566641a0b5 
								
							
								 
							
						 
						
							
							
								
								use jsonschema.FormatChecker for RoomID and UserID strings  
							
							... 
							
							
							
							* use a valid filter in rest/client/v2_alpha test
Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:41 -03:00  
				
					
						
							
							
								 
						
							
							
								acafcf1c5b 
								
							
								 
							
						 
						
							
							
								
								Add valid filter tests, flake8, fix typo  
							
							... 
							
							
							
							Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:10 -03:00  
				
					
						
							
							
								 
						
							
							
								e56c79c114 
								
							
								 
							
						 
						
							
							
								
								check_valid_filter using JSONSchema  
							
							... 
							
							
							
							* add invalid filter tests
Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:07 -03:00  
				
					
						
							
							
								 
						
							
							
								19b9366d73 
								
							
								 
							
						 
						
							
							
								
								Fix a couple of logcontext leaks  
							
							... 
							
							
							
							Use preserve_fn to correctly manage the logcontexts around things we don't want
to yield on. 
							
						 
						
							2017-03-23 00:17:46 +00:00  
				
					
						
							
							
								 
						
							
							
								a8f96c63aa 
								
							
								 
							
						 
						
							
							
								
								Comment  
							
							
							
						 
						
							2017-03-15 16:01:01 +00:00  
				
					
						
							
							
								 
						
							
							
								e892457a03 
								
							
								 
							
						 
						
							
							
								
								Comment  
							
							
							
						 
						
							2017-03-15 15:01:39 +00:00  
				
					
						
							
							
								 
						
							
							
								6c82de5100 
								
							
								 
							
						 
						
							
							
								
								Format presence events on the edges instead of reformatting them multiple times  
							
							
							
						 
						
							2017-03-15 14:27:34 +00:00  
				
					
						
							
							
								 
						
							
							
								7827251daf 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1994  from matrix-org/dbkr/msisdn_signin_2  
							
							... 
							
							
							
							Phone number registration / login support v2 
							
						 
						
							2017-03-15 09:59:54 +00:00  
				
					
						
							
							
								 
						
							
							
								1d09586599 
								
							
								 
							
						 
						
							
							
								
								Address review comments  
							
							... 
							
							
							
							- don't blindly proxy all HTTPRequestExceptions
- log unexpected exceptions at error
- avoid `isinstance`
- improve docs on `from_http_response_exception` 
							
						 
						
							2017-03-14 14:15:37 +00:00  
				
					
						
							
							
								 
						
							
							
								7f237800e9 
								
							
								 
							
						 
						
							
							
								
								re-refactor exception heirarchy  
							
							... 
							
							
							
							Give CodeMessageException back its `msg` attribute, and use that to hold the
HTTP status message for HttpResponseException. 
							
						 
						
							2017-03-14 14:15:37 +00:00  
				
					
						
							
							
								 
						
							
							
								73a5f06652 
								
							
								 
							
						 
						
							
							
								
								Support registration / login with phone number  
							
							... 
							
							
							
							Changes from https://github.com/matrix-org/synapse/pull/1971  
							
						 
						
							2017-03-13 17:27:51 +00:00  
				
					
						
							
							
								 
						
							
							
								170ccc9de5 
								
							
								 
							
						 
						
							
							
								
								Fix routing loop when fetching remote media  
							
							... 
							
							
							
							When we proxy a media request to a remote server, add a query-param, which will
tell the remote server to 404 if it doesn't recognise the server_name.
This should fix a routing loop where the server keeps forwarding back to
itself.
Also improves the error handling on remote media fetches, so that we don't
always return a rather obscure 502. 
							
						 
						
							2017-03-13 16:30:36 +00:00  
				
					
						
							
							
								 
						
							
							
								7eae6eaa2f 
								
							
								 
							
						 
						
							
							
								
								Revert "Support registration & login with phone number"  
							
							
							
						 
						
							2017-03-13 09:59:33 +00:00  
				
					
						
							
							
								 
						
							
							
								ce3e583d94 
								
							
								 
							
						 
						
							
							
								
								WIP support for msisdn 3pid proxy methods  
							
							
							
						 
						
							2017-02-14 15:05:55 +00:00  
				
					
						
							
							
								 
						
							
							
								063a1251a9 
								
							
								 
							
						 
						
							
							
								
								Remove a few aspirational but unused constants  
							
							... 
							
