cd41c6ece2
Merge pull request #995 from matrix-org/rav/clean_up_cas_login
...
Clean up CAS login code
2016-08-09 10:21:56 +01:00
65666fedd5
Clean up CAS login code
...
Remove some apparently unused code.
Clean up parse_cas_response, mostly to catch the exception if the CAS response
isn't valid XML.
2016-08-08 17:17:25 +01:00
0682ca04b3
Fix CAS login
...
Attempting to log in with CAS was giving a 500 error.
2016-08-08 17:01:30 +01:00
436bffd15f
Implement deleting devices
2016-07-26 07:35:48 +01:00
c68518dfbb
Merge pull request #933 from matrix-org/rav/type_annotations
...
Type annotations
2016-07-20 12:26:32 +01:00
e967bc86e7
Merge pull request #932 from matrix-org/rav/register_refactor
...
Further registration refactoring
2016-07-20 11:03:33 +01:00
1e2a7f18a1
Merge pull request #922 from matrix-org/erikj/file_api2
...
Feature: Add filter to /messages. Add 'contains_url' to filter.
2016-07-20 10:40:48 +01:00
3413f1e284
Type annotations
...
Add some type annotations to help PyCharm (in particular) to figure out the
types of a bunch of things.
2016-07-19 18:56:16 +01:00
40cbffb2d2
Further registration refactoring
...
* `RegistrationHandler.appservice_register` no longer issues an access token:
instead it is left for the caller to do it. (There are two of these, one in
`synapse/rest/client/v1/register.py`, which now simply calls
`AuthHandler.issue_access_token`, and the other in
`synapse/rest/client/v2_alpha/register.py`, which is covered below).
* In `synapse/rest/client/v2_alpha/register.py`, move the generation of
access_tokens into `_create_registration_details`. This means that the normal
flow no longer needs to call `AuthHandler.issue_access_token`; the
shared-secret flow can tell `RegistrationHandler.register` not to generate a
token; and the appservice flow continues to work despite the above change.
2016-07-19 18:46:19 +01:00
f863a52cea
Add device_id support to /login
...
Add a 'devices' table to the storage, as well as a 'device_id' column to
refresh_tokens.
Allow the client to pass a device_id, and initial_device_display_name, to
/login. If login is successful, then register the device in the devices table
if it wasn't known already. If no device_id was supplied, make one up.
Associate the device_id with the access token and refresh token, so that we can
get at it again later. Ensure that the device_id is copied from the refresh
token to the access_token when the token is refreshed.
2016-07-18 16:39:44 +01:00
dcfd71aa4c
Refactor login flow
...
Make sure that we have the canonical user_id *before* calling
get_login_tuple_for_user_id.
Replace login_with_password with a method which just validates the password,
and have the caller call get_login_tuple_for_user_id. This brings the password
flow into line with the other flows, and will give us a place to register the
device_id if necessary.
2016-07-18 15:23:54 +01:00
a98d215204
Add filter param to /messages API
2016-07-14 16:30:56 +01:00
0136a522b1
Bug fix: expire invalid access tokens
2016-07-13 15:00:37 +02:00
67f2c901ea
Add rest servlet. Fix SQL.
2016-07-06 15:56:59 +01:00
a17e7caeb7
Merge branch 'erikj/shared_secret' into erikj/test2
2016-07-06 14:46:31 +01:00
76b18df3d9
Check that there are no null bytes in user and passsword
2016-07-06 11:17:53 +01:00
0da24cac8b
Add null separator to hmac
2016-07-06 11:05:16 +01:00
651faee698
Add an admin option to shared secret registration
2016-07-05 17:30:22 +01:00
caf33b2d9b
Protect password when registering using shared secret
2016-07-05 17:18:19 +01:00
2d21d43c34
Add purge_history API
2016-07-05 10:28:51 +01:00
bb069079bb
Fix style violations
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-04 22:07:11 +09:00
2e5a31f197
Use .get() instead of [] to access password_hash
2016-07-04 22:00:13 +09:00
fc8007dbec
Optionally include password hash in createUser endpoint
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-03 15:08:15 +09:00
f328d95cef
Feature: Add deactivate account admin API
...
