|
* Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14 (#16381)dependabot[bot]2023-09-252-29/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14 Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.21.11 to 2.9.21.14. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-psycopg2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Relax the annotation of Cursor.description See https://github.com/matrix-org/synapse/pull/16343#issuecomment-1726083384 for rationale. * Changelog * Changelog --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Robertson <davidr@element.io>
* Add support for pydantic v2 via pydantic.v1 compat module (#16332)Maxwell G2023-09-2512-15/+105
| | | While maintaining support with pydantic v1.
* Add missing license header. (#16359)Patrick Cloke2023-09-211-0/+13
|
* Convert more cached return values to immutable types (#16356)Patrick Cloke2023-09-209-20/+32
|
* Return immutable objects for cachedList decorators (#16350)Patrick Cloke2023-09-1923-100/+133
|
* Bump ruff from 0.0.286 to 0.0.290 (#16342)dependabot[bot]2023-09-182-13/+2
| | | | | Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Patrick Cloke <patrickc@matrix.org>
* Filter locked users in the admin API (#16328)Hanadi2023-09-183-2/+12
| | | | Co-authored-by: Hanadi Tamimi <hanadi.tamimi@sdui.de>
* Make cached account data/tags/admin types immutable (#16325)Patrick Cloke2023-09-188-50/+54
|
* Return an immutable value from get_latest_event_ids_in_room. (#16326)Patrick Cloke2023-09-185-15/+14
|
* Additional validation of receipts (#16327)Patrick Cloke2023-09-183-4/+26
| | | | Reject invalid receipts with a reasonable error message & expands tests for receipts.
* Set email charset as utf-8 rather than utf8 (#16329)José Joaquín Atria2023-09-181-2/+2
|
* Add automatic purge after all users forget a room (#15488)Mathieu Velten2023-09-158-427/+368
| | | | | | Also add restore of purge/shutdown rooms after a synapse restart. Co-authored-by: Eric Eastwood <erice@matrix.org> Co-authored-by: Erik Johnston <erikj@matrix.org>
* Convert `_insert_graph_receipts_txn` to `simple_upsert` (#16299)Jason Little2023-09-152-14/+12
|
* Only use literal strings for process names (#16315)Erik Johnston2023-09-153-14/+10
|
* Some minor performance fixes for task schedular (#16313)Erik Johnston2023-09-144-34/+94
|
* Speed up deleting to-device messages task (#16318)Erik Johnston2023-09-141-13/+14
|
* Refactor `get_user_by_id` (#16316)Erik Johnston2023-09-1411-96/+74
|
* Remove a reference cycle in background process (#16314)Erik Johnston2023-09-131-1/+20
|
* Fix using dehydrated devices (MSC2697) & refresh tokens (#16288)Hanadi2023-09-132-3/+24
| | | | | Refresh tokens were not correctly moved to the rehydrated device (similar to how the access token is currently handled). This resulted in invalid refresh tokens after rehydration.
* Use StrCollection in additional places. (#16301)Patrick Cloke2023-09-1315-67/+58
|
* Don't schedule an async task on every sync (#16312)Erik Johnston2023-09-131-11/+26
|
* Fix deleting device inbox when using background worker (#16311)Erik Johnston2023-09-131-31/+31
| | | | | Introduced in #16240 The action for the task was only defined on the "master" handler, rather than the base worker one.
* Improve logging of replication (#16309)Erik Johnston2023-09-132-2/+7
|
* Bump mypy from 1.4.1 to 1.5.1. (#16300)Patrick Cloke2023-09-121-8/+2
|
* Stop purging tables which are slated for removal. (#16273)Patrick Cloke2023-09-122-5/+5
|
* Refactor storing of server keys (#16261)Erik Johnston2023-09-122-175/+79
|
* Add the List-Unsubscribe header for notification emails. (#16274)Patrick Cloke2023-09-113-6/+54
| | | | | | | | Adds both the List-Unsubscribe (RFC2369) and List-Unsubscribe-Post (RFC8058) headers to push notification emails, which together should: * Show an "Unsubscribe" link in the MUA UI when viewing Synapse notification emails. * Enable "one-click" unsubscribe (the user never leaves their MUA, which automatically makes a POST request to the specified endpoint).
* Filter out down hosts when retrying fetching device lists (#16298)Erik Johnston2023-09-111-1/+14
|
* Improve type hints for attrs classes (#16276)David Robertson2023-09-086-39/+36
|
* Update ruff config (#16283)Patrick Cloke2023-09-084-8/+1
| | | Enable additional checks & clean-up unneeded configuration.
* Log values at DEBUG level with execute_values (#16281)David Robertson2023-09-081-2/+3
|
* Fix bug with new task scheduler using lots of CPU. (#16278)Erik Johnston2023-09-081-21/+22
| | | | | Using the new `TaskScheduler` meant that we'ed create lots of new metrics (due to adding task ID to the desc of background process), resulting in requests for metrics taking an increasing amount of CPU.
* Avoid temporary storage of sensitive information. (#16272)Patrick Cloke2023-09-081-2/+2
| | | | During the UI auth process, avoid storing sensitive information into the database.
* Reduce CPU overhead of change password endpoint (#16264)Erik Johnston2023-09-081-58/+54
|
* Recheck if remote device is cached before requesting it (#16252)Erik Johnston2023-09-073-17/+34
| | | | This fixes a bug where we could get stuck re-requesting the device over replication again and again.
