Patrick Cloke
111e70d75c
Return the proper 403 Forbidden error during errors with JWT logins. ( #7844 )
2020-07-15 07:10:21 -04:00
Patrick Cloke
77d2c05410
Add the option to validate the `iss` and `aud` claims for JWT logins. ( #7827 )
2020-07-14 07:16:43 -04:00
Patrick Cloke
66a4af8d96
Do not use canonicaljson to magically handle decoding bytes from JSON. ( #7802 )
2020-07-10 14:30:08 -04:00
Patrick Cloke
38e1fac886
Fix some spelling mistakes / typos. ( #7811 )
2020-07-09 09:52:58 -04:00
Sorunome
6920e58136
add org.matrix.login.jwt so that m.login.jwt can be deprecated ( #7675 )
2020-06-24 10:23:55 +01:00
Dagfinn Ilmari Mannsåker
a3f11567d9
Replace all remaining six usage with native Python 3 equivalents ( #7704 )
2020-06-16 08:51:47 -04:00
Andrew Morgan
f4e6495b5d
Performance improvements and refactor of Ratelimiter ( #7595 )
...
While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both:
* Rather undocumented, and
* causing a *lot* of config checks
This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation.
Best to be reviewed commit-by-commit.
2020-06-05 10:47:20 +01:00
Olof Johansson
fe434cd3c9
Fix a bug in automatic user creation with m.login.jwt. ( #7585 )
2020-06-01 12:55:07 -04:00
Andrew Morgan
225c165087
Allow expired accounts to logout ( #7443 )
2020-05-14 16:32:49 +01:00
Richard van der Hoff
c2e1a2110f
Fix limit logic for EventsStream ( #7358 )
...
* Factor out functions for injecting events into database
I want to add some more flexibility to the tools for injecting events into the
database, and I don't want to clutter up HomeserverTestCase with them, so let's
factor them out to a new file.
* Rework TestReplicationDataHandler
This wasn't very easy to work with: the mock wrapping was largely superfluous,
and it's useful to be able to inspect the received rows, and clear out the
received list.
* Fix AssertionErrors being thrown by EventsStream
Part of the problem was that there was an off-by-one error in the assertion,
but also the limit logic was too simple. Fix it all up and add some tests.
2020-04-29 12:30:36 +01:00
Zay11Zay
f1097e7720
Fix the parameters of a test fixture ( #7243 )
2020-04-14 15:37:28 -04:00
Andrew Morgan
ac978ab3da
Default PL100 to enable encryption in a room ( #7230 )
2020-04-09 18:45:38 +01:00
Patrick Cloke
b85d7652ff
Do not allow a deactivated user to login via SSO. ( #7240 )
2020-04-09 13:28:13 -04:00
Richard van der Hoff
b7da598a61
Always whitelist the login fallback for SSO ( #7153 )
...
That fallback sets the redirect URL to itself (so it can process the login
token then return gracefully to the client). This would make it pointless to
ask the user for confirmation, since the URL the confirmation page would be
showing wouldn't be the client's.
2020-03-27 20:24:52 +00:00
Patrick Cloke
60724c46b7
Remove special casing of `m.room.aliases` events ( #7034 )
2020-03-17 07:37:04 -04:00
Brendan Abolivier
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
Patrick Cloke
7dcbc33a1b
Validate the alt_aliases property of canonical alias events ( #6971 )
2020-03-03 07:12:45 -05:00
Richard van der Hoff
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
Brendan Abolivier
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
Richard van der Hoff
2fb7794e60
Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekable
...
Make room alias lists peekable
2020-02-19 11:19:11 +00:00
Richard van der Hoff
880aaac1d8
Move MSC2432 stuff onto unstable prefix ( #6948 )
...
it's not in the spec yet, so needs to be unstable. Also add a feature flag for it. Also add a test for admin users.
2020-02-19 10:40:27 +00:00
Richard van der Hoff
709e81f518
Make room alias lists peekable
...
As per
https://github.com/matrix-org/matrix-doc/pull/2432#pullrequestreview-360566830 ,
make room alias lists accessible to users outside world_readable rooms.
2020-02-19 08:53:32 +00:00
Richard van der Hoff
adfaea8c69
Implement GET /_matrix/client/r0/rooms/{roomId}/aliases ( #6939 )
...
per matrix-org/matrix-doc#2432
2020-02-18 16:23:25 +00:00
Andrew Morgan
3404ad289b
Raise the default power levels for invites, tombstones and server acls ( #6834 )
2020-02-17 13:23:37 +00:00
Richard van der Hoff
184303b865
MSC2260: Block direct sends of m.room.aliases events ( #6794 )
...