Allows server admins to "deactivate" accounts, which:
- Revokes all access tokens
- Removes all threepids
- Removes password
The API is a POST to `/admin/deactivate/<user_id>`
2016-06-30 15:40:58 +01:00
a70688445d
Implement purge_media_cache admin API
2016-06-29 14:57:59 +01:00
95f305c35a
Remove redundant exception log in /events
2016-06-09 11:15:04 +01:00
690029d1a3
Don't make rooms visibile by default
2016-06-08 14:47:42 +01:00
efeabd3180
Log user that is making /publicRooms calls
2016-06-08 14:23:15 +01:00
6a0afa582a
Load push rules in storage layer, so that they get cached
2016-06-03 11:10:00 +01:00
1f31cc37f8
Working unsubscribe links going straight to the HS
...
and authed by macaroons that let you delete pushers and nothing else
2016-06-02 17:21:31 +01:00
3a3fb2f6f9
Merge branch 'dbkr/split_out_auth_handler' into dbkr/email_unsubscribe
2016-06-02 13:35:25 +01:00
4a10510cd5
Split out the auth handler
2016-06-02 13:31:45 +01:00
991af8b0d6
WIP on unsubscribing email notifs without logging in
2016-06-01 17:40:52 +01:00
d240796ded
Basic, un-cached support for secondary_directory_servers
2016-05-31 17:20:07 +01:00
887c6e6f05
Split out the room list handler
...
So I can use it from federation bits without pulling in all the handlers.
2016-05-31 11:05:16 +01:00
332d7e9b97
Allow clients to specify a server_name to avoid 'No known servers'
...
Multiple server_names are supported via ?server_name=foo&server_name=bar
2016-05-19 13:50:52 +01:00
0cb441fedd
Move typing handler out of the Handlers object
2016-05-17 15:58:46 +01:00
3b86ecfa79
Move the presence handler out of the Handlers object
2016-05-16 18:56:37 +01:00
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
52ecbc2843
Make pyjwt dependency optional
2016-04-25 14:30:15 +01:00
b9675ef6e6
Merge pull request #687 from nikriek/jwt-fix
...
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
565c2edb0a
Fix issues with JWT login
2016-04-21 18:10:48 +02:00
a04c076b7f
Make the /set part mandatory
2016-04-12 13:54:41 +01:00
7b39bcdaae
Mis-named function
2016-04-12 13:35:08 +01:00
d937f342bb
Split into separate servlet classes
2016-04-12 13:33:30 +01:00
8a76094965
Add get endpoint for pushers
...
As per https://github.com/matrix-org/matrix-doc/pull/308
2016-04-11 18:00:03 +01:00
08a8514b7a
Remove spurious comment
2016-03-30 15:05:33 +01:00
fddb6fddc1
Require user to have left room to forget room
...
This dramatically simplifies the forget API code - in particular it no
longer generates a leave event.
2016-03-30 11:03:00 +01:00
3f9948a069
Add JWT support
2016-03-29 14:36:36 +02:00
3e7fac0d56
Add published room list edit API
2016-03-21 15:06:07 +00:00
2cd9260500
Update aliases event after deletion
...
Attempt to update the appropriate `m.room.aliases` event after deleting
an alias. This may fail due to the deleter not being in the room.
Will also check if the canonical alias of the event is set to the
deleted alias, and if so will attempt to delete it.
2016-03-17 11:42:00 +00:00
12904932c4
Hook up adding a pusher to the notifier for replication.
2016-03-15 17:42:03 +00:00
398cd1edfb
Fix regression where synapse checked whether push rules were valid JSON before the compatibility hack that handled clients sending invalid JSON
2016-03-14 14:16:41 +00:00
494d0c8e02
Merge pull request #642 from matrix-org/erikj/logout
...
Implement logout
2016-03-11 20:16:25 +00:00
e9c1cabac2
Use parse_json_object_from_request to parse JSON out of request bodies
2016-03-11 16:41:03 +00:00
b13035cc91
Implement logout
2016-03-11 16:27:50 +00:00
b7dbe5147a
Add a parse_json_object function
...
to deduplicate all the copy+pasted _parse_json functions. Also document
the parse_.* functions.
2016-03-09 11:26:26 +00:00
7076082ae6
Fix relative imports so they work in both py3 and py27
2016-03-08 11:45:50 +00:00
239badea9b
Use syntax that works on both py2.7 and py3
2016-03-07 20:13:10 +00:00
ec7460b4f2
Merge branch 'develop' into markjh/pushrule_stream
2016-03-04 14:44:34 +00:00
1b4f4a936f
Hook up the push rules stream to account_data in /sync
2016-03-04 14:44:01 +00:00
dd463e246d
Merge pull request #614 from matrix-org/erikj/alias_delete
...
Allow alias creators to delete aliases
2016-03-04 09:02:33 +00:00
b4022cc487
Pass whole requester to ratelimiting
...
This will enable more detailed decisions
2016-03-03 16:43:42 +00:00
3406eba4ef
Move the code for formatting push rules into a separate function
2016-03-03 16:11:59 +00:00
ddf9e7b302
Hook up the push rules to the notifier
2016-03-03 14:57:45 +00:00
f9af8962f8
Allow alias creators to delete aliases
2016-03-01 14:46:31 +00:00
de27f7fc79
Add support for changing the actions for default rules
...