* Add `/notifications` endpoint to workers (#16265)Erik Johnston2023-09-073-37/+39
|
* Send the opentracing span information to appservices (#16227)Marcel2023-09-061-8/+24
|
* Handle "registration_enabled" parameter for CAS (#16262)Aurélien Grimpard2023-09-062-0/+5
| | | | Similar to OIDC, CAS providers can now disable registration such that only existing users are able to login via SSO.
* Merge remote-tracking branch 'origin/release-v1.92' into developPatrick Cloke2023-09-068-202/+10
|\
| * Merge remote-tracking branch 'origin/release-v1.91' into release-v1.92Patrick Cloke2023-09-067-199/+6
| |\
| | * Revert MSC3861 introspection cache, admin impersonation and account lock ↵Quentin Gliech2023-09-067-199/+6
| | | | | | | | | | | | (#16258)
| | * Fix typo where we ended up with multiple `WorkerLocksHandler` (#16220)Erik Johnston2023-09-011-0/+1
| | | | | | | | | | | | | | | I don't think has caused any actual issues. Introduced in #15891
| * | Fix incorrect docstring for Ratelimiter. (#16255)Patrick Cloke2023-09-051-3/+4
| | |
* | | Add the ability to use `G` (GiB) and `T` (TiB) suffixes in configuration ↵reivilibre2023-09-061-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | options that refer to numbers of bytes. (#16219) * Add more suffixes to `parse_size` * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | | Allow modules to delete rooms. (#15997)reivilibre2023-09-064-6/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow user_id to be optional for room deletion * Add module API method to delete a room * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Don't worry about the case block=True && requester_user_id is None --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | | Delete device messages asynchronously and in staged batches (#16240)Mathieu Velten2023-09-0611-37/+106
| | |
* | | Fix appservices being unable to handle to_device messages for multiple users ↵Will Hunt2023-09-051-1/+1
| | | | | | | | | | | | (#16251)
* | | Add MSC4040 `matrix-fed` service lookups (#16137)Travis Ralston2023-09-051-5/+24
| | |
* | | Fix bug where we kept re-requesting a remote server's key repeatedly. (#16257)Erik Johnston2023-09-051-6/+11
| | | | | | | | | | | | | | | * Correctly handle multiple rows per server/key * Newsfile
* | | Time out busy presence status & test multi-device busy (#16174)Patrick Cloke2023-09-051-1/+18
| | | | | | | | | | | | | | | | | | | | | Add a (long) timeout to when a "busy" device is considered not online. This does *not* match MSC3026, but is a reasonable thing for an implementation to do. Expands tests for the (unstable) busy presence with multiple devices.
* | | Track presence state per-device and combine to a user state. (#16066)Patrick Cloke2023-09-052-51/+271
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tracks presence on an individual per-device basis and combine the per-device state into a per-user state. This should help in situations where a user has multiple devices with conflicting status (e.g. one is syncing with unavailable and one is syncing with online). The tie-breaking is done by priority: BUSY > ONLINE > UNAVAILABLE > OFFLINE
* | | Bump twisted from 22.10.0 to 23.8.0 (#16235)dependabot[bot]2023-09-053-9/+5
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Bump twisted from 22.10.0 to 23.8.0 Bumps [twisted](https://github.com/twisted/twisted) from 22.10.0 to 23.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.10.0...twisted-23.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Fix types * Fix lint * Newsfile --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* | Don't wake up destination transaction queue if they're not due for retry. ↵Erik Johnston2023-09-0411-67/+161
| | | | | | | | (#16223)
* | Add last_seen_ts to the admin users API (#16218)Mathieu Velten2023-09-046-2/+16
| |
* | Don't reset retry timers on "valid" error codes (#16221)Erik Johnston2023-09-043-3/+27
| |
* | Cache device resync requests over replication (#16241)David Robertson2023-09-041-1/+1
| |
* | Fix typo where we ended up with multiple `WorkerLocksHandler` (#16220)Erik Johnston2023-09-011-0/+1
| | | | | | | | | | I don't think has caused any actual issues. Introduced in #15891
* | Log the details of background update failures (#16212)David Robertson2023-09-011-2/+2
| |
* | Gracefully handle failing to thumbnail images (#16211)Erik Johnston2023-08-302-1/+9
| |
* | Fix rare bug that broke looping calls (#16210)Erik Johnston2023-08-301-14/+22
| | | | | | | | | | | | | | | | | | | | * Fix rare bug that broke looping calls We can't interact with the reactor from the main thread via looping call. Introduced in v1.90.0 / #15791. * Newsfile
* | Stop writing to the event_txn_id table (#16175)Patrick Cloke2023-08-304-84/+21
| |
* | Describe which rate limiter was hit in logs (#16135)David Robertson2023-08-3014-92/+150
| |
* | Track currently syncing users by device for presence (#16172)Patrick Cloke2023-08-293-63/+128
| | | | | | | | | | | | | | Refactoring to use both the user ID & the device ID when tracking the currently syncing users in the presence handler. This is done both locally and over replication. Note that the device ID is discarded but will be used in a future change.
* | Bump mypy-zope & mypy. (#16188)Patrick Cloke2023-08-294-14/+32
| |
* | Bump ruff from 0.0.277 to 0.0.286 (#16198)dependabot[bot]2023-08-2917-33/+47
| | | | | | | | Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* | Support IPv6-only SMTP servers (#16155)Evilham2023-08-291-17/+11
| | | | | | | | Use Twisted HostnameEndpoint to connect to SMTP servers (instead of connectTCP/connectSSL) which properly supports IPv6-only servers.
