Tulir Asokan
a4b1f64562
Fix /refresh endpoint version ( #14364 )
2022-11-04 16:43:51 +00:00
Quentin Gliech
8756d5c87e
Save login tokens in database ( #13844 )
...
* Save login tokens in database
Signed-off-by: Quentin Gliech <quenting@element.io>
* Add upgrade notes
* Track login token reuse in a Prometheus metric
Signed-off-by: Quentin Gliech <quenting@element.io>
2022-10-26 11:45:41 +01:00
Brendan Abolivier
be76cd8200
Allow admins to require a manual approval process before new accounts can be used (using MSC3866) ( #13556 )
2022-09-29 15:23:24 +02:00
Quentin Gliech
b19060a29b
Make the AS login method call `Auth.get_user_by_req` for checking the AS token. ( #13094 )
...
This gets rid of another usage of get_appservice_by_req, with all the benefits, including correctly tracking the appservice IP and setting the tracing attributes correctly.
Signed-off-by: Quentin Gliech <quenting@element.io>
2022-07-12 18:06:29 +01:00
Hannes Lerchl
7d99414edf
Replace pyjwt with authlib in `org.matrix.login.jwt` ( #13011 )
2022-06-15 16:45:16 +00:00
Patrick Cloke
7fbf42499d
Use `getClientAddress` instead of `getClientIP`. ( #12599 )
...
getClientIP was deprecated in Twisted 18.4.0, which also added
getClientAddress. The Synapse minimum version for Twisted is
currently 18.9.0, so all supported versions have the new API.
2022-05-04 14:11:21 -04:00
Patrick Cloke
ba3fd54bad
Remove unstable/unspecced login types. ( #12597 )
...
* `m.login.jwt`, which was never specced and has been deprecated
since Synapse 1.16.0. (`org.matrix.login.jwt` can be used instead.)
* `uk.half-shot.msc2778.login.application_service`, which was
stabilized as part of the Matrix spec v1.2 release.
2022-05-04 13:53:21 +00:00
Shay
8e2759f2d8
Limit `device_id` size to 512B ( #12454 )
...
*
2022-04-13 10:04:01 -07:00
Richard van der Hoff
e24ff8ebe3
Remove `HomeServer.get_datastore()` ( #12031 )
...
The presence of this method was confusing, and mostly present for backwards
compatibility. Let's get rid of it.
Part of #11733
2022-02-23 11:04:02 +00:00
reivilibre
2f053f3f82
Stabilise support for MSC2918 refresh tokens as they have now been merged into the Matrix specification. ( #11435 )
2021-12-06 19:11:43 +00:00
Quentin Gliech
a15a893df8
Save the OIDC session ID (sid) with the device on login ( #11482 )
...
As a step towards allowing back-channel logout for OIDC.
2021-12-06 12:43:06 -05:00
Patrick Cloke
a265fbd397
Register the login redirect endpoint for v3. ( #11451 )
...
As specified for Matrix v1.1.
2021-12-01 07:25:58 -05:00
reivilibre
1b6691dce4
Update MSC2918 refresh token support to confirm with the latest revision: accept the `refresh_tokens` parameter in the request body rather than in the URL parameters. ( #11430 )
2021-11-26 19:06:16 +00:00
reivilibre
1d8b80b334
Support expiry of refresh tokens and expiry of the overall session when refresh tokens are in use. ( #11425 )
2021-11-26 14:27:14 +00:00
reivilibre
f25c75d376
Rename unstable `access_token_lifetime` configuration option to `refreshable_access_token_lifetime` to make it clear it only concerns refreshable access tokens. ( #11388 )
2021-11-23 17:01:34 +00:00
Kostas
1035663833
Add config for customizing the claim used for JWT logins. ( #11361 )
...
Allows specifying a different claim (from the default "sub") to use
when calculating the localpart of the Matrix ID used during the
JWT login.
2021-11-22 13:01:03 -05:00
Tulir Asokan
6f862c5c28
Add support for the stable version of MSC2778 ( #11335 )
...
* Add support for the stable version of MSC2778
Signed-off-by: Tulir Asokan <tulir@maunium.net>
* Expect m.login.application_service in login and password provider tests
Signed-off-by: Tulir Asokan <tulir@maunium.net>
2021-11-15 10:31:22 +00:00
Patrick Cloke
a0f48ee89d
Use direct references for configuration variables (part 7). ( #10959 )
2021-10-04 07:18:54 -04:00
Patrick Cloke
bb7fdd821b
Use direct references for configuration variables (part 5). ( #10897 )
2021-09-24 07:25:21 -04:00
Patrick Cloke
47854c71e9
Use direct references for configuration variables (part 4). ( #10893 )
2021-09-23 12:03:01 -04:00
Patrick Cloke
e584534403
Use direct references for some configuration variables (part 3) ( #10885 )
...
This avoids the overhead of searching through the various
configuration classes by directly referencing the class that
the attributes are in.
It also improves type hints since mypy can now resolve the
types of the configuration variables.
2021-09-23 07:13:34 -04:00
Patrick Cloke
01c88a09cd
Use direct references for some configuration variables ( #10798 )
...
Instead of proxying through the magic getter of the RootConfig
object. This should be more performant (and is more explicit).
2021-09-13 13:07:12 -04:00
Sean
273b6861f2
Remove unstable MSC2858 API, including `experimental.msc2858_enabled` config option ( #10693 )
...
Signed-off-by: Sean Quah <seanq@element.io>
2021-09-09 17:59:59 +01:00
Patrick Cloke
1aa0dad021
Additional type hints for REST servlets (part 2). ( #10674 )
...
Applies the changes from #10665 to additional modules.
2021-08-26 11:53:52 +00:00
Richard van der Hoff
15db8b7c7f
Correctly initialise the `synapse_user_logins` metric. ( #10677 )
...
Fix a bug where the prometheus metrics for SSO logins wouldn't be initialised
until the first user logged in with a given auth provider.
2021-08-24 09:17:51 +00:00
reivilibre
642a42edde
Flatten the synapse.rest.client package ( #10600 )
2021-08-17 11:57:58 +00:00