From 53b12688dd2a9d7d8076122d48f088c5c3e9939e Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Wed, 2 Dec 2020 08:57:51 -0500 Subject: [PATCH 1/7] 1.24.0rc1 --- CHANGES.md | 72 ++++++++++++++++++++++++++++++++++++++++ changelog.d/8565.misc | 1 - changelog.d/8617.feature | 1 - changelog.d/8630.feature | 1 - changelog.d/8731.misc | 1 - changelog.d/8734.doc | 1 - changelog.d/8744.bugfix | 1 - changelog.d/8751.misc | 1 - changelog.d/8754.misc | 1 - changelog.d/8757.misc | 1 - changelog.d/8758.misc | 1 - changelog.d/8759.misc | 1 - changelog.d/8760.misc | 1 - changelog.d/8761.misc | 1 - changelog.d/8765.misc | 1 - changelog.d/8770.misc | 1 - changelog.d/8771.doc | 1 - changelog.d/8772.misc | 1 - changelog.d/8773.misc | 1 - changelog.d/8774.misc | 1 - changelog.d/8776.bugfix | 1 - changelog.d/8777.misc | 1 - changelog.d/8779.doc | 1 - changelog.d/8784.misc | 1 - changelog.d/8785.removal | 1 - changelog.d/8793.doc | 1 - changelog.d/8795.doc | 1 - changelog.d/8798.bugfix | 1 - changelog.d/8799.bugfix | 1 - changelog.d/8800.misc | 1 - changelog.d/8801.feature | 1 - changelog.d/8804.feature | 1 - changelog.d/8806.misc | 1 - changelog.d/8809.misc | 1 - changelog.d/8812.misc | 1 - changelog.d/8815.misc | 1 - changelog.d/8817.bugfix | 1 - changelog.d/8818.doc | 1 - changelog.d/8819.misc | 1 - changelog.d/8820.feature | 1 - changelog.d/8822.doc | 1 - changelog.d/8823.bugfix | 1 - changelog.d/8824.doc | 1 - changelog.d/8833.removal | 1 - changelog.d/8835.bugfix | 1 - changelog.d/8843.feature | 1 - changelog.d/8845.misc | 1 - changelog.d/8847.misc | 1 - changelog.d/8848.bugfix | 1 - changelog.d/8849.misc | 1 - changelog.d/8850.misc | 1 - changelog.d/8851.misc | 1 - changelog.d/8854.misc | 1 - changelog.d/8855.feature | 1 - synapse/__init__.py | 2 +- 55 files changed, 73 insertions(+), 54 deletions(-) delete mode 100644 changelog.d/8565.misc delete mode 100644 changelog.d/8617.feature delete mode 100644 changelog.d/8630.feature delete mode 100644 changelog.d/8731.misc delete mode 100644 changelog.d/8734.doc delete mode 100644 changelog.d/8744.bugfix delete mode 100644 changelog.d/8751.misc delete mode 100644 changelog.d/8754.misc delete mode 100644 changelog.d/8757.misc delete mode 100644 changelog.d/8758.misc delete mode 100644 changelog.d/8759.misc delete mode 100644 changelog.d/8760.misc delete mode 100644 changelog.d/8761.misc delete mode 100644 changelog.d/8765.misc delete mode 100644 changelog.d/8770.misc delete mode 100644 changelog.d/8771.doc delete mode 100644 changelog.d/8772.misc delete mode 100644 changelog.d/8773.misc delete mode 100644 changelog.d/8774.misc delete mode 100644 changelog.d/8776.bugfix delete mode 100644 changelog.d/8777.misc delete mode 100644 changelog.d/8779.doc delete mode 100644 changelog.d/8784.misc delete mode 100644 changelog.d/8785.removal delete mode 100644 changelog.d/8793.doc delete mode 100644 changelog.d/8795.doc delete mode 100644 changelog.d/8798.bugfix delete mode 100644 changelog.d/8799.bugfix delete mode 100644 changelog.d/8800.misc delete mode 100644 changelog.d/8801.feature delete mode 100644 changelog.d/8804.feature delete mode 100644 changelog.d/8806.misc delete mode 100644 changelog.d/8809.misc delete mode 100644 changelog.d/8812.misc delete mode 100644 changelog.d/8815.misc delete mode 100644 changelog.d/8817.bugfix delete mode 100644 changelog.d/8818.doc delete mode 100644 changelog.d/8819.misc delete mode 100644 changelog.d/8820.feature delete mode 100644 changelog.d/8822.doc delete mode 100644 changelog.d/8823.bugfix delete mode 100644 changelog.d/8824.doc delete mode 100644 changelog.d/8833.removal delete mode 100644 changelog.d/8835.bugfix delete mode 100644 changelog.d/8843.feature delete mode 100644 changelog.d/8845.misc