* | Fix inaccurate error message while trying to ban or unban a user with the ↵Chen Zhang2023-08-291-1/+7
| | | | | | | | same or higher PL (#16205)
* | Pass the device ID around in the presence handler (#16171)Patrick Cloke2023-08-289-19/+63
| | | | | | | | | | | | Refactoring to pass the device ID (in addition to the user ID) through the presence handler (specifically the `user_syncing`, `set_state`, and `bump_presence_active_time` methods and their replication versions).
* | Combine logic about not overriding BUSY presence. (#16170)Patrick Cloke2023-08-282-97/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | Simplify some of the presence code by reducing duplicated code between worker & non-worker modes. The main change is to push some of the logic from `user_syncing` into `set_state`. This is done by passing whether the user is setting the presence via a `/sync` with a new `is_sync` flag to `set_state`. If this is `true` some additional logic is performed: * Don't override `busy` presence. * Update the `last_user_sync_ts`. * Never update the status message.
* | Task scheduler: add replication notify for new task to launch ASAP (#16184)Mathieu Velten2023-08-283-49/+73
| |
* | Prepare unit tests for Python 3.12 (#16099)V024602023-08-251-0/+1
| |
* | Validate input to POST /key/v2/query endpoint. (#16183)Patrick Cloke2023-08-251-10/+29
| | | | | | To avoid 500 internal server errors with garbage input.
* | Send proper JSON POST data to /publicRooms (#16185)Patrick Cloke2023-08-251-10/+6
| | | | | | | | The include_all_networks was previously sent in the JSON body as string "true" and "false" instead of boolean true and false.
* | Add configuration setting for CAS protocol version (#15816)Aurélien Grimpard2023-08-242-2/+17
| |
* | Fix typechecking with twisted trunk (#16121)David Robertson2023-08-243-26/+27
| |
* | Add `Retry-After` to M_LIMIT_EXCEEDED error responses (#16136)Will Hunt2023-08-242-1/+18
| | | | | | Implements MSC4041 behind an experimental configuration flag.
* | Stabilize support for MSC3958 (suppress notifications from edits). (#16113)Patrick Cloke2023-08-232-6/+0
|/
* Fix rare deadlock when using read/write locks (#16169) github/release-v1.91.0 release-v1.91.0Erik Johnston2023-08-232-37/+71
|
* Filter out unwanted user_agents from udv. (#16124)Neil Johnson2023-08-231-0/+5
|
* Fix rare deadlock when using read/write locks (#16133)Erik Johnston2023-08-231-0/+37
|
* Reduce DB contention on worker locks (#16160)Erik Johnston2023-08-231-0/+37
|
* Always update `retry_last_ts` (#16164)Erik Johnston2023-08-231-3/+3
|
* Task scheduler: mark task as active if we are scheduling ASAP (#16165)Mathieu Velten2023-08-232-2/+4
|
* Properly update retry_last_ts when hitting the maximum retry interval (#16156)DeepBlueV7.X2023-08-231-1/+3
| | | | | | | | | | | | | | | | | | | | | * Properly update retry_last_ts when hitting the maximum retry interval This was broken in 1.87 when the maximum retry interval got changed from almost infinite to a week (and made configurable). fixes #16101 Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de> * Add changelog * Change fix + add test * Add comment --------- Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de> Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
* Only lock when we're backfilling (#16159)Erik Johnston2023-08-232-146/+156
|
* Increase perf of read/write locks (#16149)Erik Johnston2023-08-231-0/+30
| | | We do this by marking the tables as `UNLOGGED` in PostgreSQL.
* Fix perf of `wait_for_stream_positions` (#16148)Erik Johnston2023-08-221-7/+12
|
* Disable `m.3pid_changes` capability when MSC3861 is enabled. (#16134)Mathieu Velten2023-08-222-1/+16
|
* Add an admin endpoint to allow authorizing server to signal token ↵Shay2023-08-227-0/+127
| | | | revocations (#16125)
* Disallow user_consent where experimental MSC3861 is enabled (#16127)Hugh Nimmo-Smith2023-08-221-0/+7
|
* Add `client_secret_path` as alternative for `client_secret` for OIDC config ↵Maximilian Bosch2023-08-211-1/+15
| | | | (#16030)
* Implements a task scheduler for resumable potentially long running tasks ↵Mathieu Velten2023-08-218-1/+644
| | | | (#15891)
* Speed up state res in rare case we don't have all events (#16116)Erik Johnston2023-08-181-23/+161
| | | | | | | If we don't have all the auth events in a room then not all state events will have a chain cover index. Even so, we can still use the chain cover index on the events that do have it, rather than bailing and using the slower functions. This situation should not arise for newly persisted rooms, as we check we have the full auth chain for each event, but can happen for existing rooms. c.f. #15245
* MSC3861: allow impersonation by an admin using a query param (#16132)Mathieu Velten2023-08-181-3/+22
|
* Allow filtering for admins in the list accounts admin API (#16114)Alexander Fechler2023-08-182-0/+13
|
* Add response time metrics for introspection requests (#16131)Erik Johnston2023-08-181-7/+27
| | | See #16119
* Add cache to `get_server_keys_json_for_remote` (#16123)Erik Johnston2023-08-183-63/+120
|
* Cache token introspection response from OIDC provider (#16117)Shay2023-08-171-2/+38
|
* Fix database performance of read/write worker locks (#16061)Erik Johnston2023-08-171-52/+35
| | | | | | | We were seeing serialization errors when taking out multiple read locks. The transactions were retried, so isn't causing any failures. Introduced in #15782.