as per MSC2260
2020-01-30 17:20:55 +00:00
Erik Johnston
74b74462f1
Fix `/events/:event_id` deprecated API. ( #6731 )
2020-01-20 17:38:09 +00:00
Andrew Morgan
1177d3f3a3
Quarantine media by ID or user ID ( #6681 )
2020-01-13 18:10:43 +00:00
Richard van der Hoff
6e8f8e14f2
Merge release-v1.7.1 into develop
2019-12-18 09:51:51 +00:00
Will Hunt
bfb95654c9
Add option to allow profile queries without sharing a room ( #6523 )
2019-12-16 16:11:55 +00:00
Brendan Abolivier
a820069549
Incorporate review
2019-12-16 16:00:18 +00:00
Brendan Abolivier
a29420f9f4
Lint
2019-12-16 14:55:50 +00:00
Brendan Abolivier
596dd9914d
Add test case
2019-12-16 14:53:21 +00:00
Erik Johnston
b3a4e35ca8
Fixup functions to consistently return deferreds
2019-12-06 10:40:05 +00:00
Erik Johnston
4ca3ef10b9
Fixup tests
2019-12-05 15:57:28 +00:00
Brendan Abolivier
65c6aee621
Un-remove room purge test
2019-12-04 14:37:04 +00:00
Brendan Abolivier
aeda1b3b94
Merge branch 'babolivier/context_filters' of github.com:matrix-org/synapse into babolivier/context_filters
2019-12-04 14:29:03 +00:00
Brendan Abolivier
9dc84b7989
Merge branch 'develop' into babolivier/context_filters
2019-12-04 14:23:44 +00:00
Erik Johnston
8c9a713f8d
Add tests
2019-11-28 11:32:06 +00:00
Brendan Abolivier
4c1b799e1b
Merge branch 'develop' into babolivier/context_filters
2019-11-26 10:53:48 +00:00
Brendan Abolivier
e2a20326e8
Lint
2019-11-20 15:08:47 +00:00
Brendan Abolivier
6356f2088f
Test if a purge can make /messages return 500 responses
2019-11-20 12:09:06 +00:00
Brendan Abolivier
a6863da249
Lint
2019-11-05 14:50:19 +00:00
Brendan Abolivier
8822b33111
Update copyrights
2019-11-05 14:46:35 +00:00
Brendan Abolivier
037360e6cf
Add tests for /search
2019-11-05 14:33:18 +00:00
Brendan Abolivier
c9e4748cb7
Merge labels tests for /context and /messages
2019-11-05 13:47:47 +00:00
Brendan Abolivier
a7c818c79b
Add test case
2019-11-05 13:21:26 +00:00
Brendan Abolivier
988d8d6507
Incorporate review
2019-11-01 16:22:44 +00:00
Brendan Abolivier
c6dbca2422
Incorporate review
2019-11-01 10:30:51 +00:00
Brendan Abolivier
dcc069a2e2
Lint
2019-10-30 18:01:56 +00:00
Brendan Abolivier
d8c9109aee
Add integration tests for /messages
2019-10-30 17:48:22 +00:00
Brendan Abolivier
395683add1
Add integration tests for sync
2019-10-30 16:47:37 +00:00
werner291
b5b03b7079
Add domain validation when creating room with list of invitees ( #6121 )
2019-10-10 13:05:48 +01:00
Erik Johnston
6e834e94fc
Fix and refactor room and user stats ( #5971 )
...
Previously the stats were not being correctly populated.
2019-09-04 13:04:27 +01:00
Richard van der Hoff
5f158ec039
Implement access token expiry ( #5660 )
...
Record how long an access token is valid for, and raise a soft-logout once it
expires.
2019-07-12 17:26:02 +01:00
Brendan Abolivier
73cb716b3c
Lint
2019-07-08 17:44:20 +01:00
Brendan Abolivier
5e01e9ac19
Add test case
2019-07-08 17:41:16 +01:00
Brendan Abolivier
bfe84e051e
Split public rooms directory auth config in two
2019-06-24 15:42:31 +01:00
Amber Brown
32e7c9e7f2
Run Black. ( #5482 )
2019-06-20 19:32:02 +10:00
Amber Brown
2889b05554
Unify v1 and v2 REST client APIs ( #5226 )
2019-06-03 21:28:59 +10:00
Richard van der Hoff
d828d1dc57
Merge pull request #5309 from matrix-org/rav/limit_displayname_length
...
Limit displaynames and avatar URLs
2019-06-01 11:34:50 +01:00
Richard van der Hoff
93003aa172
add some tests
2019-06-01 11:14:37 +01:00
Amber Brown
4a30e4acb4
Room Statistics ( #4338 )
2019-05-21 11:36:50 -05:00
Brendan Abolivier
8f9ce1a8a2
Lint
2019-05-16 15:25:54 +01:00
Brendan Abolivier
cc8c139a39
Lint
2019-05-16 15:20:59 +01:00
Brendan Abolivier
efdc55db75
Forgot copyright
2019-05-16 15:10:24 +01:00
Brendan Abolivier
54a582ed44
Add test case
2019-05-16 15:09:16 +01:00
Amber Brown
df2ebd75d3
Migrate all tests to use the dict-based config format instead of hanging items off HomeserverConfig ( #5171 )
2019-05-13 15:01:14 -05:00
Amber Brown
b36c82576e
Run Black on the tests again ( #5170 )
2019-05-10 00:12:11 -05:00
Brendan Abolivier
d216a36b37
Fix bogus imports in tests ( #5154 )
2019-05-08 21:57:03 +01:00
Matthew Hodgson
c0e0740bef
add options to require an access_token to GET /profile and /publicRooms on CS API ( #5083 )
...
