watcha-synapse

Commit Graph

Author	SHA1	Message	Date
Patrick Cloke	e2481dbe93	Allow configuration of the oEmbed URLs. (#10714 ) This adds configuration options (under an `oembed` section) to configure which URLs are matched to use oEmbed for URL previews.	4 years ago
Callum Brown	947dbbdfd1	Implement MSC3231: Token authenticated registration (#10142 ) Signed-off-by: Callum Brown <callum@calcuode.com> This is part of my GSoC project implementing [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).	4 years ago
Callum Brown	6e613a10d0	Display an error page during failure of fallback UIA. (#10561 )	4 years ago
Andrew Morgan	71f0623de9	Port "Allow users to click account renewal links multiple times without hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832 ) This attempts to be a direct port of https://github.com/matrix-org/synapse-dinsic/pull/74 to mainline. There was some fiddling required to deal with the changes that have been made to mainline since (mainly dealing with the split of `RegistrationWorkerStore` from `RegistrationStore`, and the changes made to `self.make_request` in test code).	4 years ago
Patrick Cloke	b114a45f5f	Support not providing an IdP icon when choosing a username. (#9440 )	4 years ago
Richard van der Hoff	e288499c60	Social login UI polish (#9301 )	4 years ago
Richard van der Hoff	7a0dcea3e5	social login Fix username validation javascript (#9297 ) * fix validation and don't use built-in validation UI Co-authored-by: Bruno Windels <brunow@element.io>	4 years ago
Richard van der Hoff	96e460df2e	social login: add noopener to terms link (#9300 )	4 years ago
Richard van der Hoff	351845452c	fix broken HTML tag	4 years ago
Bruno Windels	f30c3a99be	make primary button not wider than viewport	4 years ago
Richard van der Hoff	c543bf87ec	Collect terms consent from the user during SSO registration (#9276 )	4 years ago
Richard van der Hoff	e5d70c8a82	Improve styling and wording of SSO UIA templates (#9286 ) fixes #9171	4 years ago
Richard van der Hoff	419313b06a	Improve styling and wording of SSO error templates (#9287 )	4 years ago
Richard van der Hoff	85c56b5a67	Make importing display name and email optional (#9277 )	4 years ago
Richard van der Hoff	4167494c90	Replace username picker with a template (#9275 ) There's some prelimiary work here to pull out the construction of a jinja environment to a separate function. I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.	4 years ago
Richard van der Hoff	8aed29dc61	Improve styling and wording of SSO redirect confirm template (#9272 )	4 years ago
Patrick Cloke	e54746bdf7	Clean-up the template loading code. (#9200 ) * Enables autoescape by default for HTML files. * Adds a new read_template method for reading a single template. * Some logic clean-up.	4 years ago
Richard van der Hoff	0cd2938bc8	Support icons for Identity Providers (#9154 )	4 years ago
Richard van der Hoff	5310808d3b	Give the user a better error when they present bad SSO creds If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO IdP, try to give them a better error. Previously, the UIA would claim to be successful, but then the operation in question would simply fail with "auth fail". Instead, serve up an error page which explains the failure.	4 years ago
Richard van der Hoff	111b673fc1	Add initial support for a "pick your IdP" page (#9017 ) During login, if there are multiple IdPs enabled, offer the user a choice of IdPs.	4 years ago
Richard van der Hoff	28877fade9	Implement a username picker for synapse (#8942 ) The final part (for now) of my work to implement a username picker in synapse itself. The idea is that we allow `UsernameMappingProvider`s to return `localpart=None`, in which case, rather than redirecting the browser back to the client, we redirect to a username-picker resource, which allows the user to enter a username. We then complete the SSO flow (including doing the client permission checks). The static resources for the username picker itself (in https://github.com/matrix-org/synapse/tree/rav/username_picker/synapse/res/username_picker) are essentially lifted wholesale from https://github.com/matrix-org/matrix-synapse-saml-mozilla/tree/master/matrix_synapse_saml_mozilla/res. As the comment says, we might want to think about making them customisable, but that can be a follow-up. Fixes #8876.	4 years ago