* Override global statement timeout when creating indexes in Postgres (#16085)Shay2023-08-171-0/+12
|
* Disable caching in /sync corner case (#16080)Matthew Ma2023-08-171-10/+10
| | | Fixes #15502
* Rename pagination&purge locks and add comments explaining them (#16112)Mathieu Velten2023-08-167-19/+28
|
* Attempt to fix twisted trunk (#16115)David Robertson2023-08-151-1/+3
|
* Run pyupgrade for python 3.7 & 3.8. (#16110)Patrick Cloke2023-08-1521-71/+62
|
* Allow customizing IdP name and icon for SAML and CAS (#16094)Gabriel Rodríguez2023-08-114-10/+22
|
* Add linearizer on user ID to push rule PUT/DELETE requests (#16052)Nick Mills-Barrett2023-08-111-6/+22
| | | | | See: #16053 Signed off by Nick @ Beeper (@Fizzadar)
* Fix the type annotation on `run_db_interaction` in the Module API. (#16089)reivilibre2023-08-101-2/+2
| | | | | | | | | | | * Fix the method signature of `run_db_interaction` on the module API * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Clean-up presence code (#16092)Patrick Cloke2023-08-101-94/+75
| | | | | | | | Misc. clean-ups to: * Use keyword arguments. * Return early (reducing indentation) of some functions. * Removing duplicated / unused code. * Use wrap_as_background_process.
* Implements admin API to lock an user (MSC3939) (#15870)Mathieu Velten2023-08-1013-10/+144
|
* Support MSC3814: Dehydrated Devices Part 2 (#16010)Shay2023-08-085-90/+174
|
* Allow modules to schedule delayed background calls. (#15993)reivilibre2023-08-081-0/+41
| | | | | | | | | | | | | | | * Add a module API function to provide `call_later` * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Add comments * Update version number --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Remove old rows from the `cache_invalidation_stream_by_instance` table ↵reivilibre2023-08-081-0/+130
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | automatically. (This table is not used when Synapse is configured to use SQLite.) (#15868) * Add a cache invalidation clean-up task * Run the cache invalidation stream clean-up on the background worker * Tune down * call_later is in millis! * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * fixup! Add a cache invalidation clean-up task * Update synapse/storage/databases/main/cache.py Co-authored-by: Eric Eastwood <erice@element.io> * Update synapse/storage/databases/main/cache.py Co-authored-by: Eric Eastwood <erice@element.io> * MILLISEC -> MS * Expand on comment * Move and tweak comment about Postgres * Use `wrap_as_background_process` --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Eric Eastwood <erice@element.io>
* Fix endpoint improperly declaring support for MSC3814 (#16068)Shay2023-08-071-10/+8
|
* Drop backwards compat hack for event serialization (#16069)Shay2023-08-071-11/+1
|
* Fix deletion for Dehydrated Devices (#16046)Shay2023-08-042-4/+26
|
* Stabilize support for MSC3970: updated transaction semantics (scope to ↵Patrick Cloke2023-08-048-59/+47
| | | | | | | `device_id`) (#15629) For now this maintains compatible with old Synapses by falling back to using transaction semantics on a per-access token. A future version of Synapse will drop support for this.
* Move support for application service query parameter authorization behind a ↵Shay2023-08-032-9/+33
| | | | configuration option (#16017)
* Allow config of the backoff algorithm for the federation client. (#15754)Mathieu Velten2023-08-032-13/+34
| | | | | | | | | | | Adds three new configuration variables: * destination_min_retry_interval is identical to before (10mn). * destination_retry_multiplier is now 2 instead of 5, the maximum value will be reached slower. * destination_max_retry_interval is one day instead of (essentially) infinity. Capping this will cause destinations to continue to be retried sometimes instead of being lost forever. The previous value was 2 ^ 62 milliseconds.
* Allow modules to check whether the current worker is configured to run ↵reivilibre2023-08-031-0/+12
| | | | background tasks. (#15991)
* Add forward-compatibility for the redacts property (MSC2174). (#16013)Patrick Cloke2023-08-021-8/+10
| | | | | | | | The location of the redacts field changes in room version 11. Ensure it is copied to the *new* location for *old* room versions for forwards-compatibility with clients. Note that copying it to the *old* location for the *new* room version was previously handled.
* Properly setup the additional sequences in the portdb script. (#16043)Patrick Cloke2023-08-011-3/+15
| | | | | The un_partial_stated_event_stream_sequence and application_services_txn_id_seq were never properly configured in the portdb script, resulting in an error on start-up.
* Trim whitespace when setting display names (#16031)Mohit Rathee2023-08-011-1/+1
|
* Add metrics tracking for eviction to ResponseCache (#16028)Jason Little2023-08-011-2/+8
| | | | Track whether the ResponseCache is evicting due to invalidation or due to time.
* Combine duplicated code for calculating an event ID from a txn ID (#16023)Patrick Cloke2023-07-312-32/+35
| | | | Refactoring related to stabilization of MSC3970, refactor to combine code which has the same logic.
* Add ability to wait for locks and add locks to purge history / room deletion ↵Erik Johnston2023-07-3112-106/+654
| | | | | (#15791) c.f. #13476
* Clarify comment on key uploads over replication (#16016)Shay2023-07-271-2/+2
|
* Fix 404 on /profile when the display name is empty but not the avatar (#16012)Mathieu Velten2023-07-271-1/+1
|
* Remove support for legacy application service paths (#15964)Shay2023-07-261-71/+11
|
* Inline SQL queries using boolean parameters (#15525)Anshul Madnawat2023-07-267-25/+23
| | | | SQLite now supports TRUE and FALSE constants, simplify some queries by inlining those instead of passing them as arguments.