See matrix-org/matrix-doc#283
Works by adding dummy rules to the push rules table with a negative priority class and then using those rules to clobber the default rule actions when adding the default rules in ``list_with_base_rules``
2016-02-26 14:28:19 +00:00
87acd8fb07
Fix to appease the PEP8 dragon
2016-02-26 12:05:38 +01:00
a53774721a
Add error codes for malformed/bad JSON in /login
...
Signed-off-by: Gergely Polonkai <gergely@polonkaieu>
2016-02-26 10:22:35 +01:00
15c2ac2cac
Make sure we return a JSON object when returning the values of specif…
...
…ic keys from a push rule
2016-02-25 15:13:07 +00:00
9892d017b2
Remove unused get_rule_attr method
2016-02-24 16:31:07 +00:00
869580206d
Ignore invalid POST bodies when joining rooms
2016-02-24 08:50:28 +00:00
577951b032
Allow third_party_signed to be specified on /join
2016-02-23 15:11:25 +00:00
e5ad2e5267
Merge pull request #582 from matrix-org/erikj/presence
...
Rewrite presence for performance.
2016-02-19 09:37:50 +00:00
e12ec335a5
"You are not..."
2016-02-18 17:01:53 +00:00
b9977ea667
Remove dead code for setting device specific rules.
...
It wasn't possible to hit the code from the API because of a typo
in parsing the request path. Since no-one was using the feature
we might as well remove the dead code.
2016-02-18 16:05:13 +00:00
7e90fb6a57
Merge branch 'develop' into daniel/roomcleanupincremental
...
Conflicts:
synapse/rest/client/v1/room.py
2016-02-17 15:53:59 +00:00
591af2d074
Some cleanup
...
I'm not particularly happy with the "action" switching, but there's no
convenient way to defer the work that needs to happen after it, so... :(
2016-02-17 15:50:13 +00:00
e5999bfb1a
Initial cut
2016-02-17 15:40:50 +00:00
71d5d2c669
client/v1/room: include event_id in response to state event PUT, in accordance with the spec
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-02-17 11:53:43 +01:00
458782bf67
Fix typo in request validation for adding push rules.
2016-02-16 18:00:30 +00:00
4bfb32f685
Branch off member and non member sends
...
Unclean, needs tidy-up, but works
2016-02-15 18:21:30 +00:00
1a2197d7bf
Simplify room creation code
2016-02-15 18:19:01 +00:00
e560045cfd
Simplify room creation code
2016-02-15 18:18:39 +00:00
150fcde0dc
Reuse update_membership from /join
2016-02-15 16:16:03 +00:00
e71095801f
Merge implementation of /join by alias or ID
...
This code is kind of rough (passing the remote servers down a long
chain), but is a step towards improvement.
2016-02-15 15:39:16 +00:00
dbeed36dec
Merge some room joining codepaths
...
Force joining by alias to go through the send_membership_event checks,
rather than bypassing them straight into _do_join. This is the first of
many stages of cleanup.
2016-02-15 14:38:27 +00:00
4de08a4672
Revert "Merge two of the room join codepaths"
...
This reverts commit cf81375b94
2016-02-12 16:17:24 +00:00
cf81375b94
Merge two of the room join codepaths
...
There's at least one more to merge in.
Side-effects:
* Stop reporting None as displayname and avatar_url in some cases
* Joining a room by alias populates guest-ness in join event
* Remove unspec'd PUT version of /join/<room_id_or_alias> which has not
been called on matrix.org according to logs
* Stop recording access_token_id on /join/room_id - currently we don't
record it on /join/room_alias; I can try to thread it through at some
point.
2016-02-12 15:11:49 +00:00
58c9f20692
Catch the exceptions thrown by twisted when you write to a closed connection
2016-02-12 13:46:59 +00:00
ebaa999f92
Revert "Reject additional path segments"
...
This reverts commit 1d19a5ec0f
2016-02-09 12:46:52 +00:00
1d19a5ec0f
Reject additional path segments
2016-02-08 10:50:55 +00:00
34dda7cc7f
Merge pull request #557 from matrix-org/dbkr/profile_dont_return_null
...
Omit keys rather then returning null in profile API
2016-02-04 15:39:12 +00:00
709e09e1c3
Remove old log line
2016-02-03 16:32:20 +00:00
156cea5b45
No braces here
2016-02-03 15:04:51 +00:00
24277fbb97
Don't return null if profile display name / avatar url isn't set: omit them instead
2016-02-03 14:59:19 +00:00
5054806ec1
Rename config field to reflect yaml name
2016-02-03 14:42:01 +00:00
d83d004ccd
Fix flake8 warnings for new flake8
2016-02-02 17:18:50 +00:00
8c94833b72
Fix adding push rules relative to other rules
2016-01-27 10:24:20 +00:00
e18257f0e5
Add missing yield in push_rules set enabled
2016-01-25 16:51:56 +00:00
David Baker