kaslo/synapse
1
0
Fork 0
Code Wiki Activity
20,119 Commits 1,047 Branches 805 Tags
d8df16e331b1964287dcaa31b4dea5abb19a42f9
Commit Graph

277 Commits

Author SHA1 Message Date
Andrew Morgan
d06a48b4be Merge commit '2ab6e67ab' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:12 +01:00
Andrew Morgan
aa8555e337 Merge commit '261093072' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:04 +01:00
Andrew Morgan
0145f103f5 Merge commit '351845452' into anoa/dinsic_release_1_31_0 2021-04-22 18:39:22 +01:00
Andrew Morgan
9273535ade Merge commit '18ab35284' into anoa/dinsic_release_1_31_0 2021-04-22 18:37:01 +01:00
Andrew Morgan
27fd9474ae Merge commit 'e19396d62' into anoa/dinsic_release_1_31_0 2021-04-22 18:32:44 +01:00
Andrew Morgan
cfa0cff6aa Merge commit '1baab2035' into anoa/dinsic_release_1_31_0 2021-04-22 18:30:10 +01:00
Andrew Morgan
357f84c952 Merge commit '42a8e8137' into anoa/dinsic_release_1_31_0 2021-04-22 18:27:20 +01:00
Andrew Morgan
15f31e1ca9 Merge commit '0cd2938bc' into anoa/dinsic_release_1_31_0 2021-04-22 18:26:10 +01:00
Andrew Morgan
50e257bea1 Merge commit 'fa50e4bf4' into anoa/dinsic_release_1_31_0 2021-04-22 18:24:35 +01:00
Andrew Morgan
6714a091ea Merge commit '9de6b9411' into anoa/dinsic_release_1_31_0 2021-04-22 17:28:31 +01:00
Andrew Morgan
72b2cb5460 Merge commit '420031906' into anoa/dinsic_release_1_31_0 2021-04-22 16:22:27 +01:00
Andrew Morgan
c7cd7b4545 Merge commit '0312266ee' into anoa/dinsic_release_1_31_0 2021-04-21 16:16:10 +01:00
Andrew Morgan
744f456324 Merge commit '9999eb2d0' into anoa/dinsic_release_1_31_0 2021-04-21 15:35:15 +01:00
Andrew Morgan
82b462401f Merge commit '4218473f9' into anoa/dinsic_release_1_31_0 2021-04-21 15:34:28 +01:00
Andrew Morgan
52620bdb83 Merge commit '28877fade' into anoa/dinsic_release_1_31_0 2021-04-21 15:09:52 +01:00
Andrew Morgan
83c1c8a56b Merge commit 'ff5c4da12' into anoa/dinsic_release_1_31_0 2021-04-20 16:41:22 +01:00
Andrew Morgan
eb19dc5578 Merge commit 'c64002e1c' into anoa/dinsic_release_1_31_0 2021-04-16 14:26:36 +01:00
Andrew Morgan
93db8f1992 Merge commit 'cf7d3c90d' into dinsic 2021-04-16 12:33:45 +01:00
Andrew Morgan
232b324c38 Port "Add support for no_proxy and case insensitive env variables" from mainline to dinsic (#93) 
This PR is simply porting https://github.com/matrix-org/synapse/pull/9372 to dinsic.

I also had to bring in https://github.com/matrix-org/synapse/pull/8821 and https://github.com/matrix-org/synapse/pull/9084 for this code to work properly - a sign that we should merge mainline into dinsic again soon.
 2021-03-22 17:48:42 +00:00
Andrew Morgan
8f97c6c2da Add a config option to prioritise local users in user directory search results (#84) 
* Add a config option to prioritise local users in user directory search results (#9383)

This PR adds a homeserver config option, `user_directory.prefer_local_users`, that when enabled will show local users higher in user directory search results than remote users. This option is off by default.

Note that turning this on doesn't necessarily mean that remote users will always be put below local users, but they should be assuming all other ranking factors (search query match, profile information present etc) are identical.

This is useful for, say, University networks that are openly federating, but want to prioritise local students and staff in the user directory over other random users.

* Don't mix simple and english psql query types
 2021-02-19 12:11:02 +00:00
Andrew Morgan
6bf58d8194 Add knocking support (#81) 
Implement knocking as defined by https://github.com/matrix-org/matrix-doc/pull/2403

This is the base knocking stuff, taken from https://github.com/matrix-org/synapse/pull/6739
and does not include any public room directory changes.