* Bump DB version to 79 since synapse v1.88 was already there (#15998)Mathieu Velten2023-07-266-16/+21
|
* Support MSC3814: Dehydrated Devices (#15929)Shay2023-07-244-9/+356
| | | | | | Signed-off-by: Nicolas Werner <n.werner@famedly.com> Co-authored-by: Nicolas Werner <n.werner@famedly.com> Co-authored-by: Nicolas Werner <89468146+nico-famedly@users.noreply.github.com> Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
* Resync stale devices in background (#15975)Erik Johnston2023-07-241-1/+8
| | | | This is so we don't block responding to federation transaction while we try and fetch the device lists.
* Properly handle redactions of creation events (#15973)Shay2023-07-231-3/+5
|
* Actually stop reading from column `user_id` of tables `profiles` (#15955)Shay2023-07-233-11/+10
|
* Speed up updating state in large rooms (#15971)Erik Johnston2023-07-204-131/+140
| | | This should speed up updating state in rooms with lots of state.
* Don't log exceptions for every non-200 response (#15969)Erik Johnston2023-07-201-4/+0
| | | Introduced in #15913
* Reduce the amount of state we pull out (#15968)Erik Johnston2023-07-203-12/+13
|
* Ensure a long state res does not starve CPU (#15960)Erik Johnston2023-07-191-1/+8
| | | We do this by yielding the reactor in hot loops.
* Fix bad merge of #15933 (#15958)Erik Johnston2023-07-192-0/+0
| | | This was because we reverted the bump of the schema version, so we were not applying the new deltas.
* Fix race in triggers for read/write locks. (#15933)Erik Johnston2023-07-194-98/+134
|
* Fix background schema updates failing over a large upgrade gap (#15887)Shay2023-07-181-0/+70
|
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2023-07-187-122/+16
|\
| * Revert "Stop writing to column `user_id` of tables `profiles` and ↵Shay2023-07-187-122/+16
| | | | | | | | | | | | | | | | | | `user_filters`. (#15953) * Revert "Stop writing to column `user_id` of tables `profiles` and `user_filters` (#15787)" This reverts commit f25b0f88081bb436bef914983cff7087b54eba5f. * newsfragement
* | Support room version 11 (#15912)Patrick Cloke2023-07-1815-271/+155
| | | | | | | | | | And fix a bug in the implementation of the updated redaction format (MSC2174) where the top-level redacts field was not properly added for backwards-compatibility.
* | Add a locality to a few presence metrics (#15952)Jason Little2023-07-181-13/+24
| |
* | Re-introduce the outbound federation proxy (#15913)Eric Eastwood2023-07-1812-50/+681
| | | | | | | | | | Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`). This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
* | Stop accepting 'user' parameter for application service registration. (#15928)Patrick Cloke2023-07-131-8/+4
| | | | | | This is unspecced, but has existed for a very long time.
* | Remove unneeded __init__. (#15926)Patrick Cloke2023-07-121-9/+0
| | | | | | | | Remove an __init__ which only calls super() without changing the input arguments.
* | Fix running with an empty experimental features section. (#15925)Patrick Cloke2023-07-121-1/+1
| |
* | Fix push for invites received over federation (#15820)Erik Johnston2023-07-121-1/+36
| |
* | Mark get_user_in_directory private since only used in tests (#15884)Mathieu Velten2023-07-121-8/+1
| |
* | Better warning in logs when we fail to fetch an alias (#15922)Eric Eastwood2023-07-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | **Before:** ``` Error retrieving alias ``` **After:** ``` Error retrieving alias #foo:bar -> 401 Unauthorized ``` *Spawning from creating the [manual testing strategy for the outbound federation proxy](https://github.com/matrix-org/synapse/pull/15773).*
* | Unix Sockets for HTTP Replication (#15708)Jason Little2023-07-113-19/+58
| | | | | | | | | | | | | | | | | | Unix socket support for `federation` and `client` Listeners has existed now for a little while(since [1.81.0](https://github.com/matrix-org/synapse/pull/15353)), but there was one last hold out before it could be complete: HTTP Replication communication. This should finish it up. The Listeners would have always worked, but would have had no way to be talked to/at. --------- Co-authored-by: Eric Eastwood <madlittlemods@gmail.com> Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Eric Eastwood <erice@element.io>
* | Add + as an allowed character for Matrix IDs (MSC4009) (#15911)Patrick Cloke2023-07-115-33/+11
|/
* Add `Server` to Access-Control-Expose-Headers header (#15908)Michael Telatynski2023-07-111-1/+1
|
* Make the media `/upload` tracing less ambiguous (#15888)Eric Eastwood2023-07-102-42/+61
| | | | | | | | | | A lot of the functions have the same name in this space like `store_file`, and we also do it multiple times for different reasons (main media repo, other storage providers, thumbnails, etc) so it's good to differentiate them so your head doesn't explode. Follow-up to https://github.com/matrix-org/synapse/pull/15850 Tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
* Revert "Federation outbound proxy" (#15910)Eric Eastwood2023-07-1010-546/+46
| | | | | | Revert "Federation outbound proxy (#15773)" This reverts commit b07b14b494ae1dd564b4c44f844c9a9545b3d08a.
* Fix downgrading to previous version of Synapse (#15907)Erik Johnston2023-07-103-4/+17
| | | We do this by marking the constraint as deferrable.