Patrick Cloke	4136255d3c	Ensure that a URL exists in the content during push. (#8965 ) This fixes an KeyError exception, after this PR the content is just considered unknown.	4 years ago
Patrick Cloke	c356b4bf42	Include a simple message in email notifications that include encrypted content (#8545 )	4 years ago
Patrick Cloke	34ff8da83b	Convert additional templates to Jinja (#8444 ) This converts a few more of our inline HTML templates to Jinja. This is somewhat part of #7280 and should make it a bit easier to customize these in the future.	4 years ago
Patrick Cloke	31acc5c309	Escape the error description on the sso_error template. (#8405 )	4 years ago
Patrick Cloke	6605470bfb	Improve SAML error messages (#8248 )	4 years ago
Andrew Morgan	a3a90ee031	Show a confirmation page during user password reset (#8004 ) This PR adds a confirmation step to resetting your user password between clicking the link in your email and your password actually being reset. This is to better align our password reset flow with the industry standard of requiring a confirmation from the user after email validation.	5 years ago
Richard van der Hoff	0cb169900e	Implement login blocking based on SAML attributes (#8052 ) Hopefully this mostly speaks for itself. I also did a bit of cleaning up of the error handling. Fixes #8047	5 years ago
Jason Robinson	759481af6d	Element CSS and logo in email templates (#7919 ) Use Element CSS and logo in notification emails when app name is Element. Signed-off-by: Jason Robinson <jasonr@matrix.org>	5 years ago
Quentin Gliech	616af44137	Implement OpenID Connect-based login (#7256 )	5 years ago
Patrick Cloke	9e0384dd3f	Fixes typo (bellow -> below) (#7449 )	5 years ago
Patrick Cloke	054c231e58	Use a template for the SSO success page to allow for customization. (#7279 )	5 years ago
Patrick Cloke	b85d7652ff	Do not allow a deactivated user to login via SSO. (#7240 )	5 years ago
Patrick Cloke	b9930d24a0	Support SAML in the user interactive authentication workflow. (#7102 )	5 years ago
Brendan Abolivier	ebfcbbff9c	Use innerText instead of innerHTML	5 years ago
Brendan Abolivier	900bca9707	Update wording and config	5 years ago
Brendan Abolivier	b8cfe79ffc	Move the default SAML2 error HTML to a dedicated file Also add some JS to it to process any error we might have in the URI (see #6893).	5 years ago
Brendan Abolivier	b2bd54a2e3	Add a confirmation step to the SSO login flow	5 years ago
Andrew Morgan	df3401a71d	Allow HS to send emails when adding an email to the HS (#6042 )	5 years ago
Andrew Morgan	0c0b82b6d1	Allow Synapse to send registration emails + choose Synapse or an external server to handle 3pid validation (#5987 ) This is a combination of a few different PRs, finally all being merged into `develop`: * #5875 * #5876 * #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](`891afb57cb (diff-e591d42d30690ffb79f63bb726200891)`) in #5969. What's left is just giving /versions access to the config file, which could be useful in the future) * #5835 * #5969 * #5940 Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged. UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.	6 years ago
Brendan Abolivier	a4a9ded4d0	Allow defining HTML templates to serve the user on account renewal	6 years ago
Erik Johnston	10383e6e6f	Change password reset links to /_matrix.	6 years ago
Andrew Morgan	3719680ee4	Add ability to perform password reset via email without trusting the identity server (#5377 ) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368	6 years ago
Brendan Abolivier	20f0617e87	Send out emails with links to extend an account's validity period	6 years ago
Travis Ralston	4dfbae18fe	Use static locations for Riot icons See https://github.com/vector-im/riot-web/issues/9009	6 years ago
Richard van der Hoff	1519572961	Ship the email templates as package_data move the example email templates into the synapse package so that they can be used as package data, which should mean that all of the packaging mechanisms (pip, docker, debian, arch, etc) should now come with the example templates. In order to grandfather in people who relied on the templates being in the old place, check for that situation and fall back to using the defaults if the templates directory does not exist.	6 years ago

50 Commits (7bf2d6c268bb9fb6a1b22cff4287ce5f8224ac7b)