This commit adds two config options:
* `restrict_public_rooms_to_local_users`
Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API.
* `require_auth_for_profile_requests`
When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301.
MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though.
Groups have been intentionally omitted from this commit.
2019-05-08 18:26:56 +01:00
Brendan Abolivier
1473058b5e
Do checks on aliases for incoming m.room.aliases events ( #5128 )
...
Follow-up to #5124
Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended.
2019-05-08 17:01:30 +01:00
Richard van der Hoff
12f9d51e82
Add admin api for sending server_notices ( #5121 )
2019-05-02 11:59:16 +01:00
Richard van der Hoff
40e576e29c
Move admin api impl to its own package
...
It doesn't really belong under rest/client/v1 any more.
2019-05-01 15:44:30 +01:00
Erik Johnston
c6a233a936
Add unit test for deleting groups
2019-04-03 16:29:52 +01:00
Amber Brown
a68e00fca8
Some more porting to HomeserverTestCase and remove old RESTHelper ( #4913 )
2019-03-22 02:10:21 +11:00
Erik Johnston
01e6b405be
Merge pull request #4908 from matrix-org/erikj/block_peek_on_blocked_rooms
...
Deny peeking into rooms that have been blocked
2019-03-21 14:07:17 +00:00
Erik Johnston
d3f640f0ac
isort
2019-03-21 11:29:48 +00:00
Erik Johnston
cd80cbffea
Fix typo and add description
2019-03-21 11:24:04 +00:00
Erik Johnston
536a266520
Deny peeking into rooms that have been blocked
2019-03-21 11:20:13 +00:00
Erik Johnston
4a8a1ac962
Rejig testcase to make it more extensible
2019-03-21 11:02:11 +00:00
Erik Johnston
9c9e618b93
Remove debug
2019-03-21 10:58:56 +00:00
Erik Johnston
5c6f61f81c
Add tests
2019-03-21 10:51:21 +00:00
Brendan Abolivier
651ad8bc96
Add ratelimiting on failed login attempts ( #4865 )
2019-03-18 12:57:20 +00:00
Brendan Abolivier
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
Erik Johnston
16c8b4ecbd
Merge pull request #4772 from jbweston/jbweston/server-version-api
...
Add 'server_version' endpoint to admin API
2019-03-05 16:31:00 +00:00
Brendan Abolivier
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
Joseph Weston
1e8388b311
Add 'server_version' endpoint to admin API
...
This is required because the 'Server' HTTP header is not always
passed through proxies.
2019-03-01 09:56:58 +01:00
Joseph Weston
b136ee10df
Import 'admin' module rather than 'register_servlets' directly
...
We will later need also to import 'register_servlets' from the
'login' module, so we un-pollute the namespace now to keep the
logical changes separate.
2019-03-01 09:46:25 +01:00
Amber Brown
d7843f47b6
Remove v1 only REST APIs now we don't ship matrix console ( #4334 )
2018-12-29 23:12:30 +11:00
Neil Johnson
d2f7c4e6b1
create support user ( #4141 )
...
Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
2018-12-14 18:20:59 +00:00
Amber Brown
e62f7f17b3
Remove some boilerplate in tests ( #4156 )
2018-11-07 03:00:00 +11:00
Amber Brown
3bade14ec0
Fix search 500ing ( #4122 )
2018-10-31 04:33:41 +11:00
Amber Brown
52ec6e9dfa
Port tests/ to Python 3 ( #3808 )
2018-09-07 02:58:18 +10:00
Amber Brown
14e4d4f4bf
Port storage/ to Python 3 ( #3725 )
2018-08-31 00:19:58 +10:00
Amber Brown
c334ca67bb
Integrate presence from hotfixes ( #3694 )
2018-08-18 01:08:45 +10:00
Amber Brown
a87af25fbb
Fix the tests
2018-08-15 15:12:23 +01:00
Amber Brown
bdfbd934d6
Implement a new test baseclass to cut down on boilerplate ( #3684 )
2018-08-14 20:53:43 +10:00
Amber Brown
99dd975dae
Run tests under PostgreSQL ( #3423 )
2018-08-13 16:47:46 +10:00
black
8b3d9b6b19
Run black.
2018-08-10 23:54:09 +10:00
Amber Brown
2511f3f8a0
Test fixes for Python 3 ( #3647 )
2018-08-09 12:22:01 +10:00