* Stop writing to column `user_id` of tables `profiles` and `user_filters` ↵Shay2023-07-077-16/+122
| | | | (#15787)
* Remove `worker_replication_*` deprecated settings, with helpful errors on ↵Jason Little2023-07-071-21/+29
| | | | | | startup (#15860) Co-authored-by: reivilibre <oliverw@matrix.org>
* Update link to the clients webpage, fix #15825 (#15874)sarthak shah2023-07-061-1/+1
|
* Federation outbound proxy (#15773)Eric Eastwood2023-07-0510-46/+546
| | | | | | | Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`). This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world. The original code is from @erikjohnston's branches which I've gotten in-shape to merge.
* Remove support for Python 3.7 (#15851)Eric Eastwood2023-07-052-6/+3
| | | Fix https://github.com/matrix-org/synapse/issues/15836
* Add basic read/write lock (#15782)Erik Johnston2023-07-054-57/+447
|
* Add tracing to media `/upload` endpoint (#15850)Eric Eastwood2023-07-056-0/+26
| | | Add tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
* Fix could not serialize access due to concurrent `DELETE` from ↵Jason Little2023-07-051-1/+6
| | | | | | | presence_stream (#15826) * Change update_presence to have a isolation level of READ_COMMITTED * changelog
* Add foreign key constraint to `event_forward_extremities`. (#15751)Erik Johnston2023-07-056-7/+440
|
* use Image.LANCZOS instead of Image.ANTIALIAS for thumbnail resize (#15876)an0nfunc2023-07-051-1/+1
| | | | | Image.ANTIALIAS is not defined in current pillow releases. Since ANTIALIAS was just using LANCZOS anyways, this is just a cosmetic change, but makes synapse work with most recent pillow releases. Signed-off-by: Giovanni Harting <539@idlegandalf.com>
* Add not_user_type param to the list accounts admin API (#15844)Michael Weimann2023-07-042-0/+46
| | | Signed-off-by: Michael Weimann <michaelw@element.io>
* devices: use combined ANY clause for faster cleanup (#15861)pacien2023-07-031-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Old device entries for the same user were being removed in individual SQL commands, making the batch take way longer than necessary. This combines the commands into a single one with a IN/ANY clause. Example of log entry before the change, regularly observed with "log_min_duration_statement = 10000" in PostgreSQL's config: LOG: duration: 42538.282 ms statement: DELETE FROM device_lists_stream WHERE user_id = '@someone' AND device_id = 'someid1' AND stream_id < 123456789 ; DELETE FROM device_lists_stream WHERE user_id = '@someone' AND device_id = 'someid2' AND stream_id < 123456789 ; [repeated for each device ID of that user, potentially a lot...] With the patch applied on my instance for the past couple of days, I no longer notice overly long statements of that particular kind. Signed-off-by: pacien <pacien.trangirard@pacien.net>
* Add a timeout that aborts any Postgres statement taking more than 1 hour. ↵reivilibre2023-07-031-0/+13
| | | | | | | | | | | | | (#15853) * Add a timeout to Postgres statements * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Fix sqlite `user_filters` upgrade (#15817)Shay2023-06-273-3/+91
|
* Add login spam checker API (#15838)Erik Johnston2023-06-264-4/+142
|
* Fix forgotten rooms missing in initial sync (#15815)Nicolas Werner2023-06-211-0/+13
| | | | | | | | If you leave a room and forget it, then rejoin it, the room would be missing from the next initial sync. fixes #13262 Signed-off-by: Nicolas Werner <n.werner@famedly.com>
* Fix harmless exception in port DB script (#15814)Erik Johnston2023-06-211-0/+3
| | | | | | | The port DB script would try and run database background tasks, which could fail if the data they acted on was in the process of being ported. These exceptions were non fatal. Fixes #15789
* Allow for the configuration of max request retries and min/max retry delays ↵Mathieu Velten2023-06-212-21/+54
| | | | in the matrix federation client (#15783)
* Switch from `matrix://` to `matrix-federation://` scheme for internal ↵Eric Eastwood2023-06-202-7/+16
| | | | | | | Synapse routing of outbound federation traffic (#15806) `matrix://` is a registered specced scheme nowadays and doesn't make sense for our internal to Synapse use case anymore. ([discussion] (https://github.com/matrix-org/synapse/pull/15773#discussion_r1227598679))
* Remove experimental MSC2716 implementation to incrementally import history ↵Eric Eastwood2023-06-1621-1582/+35
| | | | | | | | | | | | into existing rooms (#15748) Context for why we're removing the implementation: - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1487441010 - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1504262734 Anyone wanting to continue MSC2716, should also address these leftover tasks: https://github.com/matrix-org/synapse/issues/10737 Closes https://github.com/matrix-org/synapse/issues/10737 in the fact that it is not longer necessary to track those things.
* Don't always lock "user_ips" table when performing non-native upsert (#15788)Andrew Morgan2023-06-161-1/+1
|
* push rules: fix internal conversion from _type to value (#15781)Mathieu Velten2023-06-161-15/+11
| | | Also fix wrong rule names for `is_user_mention` and `is_room_mention`.