delete mode 100644 changelog.d/8847.misc delete mode 100644 changelog.d/8848.bugfix delete mode 100644 changelog.d/8849.misc delete mode 100644 changelog.d/8850.misc delete mode 100644 changelog.d/8851.misc delete mode 100644 changelog.d/8854.misc delete mode 100644 changelog.d/8855.feature diff --git a/CHANGES.md b/CHANGES.md index 4237550818..662762c07c 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,75 @@ +Synapse 1.24.0rc1 (2020-12-02) +============================== + +Features +-------- + +- Add admin API for logging in as a user. ([\#8617](https://github.com/matrix-org/synapse/issues/8617)) +- Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\#8630](https://github.com/matrix-org/synapse/issues/8630)) +- Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\#8801](https://github.com/matrix-org/synapse/issues/8801), [\#8855](https://github.com/matrix-org/synapse/issues/8855)) +- Allow Date header through CORS. Contributed by Nicolas Chamo. ([\#8804](https://github.com/matrix-org/synapse/issues/8804)) +- Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as "the number of rooms with unread messages" or "total unread messages". ([\#8820](https://github.com/matrix-org/synapse/issues/8820)) +- Add `force_purge` option to delete-room admin api. ([\#8843](https://github.com/matrix-org/synapse/issues/8843)) + + +Bugfixes +-------- + +- Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. ([\#8744](https://github.com/matrix-org/synapse/issues/8744)) +- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776)) +- Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\#8798](https://github.com/matrix-org/synapse/issues/8798)) +- Allow per-room profiles to be used for the server notice user. ([\#8799](https://github.com/matrix-org/synapse/issues/8799)) +- Fix bug where logging could break after a call to SIGHUP. ([\#8817](https://github.com/matrix-org/synapse/issues/8817)) +- Fix `register_new_matrix_user` failing with "Bad Request" when trailing slash is included in server URL. Contributed by @angdraug. ([\#8823](https://github.com/matrix-org/synapse/issues/8823)) +- Fix minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\#8835](https://github.com/matrix-org/synapse/issues/8835)) +- Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\#8848](https://github.com/matrix-org/synapse/issues/8848)) + + +Improved Documentation +---------------------- + +- Clarify the usecase for an msisdn delegate. Contributed by Adrian Wannenmacher. ([\#8734](https://github.com/matrix-org/synapse/issues/8734)) +- Remove extraneous comma from JSON example in User Admin API docs. ([\#8771](https://github.com/matrix-org/synapse/issues/8771)) +- Update `turn-howto.md` with troubleshooting notes. ([\#8779](https://github.com/matrix-org/synapse/issues/8779)) +- Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\#8793](https://github.com/matrix-org/synapse/issues/8793)) +- Improve the documentation for the admin API to list all media in a room with respect to encrypted events. ([\#8795](https://github.com/matrix-org/synapse/issues/8795)) +- Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). ([\#8818](https://github.com/matrix-org/synapse/issues/8818)) +- Improve documentation how to configure prometheus for workers. ([\#8822](https://github.com/matrix-org/synapse/issues/8822)) +- Update example prometheus console. ([\#8824](https://github.com/matrix-org/synapse/issues/8824)) + + +Deprecations and Removals +------------------------- + +- Remove old `/_matrix/client/*/admin` endpoints which was deprecated since Synapse 1.20.0. ([\#8785](https://github.com/matrix-org/synapse/issues/8785)) +- Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\#8833](https://github.com/matrix-org/synapse/issues/8833)) + + +Internal