							
							
							from the Kegan era 
							
						 
						
							2017-02-08 11:36:08 +00:00  
				
					
						
							
							
								 
						
							
							
								5f027d1fc5 
								
							
								 
							
						 
						
							
							
								
								Change resolve_state_groups call site logging to DEBUG  
							
							
							
						 
						
							2017-01-17 17:07:15 +00:00  
				
					
						
							
							
								 
						
							
							
								e178feca3f 
								
							
								 
							
						 
						
							
							
								
								Remove unused function  
							
							
							
						 
						
							2017-01-13 15:16:45 +00:00  
				
					
						
							
							
								 
						
							
							
								8b2fa38256 
								
							
								 
							
						 
						
							
							
								
								Split event auth code into seperate module  
							
							
							
						 
						
							2017-01-13 15:07:32 +00:00  
				
					
						
							
							
								 
						
							
							
								7e6c2937c3 
								
							
								 
							
						 
						
							
							
								
								Split out static auth methods from Auth object  
							
							
							
						 
						
							2017-01-10 18:16:54 +00:00  
				
					
						
							
							
								 
						
							
							
								c18f7fc410 
								
							
								 
							
						 
						
							
							
								
								Fix flake8 and update changelog  
							
							
							
						 
						
							2017-01-05 13:50:22 +00:00  
				
					
						
							
							
								 
						
							
							
								d79d165761 
								
							
								 
							
						 
						
							
							
								
								add logging for all the places we call resolve_state_groups. my kingdom for a backtrace that actually works.  
							
							
							
						 
						
							2017-01-05 13:40:39 +00:00  
				
					
						
							
							
								 
						
							
							
								1529c19675 
								
							
								 
							
						 
						
							
							
								
								Prevent user tokens being used as guest tokens ( #1675 )  
							
							... 
							
							
							
							Make sure that a user cannot pretend to be a guest by adding 'guest = True'
caveats. 
							
						 
						
							2016-12-06 15:31:37 +00:00  
				
					
						
							
							
								 
						
							
							
								aa09d6b8f0 
								
							
								 
							
						 
						
							
							
								
								Rip out more refresh_token code  
							
							... 
							
							
							
							We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema. 
							
						 
						
							2016-11-30 17:40:18 +00:00  
				
					
						
							
							
								 
						
							
							
								321fe5c44c 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1656  from matrix-org/rav/remove_time_caveat  
							
							... 
							
							
							
							Stop putting a time caveat on access tokens 
							
						 
						
							2016-11-30 16:53:20 +00:00  
				
					
						
							
							
								 
						
							
							
								4febfe47f0 
								
							
								 
							
						 
						
							
							
								
								Comments  
							
							... 
							
							
							
							Update comments in verify_macaroon 
							
						 
						
							2016-11-30 07:36:32 +00:00  
				
					
						
							
							
								 
						
							
							
								77eca2487c 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1653  from matrix-org/rav/guest_e2e  
							
							... 
							
							
							
							Implement E2E for guests 
							
						 
						
							2016-11-29 17:41:35 +00:00  
				
					
						
							
							
								 
						
							
							
								1c4f05db41 
								
							
								 
							
						 
						
							
							
								
								Stop putting a time caveat on access tokens  
							
							... 
							
							
							
							The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats. 
							
						 
						
							2016-11-29 16:49:41 +00:00  
				
					
						
							
							
								 
						
							
							
								b6146537d2 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1655  from matrix-org/rav/remove_redundant_macaroon_checks  
							
							... 
							
							
							
							Remove redundant list of known caveat prefixes 
							
						 
						
							2016-11-25 16:57:19 +00:00  
				
					
						
							
							
								 
						
							
							
								7f02e4d008 
								
							
								 
							
						 
						
							
							
								
								Give guest users a device_id  
							
							... 
							
							
							
							We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one. 
							
						 
						
							2016-11-25 15:25:30 +00:00  
				
					
						
							
							
								 
						
							
							
								e1d7c96814 
								
							
								 
							
						 
						
							
							
								
								Remove redundant list of known caveat prefixes  
							
							... 
							
							
							
							Also add some comments. 
							
						 
						
							2016-11-24 12:38:17 +00:00  
				
					
						
							
							
								 
						
							
							
								83bcdcee61 
								
							
								 
							
						 
						
							
							
								
								Return early on /sync code paths if a '*' filter is used  
							
							... 
							
							
							
							This is currently very conservative in that it only does this if there is no
`since` token. This limits the risk to clients likely to be doing one-off
syncs (like bridges), but does mean that normal human clients won't benefit
from the time savings here. If the savings are large enough, I would consider
generalising this to just check the filter. 
							
						 
						
							2016-11-22 16:38:35 +00:00  
				
					
						
							
							
								 
						
							
							
								d4a459f7cb 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1638  from matrix-org/kegan/sync-event-fields  
							
							... 
							
							
							
							Implement "event_fields" in filters 
							
						 
						
							2016-11-22 14:02:38 +00:00  
				
					
						
							
							
								 
						
							
							
								cea4e4e7b2 
								
							
								 
							
						 
						
							
							
								
								Glue only_event_fields into the sync rest servlet  
							
							
							
						 
						
							2016-11-22 10:14:05 +00:00  
				
					
						
							
							
								 
						
							
							
								f97511a1f3 
								
							
								 
							
						 
						
							
							
								
								Move event_fields filtering to serialize_event  
							
							... 
							