* Regularly try to wake up dests instead of waiting for next PDU/EDU (#15743)Mathieu Velten2023-06-161-18/+16
|
* Fix unsafe hotserving behaviour for non-multimedia uploads. (#15680)Josh Qou2023-06-151-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix unsafe hotserving behaviour for non-multimedia uploads. * invert disposition assert * test_media_storage.py: run lint * test_base.py: /inline/attachment/s * Only return attachment for disposition type, update tests * Update synapse/media/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Update changelog.d/15680.bugfix Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * add attribution * Update changelog. --------- Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Fix joining rooms through aliases where the alias server isn't a real ↵Tulir Asokan2023-06-141-1/+1
| | | | homeserver (#15776)
* Merge branch 'release-v1.86' into developMathieu Velten2023-06-143-23/+10
|\
| * Revert "Allow for the configuration of max request retries and min/max retry ↵Mathieu Velten2023-06-142-22/+9
| | | | | | | | | | | | delays in the matrix federation client (#12504)" This reverts commit d84e66144dc12dacf71c987a2ba802dd59c0b68e.
| * Fix empty scope when having version mismatch between workers (#15774)Mathieu Velten2023-06-141-1/+1
| |
* | Prefill events after invalidate not before when persisting events (#15758)Jason Little2023-06-143-5/+20
| | | | | | | | | | Fixes #15757
* | Document `looping_call()` functionality that will wait for the given ↵Eric Eastwood2023-06-131-0/+5
| | | | | | | | | | | | | | function to finish before scheduling another (#15772) Thanks to @erikjohnston for clarifying, https://github.com/matrix-org/synapse/pull/15743#discussion_r1226544457 We don't have to worry about calls stacking up if the given function takes longer than the scheduled time.
* | Replace `EventContext` fields `prev_group` and `delta_ids` with field ↵Shay2023-06-132-52/+112
| | | | | | | | `state_group_deltas` (#15233)
* | Fix MSC3983 support: only one OTK per device was returned through federation ↵Mathieu Velten2023-06-131-1/+3
| | | | | | | | (#15770)
* | Avoid backfill when we already have messages to return (#15737)Eric Eastwood2023-06-131-22/+115
| | | | | | | | | | We now only block the client to backfill when we see a large gap in the events (more than 2 events missing in a row according to `depth`), more than 3 single-event holes, or not enough messages to fill the response. Otherwise, we return the messages directly to the client and backfill in the background for eventual consistency sake. Fix https://github.com/matrix-org/synapse/issues/15696
* | Fix MSC3983 support: Use the unstable /keys/claim federation endpoint if ↵Patrick Cloke2023-06-131-1/+4
|/ | | | multiple keys are requested (#15755)
* Backfill in the background if we're doing it "just because" (#15710)Eric Eastwood2023-06-091-4/+14
| | | Fix https://github.com/matrix-org/synapse/issues/15702
* Allow for the configuration of max request retries and min/max retry delays ↵Shay2023-06-092-9/+22
| | | | | | | in the matrix federation client (#12504) Co-authored-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Erik Johnston <erik@matrix.org>
* Merge branch 'master' into developErik Johnston2023-06-081-1/+1
|\
| * Fix using TLS for replication (#15746)Erik Johnston2023-06-081-1/+1
| | | | | | Fixes #15744.
* | Clear event caches when we purge history (#15609)Erik Johnston2023-06-085-6/+178
| | | | | | | | | | | | | | This should help a little with #13476 --------- Co-authored-by: Patrick Cloke <patrickc@matrix.org>
* | Quick & dirty metric for background update status (#15740)David Robertson2023-06-073-1/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Quick & dirty metric for background update status * Changelog * Remove debug Co-authored-by: Mathieu Velten <mathieuv@matrix.org> * Actually write to _aborted --------- Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
* | Remove superfluous `room_memberships` join from background update (#15733)Eric Eastwood2023-06-071-1/+0
| | | | | | Spawning from https://github.com/matrix-org/synapse/pull/15731
* | Check required power levels earlier in createRoom handler. (#15695)Grant McLean2023-06-071-14/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Check required power levels earlier in createRoom handler. - If a server was configured to reject the creation of rooms with E2EE enabled (by specifying an unattainably high power level for "m.room.encryption" in default_power_level_content_override), the 403 error was not being triggered until after the room was created and before the "m.room.power_levels" was sent. This allowed a user to access the partially-configured room and complete the setup of E2EE and power levels manually. - This change causes the power level overrides to be checked earlier and the request to be rejected before the user gains access to the room. - A new `_validate_room_config` method is added to contain checks that should be run before a room is created. - The new test case confirms that a user request is rejected by the new validation method. Signed-off-by: Grant McLean <grant@catalyst.net.nz> * Add a changelog file. * Formatting fix for black. * Remove unneeded line from test. --------- Signed-off-by: Grant McLean <grant@catalyst.net.nz>
* | Merge branch 'master' into developErik Johnston2023-06-071-1/+21
|\|
| * Fix schema delta error in 1.85 (#15739)Erik Johnston2023-06-071-2/+14
| | | | | | | | Some users seem to have multiple rows per user / room with a null thread ID, which we need to handle.
