Commit Graph

138 Commits (0d7f0febf45575666d182cb2ad0cf451b11fbf07)

Author SHA1 Message Date
Erik Johnston b7cb37b189 Merge pull request #198 from matrix-org/markjh/client-end-to-end-key-management
Client end to end key management API
2015-07-10 13:36:17 +01:00
Mark Haines a01097d60b Assume that each device for a user has only one of each type of key 2015-07-10 13:26:18 +01:00
Erik Johnston f3049d0b81 Small tweaks to SAML2 configuration.
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
Mark Haines bf0d59ed30 Don't bother with a timeout for one time keys on the server. 2015-07-09 14:04:03 +01:00
Muthu Subramanian 8cd34dfe95 Make SAML2 optional and add some references/comments 2015-07-09 13:34:47 +05:30
Muthu Subramanian d2caa5351a code beautify 2015-07-09 12:58:15 +05:30
Muthu Subramanian 77c5db5977 code beautify 2015-07-08 16:05:20 +05:30
Muthu Subramanian 81682d0f82 Integrate SAML2 basic authentication - uses pysaml2 2015-07-08 15:36:54 +05:30
Mark Haines 2ef182ee93 Add client API for uploading and querying keys for end to end encryption 2015-07-06 18:47:57 +01:00
Erik Johnston fb7def3344 Remove access_token from synapse.rest.client.v1.transactions {get,store}_response logging 2015-06-16 10:09:43 +01:00
Erik Johnston a7b65bdedf Add config option to turn off freezing events. Use new encode_json api and ujson.loads 2015-05-29 12:17:33 +01:00
Erik Johnston 9ba3c1ede4 Merge pull request #165 from matrix-org/bugs/SYN-390
SYN-390: Don't modify the dictionary returned from the data store
2015-05-26 10:20:36 +01:00
Mark Haines a0bebeda8b SYN-390: Don't modify the dictionary returned from the data store 2015-05-26 10:14:15 +01:00
David Baker c37a6e151f Make shared secret registration work again 2015-05-14 12:03:13 +01:00
David Baker eb9bd2d949 user_id now in user_threepids 2015-05-01 15:04:37 +01:00
David Baker 03c4f0ed67 pep8 2015-04-27 12:36:59 +01:00
David Baker f1acb9fd40 logging args 2015-04-27 11:56:34 +01:00
David Baker 7ac8a60c6f More underscores 2015-04-24 11:44:27 +01:00
David Baker a218619626 Use underscores instead of camelcase for id server stuff 2015-04-24 11:27:38 +01:00
David Baker 6532b6e607 Merge branch 'develop' into csauth
Conflicts:
	synapse/http/server.py
2015-04-24 09:37:54 +01:00
David Baker 03eb4adc6e Dedicated error code for failed 3pid auth verification 2015-04-23 18:20:17 +01:00
Mark Haines 1967650bc4 Combine the request wrappers in rest/media/v1 and http/server into a single wrapper decorator 2015-04-21 16:35:53 +01:00
David Baker 8db6832db8 Password reset, finally. 2015-04-17 19:53:47 +01:00
David Baker 117f35ac4a Add endpoint to get threepids from server 2015-04-17 17:20:18 +01:00
David Baker f96ab9d18d make add3pid servlet work 2015-04-17 16:44:49 +01:00
David Baker 0b1a8500a2 just the once would probably be fine 2015-04-17 13:53:54 +01:00
David Baker bf5e54f255 Register the 3pid servlet 2015-04-17 13:44:55 +01:00
David Baker 94e1e58b4d password -> account servlet and add start of an 'add 3pid' endpoint 2015-04-17 13:44:12 +01:00
David Baker ea1776f556 Return user ID in use error straight away 2015-04-16 19:56:44 +01:00
David Baker 766bd8e880 Dummy login so we can do the first POST request to get login flows without it just succeeding 2015-04-15 17:14:25 +01:00
David Baker a19b739909 Regstration with email in v2 2015-04-15 15:50:38 +01:00
David Baker 4eb6d66b45 Add app service auth back in to v2 register 2015-04-02 17:51:19 +01:00
David Baker 6b59650753 Throw sensible errors on not-json when allowing empty body 2015-04-02 17:45:16 +01:00
David Baker 41cd778d66 pep8 2015-04-02 17:06:17 +01:00
David Baker 70a84f17f3 Add shared secret auth into register v2 and switch the script over. 2015-04-02 17:01:29 +01:00
David Baker e9c908ebc0 Completely replace fallback auth for C/S V2:
* Now only the auth part goes to fallback, not the whole operation
 * Auth fallback is a normal API endpoint, not a static page
 * Params like the recaptcha pubkey can just live in the config
Involves a little engineering on JsonResource so its servlets aren't always forced to return JSON. I should document this more, in fact I'll do that now.
2015-04-01 15:05:30 +01:00
David Baker 9f642a93ec pep8 2015-03-31 09:50:44 +01:00
David Baker 59bf16eddc New registration for C/S API v2. Only ReCAPTCHA working currently. 2015-03-30 18:13:10 +01:00
David Baker c1a256cc4c Allow multiple pushers for a single app ID & pushkey, honouring the 'append' flag in the API. 2015-03-25 19:06:22 +00:00
David Baker c7023f2155 1) Pushers are now associated with an access token
2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it.
2015-03-24 17:24:15 +00:00
David Baker d19e79ecc9 Make deleting other access tokens when you change your password actually work 2015-03-24 15:33:48 +00:00
David Baker 78adccfaf4 pep8 / pyflakes 2015-03-23 14:23:51 +00:00
David Baker d98660a60d Implement password changing (finally) along with a start on making client/server auth more general. 2015-03-23 14:20:28 +00:00
Erik Johnston f88db7ac0b Factor out user id validation checks 2015-03-18 11:34:18 +00:00
Erik Johnston 57976f646f Do more validation of incoming request 2015-03-18 11:30:04 +00:00
Erik Johnston 250e143084 Use 403 instead of 400 2015-03-16 13:11:42 +00:00
Erik Johnston 69135f59aa Implement registering with shared secret. 2015-03-13 15:23:37 +00:00
David Baker 04f8478aaa Add the master push rule for the break-my-push button. Allow server default rules to be disabled by default. 2015-03-10 17:26:25 +00:00
David Baker 6fab7bd2c1 s/user_name/user/ as per mjark's comment 2015-03-02 18:17:19 +00:00
David Baker 09f9e8493c Oops, missed a replacement. 2015-03-02 17:37:22 +00:00