Changes +---------------- + +- Simplify the way the `HomeServer` object caches its internal attributes. ([\#8565](https://github.com/matrix-org/synapse/issues/8565), [\#8851](https://github.com/matrix-org/synapse/issues/8851)) +- Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. ([\#8731](https://github.com/matrix-org/synapse/issues/8731)) +- Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. ([\#8751](https://github.com/matrix-org/synapse/issues/8751)) +- Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. ([\#8754](https://github.com/matrix-org/synapse/issues/8754)) +- Refactor test utilities for injecting HTTP requests. ([\#8757](https://github.com/matrix-org/synapse/issues/8757), [\#8758](https://github.com/matrix-org/synapse/issues/8758), [\#8759](https://github.com/matrix-org/synapse/issues/8759), [\#8760](https://github.com/matrix-org/synapse/issues/8760), [\#8761](https://github.com/matrix-org/synapse/issues/8761), [\#8777](https://github.com/matrix-org/synapse/issues/8777)) +- Consolidate logic between the OpenID Connect and SAML code. ([\#8765](https://github.com/matrix-org/synapse/issues/8765)) +- Use `TYPE_CHECKING` instead of magic `MYPY` variable. ([\#8770](https://github.com/matrix-org/synapse/issues/8770)) +- Add a commandline script to sign arbitrary json objects. ([\#8772](https://github.com/matrix-org/synapse/issues/8772)) +- Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\#8773](https://github.com/matrix-org/synapse/issues/8773)) +- Add additional error checking for OpenID Connect and SAML mapping providers. ([\#8774](https://github.com/matrix-org/synapse/issues/8774), [\#8800](https://github.com/matrix-org/synapse/issues/8800)) +- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\#8784](https://github.com/matrix-org/synapse/issues/8784)) +- Add type hints to HTTP abstractions. ([\#8806](https://github.com/matrix-org/synapse/issues/8806), [\#8812](https://github.com/matrix-org/synapse/issues/8812)) +- Remove unnecessary function arguments and add typing to several membership replication classes. ([\#8809](https://github.com/matrix-org/synapse/issues/8809)) +- Optimise the lookup for an invite from another homeserver when trying to reject it. ([\#8815](https://github.com/matrix-org/synapse/issues/8815)) +- Add tests for `password_auth_provider`s. ([\#8819](https://github.com/matrix-org/synapse/issues/8819)) +- Drop redundant database index on `event_json`. ([\#8845](https://github.com/matrix-org/synapse/issues/8845)) +- Simplify `uk.half-shot.msc2778.login.application_service` login handler. ([\#8847](https://github.com/matrix-org/synapse/issues/8847)) +- Refactor `password_auth_provider` support code. ([\#8849](https://github.com/matrix-org/synapse/issues/8849)) +- Add missing `ordering` to background database updates. ([\#8850](https://github.com/matrix-org/synapse/issues/8850)) +- Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. ([\#8854](https://github.com/matrix-org/synapse/issues/8854)) + + Synapse 1.23.0 (2020-11-18) =========================== diff --git a/changelog.d/8565.misc b/changelog.d/8565.misc deleted file mode 100644 index 7bef422618..0000000000 --- a/changelog.d/8565.misc +++ /dev/null @@ -1 +0,0 @@ -Simplify the way the `HomeServer` object caches its internal attributes. diff --git a/changelog.d/8617.feature b/changelog.d/8617.feature deleted file mode 100644 index 4f1e788506..0000000000 --- a/changelog.d/8617.feature +++ /dev/null @@ -1 +0,0 @@ -Add admin API for logging in as a user. diff --git a/changelog.d/8630.feature b/changelog.d/8630.feature deleted file mode 100644 index 706051f131..0000000000 --- a/changelog.d/8630.feature +++ /dev/null @@ -1 +0,0 @@ -Allow specification of