| * Fix schema delta error in 1.85 (#15738)Erik Johnston2023-06-071-0/+8
| | | | | | | | | | | | | | | | There appears to be a race where you can end up with entries in `event_push_summary` with both a `NULL` and `main` thread ID. Fixes #15736 Introduced in #15597
* | No need for the extra join since `membership` is built-in to ↵Eric Eastwood2023-06-061-4/+3
| | | | | | | | | | | | | | `current_state_events` (#15731) This helps with the upstream `is_host_joined()` and `is_host_invited()` functions. `membership` was added to `current_state_events` in https://github.com/matrix-org/synapse/pull/5706 and forced in https://github.com/matrix-org/synapse/pull/13745
* | Trace functions which return `Awaitable` (#15650)Eric Eastwood2023-06-061-11/+26
| |
* | Update error to more plainly explain we can only authorize our own events ↵Eric Eastwood2023-06-061-1/+1
| | | | | | | | (#15725)
* | Add context for when/why to use the `long_retries` option when sending ↵Eric Eastwood2023-06-061-2/+9
| | | | | | | | Federation requests (#15721)
* | Improve performance of user directory search (#15729)Shay2023-06-061-4/+8
| |
* | Remove some unused `server_name` fields (#15723)Sean Quah2023-06-065-5/+0
| | | | | | Signed-off-by: Sean Quah <seanq@matrix.org>
* | Stabilize support for MSC3952: Intentional mentions. (#15520)Patrick Cloke2023-06-066-23/+4
| |
* | Some house keeping on `maybe_backfill()` functions (#15709)Eric Eastwood2023-06-051-0/+17
| |
* | `N + 3`: Read from column `full_user_id` rather than `user_id` of tables ↵Shay2023-06-0216-41/+225
| | | | | | | | `profiles` and `user_filters` (#15649)
* | Add a catch-all * to the supported relation types when redacting (#15705)Mathieu Velten2023-06-022-5/+41
| | | | | | This is an update to MSC3912 implementation
* | Log when events are (unexpectedly) filtered out of responses in tests (#14213)Eric Eastwood2023-06-011-7/+7
| | | | | | | | | | See https://github.com/matrix-org/synapse/pull/14095#discussion_r990335492 This is useful because when see that a relevant event is an `outlier` or `soft-failed`, then that's a good unexpected indicator explaining why it's not showing up. `filter_events_for_client` is used in `/sync`, `/messages`, `/context` which are all common end-to-end assertion touch points (also notifications, relations).
* | Merge branch 'release-v1.85' into developH. Shay2023-06-014-2/+53
|\|
| * Speed up background jobs populate_full_user_id_user_filters and ↵Shay2023-05-312-2/+2
| | | | | | | | populate_full_user_id_profiles (#15700)
| * Fix a performance issue introduced in Synapse v1.83.0 which meant that ↵reivilibre2023-05-312-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | purging rooms was very slow and database-intensive. (#15693) * Add indices required to efficiently validate new foreign key constraints on stream_ordering * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | Cache requests for user's devices from federation (#15675)Erik Johnston2023-06-012-2/+69
| | | | | | | | This should mitigate the issue where lots of different servers requests the same user's devices all at once.
* | Implement stable support for MSC3882 to allow an existing device/session to ↵Hugh Nimmo-Smith2023-06-016-33/+75
| | | | | | | | | | | | | | | | generate a login token for use on a new device/session (#15388) Implements stable support for MSC3882; this involves updating Synapse's support to match the MSC / the spec says. Continue to support the unstable version to allow clients to transition.
* | Add stubs package for lxml. (#15697)Patrick Cloke2023-05-312-36/+75
| | | | | | | | | | | | | | The stubs have some issues so this has some generous cast and ignores in it, but it is better than not having stubs. Note that confusing that Element is a function which creates _Element instances (and similarly for Comment).
* | Add get_canonical_room_alias to module API (#15450)Gabriel Féron2023-05-312-1/+28
| | | | | | Co-authored-by: Boxdot <d@zerovolt.org>
* | Add stricter mypy options (#15694)Patrick Cloke2023-05-318-20/+18
| | | | | | | | Enable warn_unused_configs, strict_concatenate, disallow_subclassing_any, and disallow_incomplete_defs.
* | Enforce that an admin token also has the basic Matrix API scopeQuentin Gliech2023-05-301-5/+2
| |
* | Make the config tests spawn the homeserver only when neededQuentin Gliech2023-05-301-12/+28
| |
* | Reject tokens with multiple device scopesQuentin Gliech2023-05-301-6/+24
| |
* | Make OIDC scope constantsQuentin Gliech2023-05-301-10/+15
| |
* | Handle errors when introspecting tokensQuentin Gliech2023-05-301-5/+37
| | | | | | | | | | This returns a proper 503 when the introspection endpoint is not working for some reason, which should avoid logging out clients in those cases.
* | Disable incompatible Admin API endpointsQuentin Gliech2023-05-302-8/+21
| |
* | Make AS tokens work & allow ASes to /registerQuentin Gliech2023-05-304-83/+157
| |
* | Add an admin token for MAS -> Synapse callsQuentin Gliech2023-05-302-0/+24
| |
* | Refactor config to be an experimental featureHugh Nimmo-Smith2023-05-3015-83/+258
| | | | | | | | Also enforce you can't combine it with incompatible config options
* | Disable account related endpoints when using OAuth delegationQuentin Gliech2023-05-307-16/+66
| |
* | Actually enforce guest + return www-authenticate headerHugh Nimmo-Smith2023-05-303-5/+47
| |
* | MSC2967: Check access token scope for use as user and add guest supportHugh Nimmo-Smith2023-05-301-10/+20
| |
* | Use `name` claim as display name when registering users on the fly.Hugh Nimmo-Smith2023-05-301-1/+8
| | | | | | | | | | This makes is so that the `name` claim got when introspecting the token is used as the display name when registering a user on the fly.
* | Record the `sub` claims as an external_idQuentin Gliech2023-05-301-22/+37
| |
* | Handle the Synapse admin scopeQuentin Gliech2023-05-301-0/+3
| |
* | Save the scopes in the requesterQuentin Gliech2023-05-302-0/+9
| |
* | MSC2965: OIDC Provider discovery via well-known documentQuentin Gliech2023-05-301-0/+9
| |
* | Expose the public keys used for client authentication on an endpointQuentin Gliech2023-05-302-0/+78
| |