							
							
							Also make it an inclusive not exclusive filter, as the spec demands. 
							
						 
						
							2016-11-21 17:42:16 +00:00  
				
					
						
							
							
								 
						
							
							
								e90fcd9edd 
								
							
								 
							
						 
						
							
							
								
								Add filter_event_fields and filter_field to FilterCollection  
							
							
							
						 
						
							2016-11-21 15:18:18 +00:00  
				
					
						
							
							
								 
						
							
							
								a2a6c1c22f 
								
							
								 
							
						 
						
							
							
								
								Fail with a coherent error message if `/sync?filter=` is invalid  
							
							
							
						 
						
							2016-11-21 13:15:25 +00:00  
				
					
						
							
							
								 
						
							
							
								177f104432 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1098  from matrix-org/markjh/bearer_token  
							
							... 
							
							
							
							Allow clients to supply access_tokens as headers 
							
						 
						
							2016-10-25 17:33:15 +01:00  
				
					
						
							
							
								 
						
							
							
								e01a1bc92d 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1175  from matrix-org/luke/feature-configurable-as-rate-limiting  
							
							... 
							
							
							
							Allow Configurable Rate Limiting Per AS 
							
						 
						
							2016-10-20 16:21:10 +01:00  
				
					
						
							
							
								 
						
							
							
								07caa749bf 
								
							
								 
							
						 
						
							
							
								
								Closing brace on following line  
							
							
							
						 
						
							2016-10-20 12:07:16 +01:00  
				
					
						
							
							
								 
						
							
							
								f09db236b1 
								
							
								 
							
						 
						
							
							
								
								as_user->app_service, less redundant comments, better positioned comments  
							
							
							
						 
						
							2016-10-20 12:04:54 +01:00  
				
					
						
							
							
								 
						
							
							
								8bfd01f619 
								
							
								 
							
						 
						
							
							
								
								flake8  
							
							
							
						 
						
							2016-10-20 11:52:46 +01:00  
				
					
						
							
							
								 
						
							
							
								1b17d1a106 
								
							
								 
							
						 
						
							
							
								
								Use real AS object by passing it through the requester  
							
							... 
							
							
							
							This means synapse does not have to check if the AS is interested, but instead it effectively re-uses what it already knew about the requesting user 
							
						 
						
							2016-10-20 11:43:05 +01:00  
				
					
						
							
							
								 
						
							
							
								550308c7a1 
								
							
								 
							
						 
						
							
							
								
								Check whether to ratelimit sooner to avoid work  
							
							
							
						 
						
							2016-10-19 10:45:24 +01:00  
				
					
						
							
							
								 
						
							
							
								a2f2516199 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1157  from Rugvip/nolimit  
							
							... 
							
							
							
							Remove rate limiting from app service senders and fix get_or_create_user requester 
							
						 
						
							2016-10-11 11:20:54 +01:00  
				
					
						
							
							
								 
						
							
							
								9bfc617791 
								
							
								 
							
						 
						
							
							
								
								storage/appservice: make appservice methods only relying on the cache synchronous  
							
							
							
						 
						
							2016-10-06 15:24:59 +02:00  
				
					
						
							
							
								 
						
							
							
								24a70e19c7 
								
							
								 
							
						 
						
							
							
								
								api/auth: fix for not being allowed to set your own state_key  
							
							... 
							
							
							
							Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com> 
							
						 
						
							2016-09-30 13:08:25 +02:00  
				
					
						
							
							
								 
						
							
							
								f96020550f 
								
							
								 
							
						 
						
							
							
								
								Update comments  
							
							
							
						 
						
							2016-09-22 12:54:22 +01:00  
				
					
						
							
							
								 
						
							
							
								2e9ee30969 
								
							
								 
							
						 
						
							
							
								
								Add comments  
							
							
							
						 
						
							2016-09-22 11:59:46 +01:00  
				
					
						
							
							
								 
						
							
							
								a61e4522b5 
								
							
								 
							
						 
						
							
							
								
								Shuffle things around to make unit tests work  
							
							
							
						 
						
							2016-09-22 11:08:12 +01:00  
				
					
						
							
							
								 
						
							
							
								1168cbd54d 
								
							
								 
							
						 
						
							
							
								
								Allow invites via 3pid to bypass sender sig check  
							
							... 
							
							
							
							When a server sends a third party invite another server may be the one
that the inviting user registers with. In this case it is that remote
server that will issue an actual invitation, and wants to do it "in the
name of" the original invitee. However, the new proper invite will not
be signed by the original server, and thus other servers would reject
the invite if it was seen as coming from the original user.
To fix this, a special case has been added to the auth rules whereby
another server can send an invite "in the name of" another server's
user, so long as that user had previously issued a third party invite
that is now being accepted. 
							
						 
						
							2016-09-22 10:56:53 +01:00