While knocking hasn't merged yet on mainline due to waiting on getting Complement
into Synapse's CI, the code has been well-tested.
 2021-02-09 19:07:00 +00:00
Patrick Cloke
2ab6e67ab7 Fix escaping of braces in OIDC sample config. (#9317) 
This fixes the Jinja2 templates for the mapping provider.
 2021-02-04 09:06:20 -05:00
Richard van der Hoff
3f534d3fdf Merge branch 'social_login_hotfixes' into develop 2021-02-03 20:34:27 +00:00
Patrick Cloke
afa18f1baa Clarify documentation about escaping URLs in templates. (#9310) 2021-02-03 14:51:38 -05:00
dykstranet
e4cdecb310 config: Add detail to auto_join_rooms comment (#9291) 
config: Add detail to auto_join_rooms comment

Signed-off-by: Gary Dykstra <gary@dykstranet.com>
 2021-02-03 15:21:30 +00:00
Patrick Cloke
4ca054a4ea Convert blacklisted IPv4 addresses to compatible IPv6 addresses. (#9240) 
Also add a few more IP ranges to the default blacklist.
 2021-02-03 07:13:46 -05:00
Richard van der Hoff
8f75bf1df7 Put SAML callback URI under /_synapse/client. (#9289) 2021-02-02 09:43:50 +00:00
Richard van der Hoff
5963426b95 Merge branch 'social_login' into develop 2021-02-01 18:46:12 +00:00
Richard van der Hoff
c543bf87ec Collect terms consent from the user during SSO registration (#9276) 2021-02-01 18:37:41 +00:00
Richard van der Hoff
e5d70c8a82 Improve styling and wording of SSO UIA templates (#9286) 
fixes #9171
 2021-02-01 18:36:04 +00:00
Richard van der Hoff
18ab35284a Merge branch 'social_login' into develop 2021-02-01 17:28:37 +00:00
Richard van der Hoff
4167494c90 Replace username picker with a template (#9275) 
There's some prelimiary work here to pull out the construction of a jinja environment to a separate function.

I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.
 2021-02-01 15:52:50 +00:00
Richard van der Hoff
8aed29dc61 Improve styling and wording of SSO redirect confirm template (#9272) 2021-02-01 15:50:56 +00:00
Erik Johnston
f2c1560eca Ratelimit invites by room and target user (#9258) 2021-01-29 16:38:29 +00:00
Richard van der Hoff
0d81a6fa3e Merge branch 'social_login' into develop 2021-01-28 22:08:11 +00:00
Erik Johnston
4b73488e81 Ratelimit 3PID /requestToken API (#9238) 2021-01-28 17:39:21 +00:00
Richard van der Hoff
a083aea396 Add 'brand' field to MSC2858 response (#9242) 
We've decided to add a 'brand' field to help clients decide how to style the
buttons.

Also, fix up the allowed characters for idp_id, while I'm in the area.
 2021-01-27 21:31:45 +00:00
Richard van der Hoff
869667760f Support for scraping email addresses from OIDC providers (#9245) 2021-01-27 21:28:59 +00:00
Patrick Cloke
26837d5dbe Do not require the CAS service URL setting (use public_baseurl instead). (#9199) 
The current configuration is handled for backwards compatibility,
but is considered deprecated.
 2021-01-26 10:49:25 -05:00
Richard van der Hoff
7447f19702 Prefix idp_id with "oidc-" (#9189) 
... to avoid clashes with other SSO mechanisms
 2021-01-21 12:25:02 +00:00
Richard van der Hoff
0cd2938bc8 Support icons for Identity Providers (#9154) 2021-01-20 08:15:14 -05:00
Richard van der Hoff
fa50e4bf4d Give public_baseurl a default value (#9159) 2021-01-20 12:30:41 +00:00
Richard van der Hoff
9de6b94117 Land support for multiple OIDC providers (#9110) 
This is the final step for supporting multiple OIDC providers concurrently.

First of all, we reorganise the config so that you can specify a list of OIDC providers, instead of a single one. Before:

    oidc_config:
       enabled: true
       issuer: "https://oidc_provider"
       # etc

After:

    oidc_providers:
     - idp_id: prov1
       issuer: "https://oidc_provider"

     - idp_id: prov2
       issuer: "https://another_oidc_provider"

The old format is still grandfathered in.

With that done, it's then simply a matter of having OidcHandler instantiate a new OidcProvider for each configured provider.
 2021-01-15 16:55:29 +00:00
Richard van der Hoff
5310808d3b Give the user a better error when they present bad SSO creds 
If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO
IdP, try to give them a better error.

Previously, the UIA would claim to be successful, but then the operation in
question would simply fail with "auth fail". Instead, serve up an error page
which explains the failure.
 2021-01-13 20:22:41 +00:00
Richard van der Hoff
111b673fc1 Add initial support for a "pick your IdP" page (#9017) 
During login, if there are multiple IdPs enabled, offer the user a choice of
IdPs.
 2021-01-05 11:25:28 +00:00
Andrew Morgan
a839d0f32d Merge commit '09ac0569f' into anoa/dinsic_release_1_23_1 2020-12-31 17:19:14 +00:00
Andrew Morgan
0c897c7410 Merge commit '7c4344747' into anoa/dinsic_release_1_23_1 2020-12-31 17:08:54 +00:00
Andrew Morgan
fce9ace555 Merge commit '8ca120df7' into anoa/dinsic_release_1_23_1 2020-12-31 16:50:13 +00:00
Andrew Morgan
3cf5e8b3f9 Merge commit '03e392f78' into anoa/dinsic_release_1_23_1 2020-12-31 16:50:11 +00:00
Andrew Morgan
917d0f9250 Merge commit 'f12589547' into anoa/dinsic_release_1_23_1 2020-12-31 14:55:18 +00:00