the SAML IdP if the metadata returns multiple IdPs. diff --git a/changelog.d/8731.misc b/changelog.d/8731.misc deleted file mode 100644 index df5882e960..0000000000 --- a/changelog.d/8731.misc +++ /dev/null @@ -1 +0,0 @@ -Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. diff --git a/changelog.d/8734.doc b/changelog.d/8734.doc deleted file mode 100644 index 3bff9021c7..0000000000 --- a/changelog.d/8734.doc +++ /dev/null @@ -1 +0,0 @@ -Clarify the usecase for an msisdn delegate. Contributed by Adrian Wannenmacher. diff --git a/changelog.d/8744.bugfix b/changelog.d/8744.bugfix deleted file mode 100644 index f8f9630bd6..0000000000 --- a/changelog.d/8744.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. diff --git a/changelog.d/8751.misc b/changelog.d/8751.misc deleted file mode 100644 index 204c280c0e..0000000000 --- a/changelog.d/8751.misc +++ /dev/null @@ -1 +0,0 @@ -Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. \ No newline at end of file diff --git a/changelog.d/8754.misc b/changelog.d/8754.misc deleted file mode 100644 index 0436bb1be7..0000000000 --- a/changelog.d/8754.misc +++ /dev/null @@ -1 +0,0 @@ -Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. \ No newline at end of file diff --git a/changelog.d/8757.misc b/changelog.d/8757.misc deleted file mode 100644 index 54502e9b90..0000000000 --- a/changelog.d/8757.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8758.misc b/changelog.d/8758.misc deleted file mode 100644 index 54502e9b90..0000000000 --- a/changelog.d/8758.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8759.misc b/changelog.d/8759.misc deleted file mode 100644 index 54502e9b90..0000000000 --- a/changelog.d/8759.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8760.misc b/changelog.d/8760.misc deleted file mode 100644 index 54502e9b90..0000000000 --- a/changelog.d/8760.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8761.misc b/changelog.d/8761.misc deleted file mode 100644 index e6da7d038d..0000000000 --- a/changelog.d/8761.misc +++ /dev/null @@ -1 +0,0 @@ - Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8765.misc b/changelog.d/8765.misc deleted file mode 100644 index 053f9acc9c..0000000000 --- a/changelog.d/8765.misc +++ /dev/null @@ -1 +0,0 @@ -Consolidate logic between the OpenID Connect and SAML code. diff --git a/changelog.d/8770.misc b/changelog.d/8770.misc deleted file mode 100644 index b5876a82f9..0000000000 --- a/changelog.d/8770.misc +++ /dev/null @@ -1 +0,0 @@ -Use `TYPE_CHECKING` instead of magic `MYPY` variable. diff --git a/changelog.d/8771.doc b/changelog.d/8771.doc deleted file mode 100644 index 297cf61e98..0000000000 --- a/changelog.d/8771.doc +++ /dev/null @@ -1 +0,0 @@ -Remove extraneous comma from JSON example in User Admin API docs. \ No newline at end of file diff --git a/changelog.d/8772.misc b/changelog.d/8772.misc deleted file mode 100644 index d74d0a3d5d..0000000000 --- a/changelog.d/8772.misc +++ /dev/null @@ -1 +0,0 @@ -Add a commandline script to sign arbitrary json objects. diff --git a/changelog.d/8773.misc b/changelog.d/8773.misc deleted file mode 100644 index 62778ba410..0000000000 --- a/changelog.d/8773.misc +++ /dev/null @@ -1 +0,0 @@ -Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. diff --git a/changelog.d/8774.misc b/changelog.d/8774.misc deleted file mode 100644 index 57cca8fee5..0000000000 --- a/changelog.d/8774.misc +++ /dev/null @@ -1 +0,0 @@ -Add additional error checking for OpenID Connect and SAML mapping providers. diff --git a/changelog.d/8776.bugfix b/changelog.d/8776.bugfix deleted file mode 100644 index dd7ebbeb86..0000000000 --- a/changelog.d/8776.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. diff --git a/changelog.d/8777.misc b/changelog.d/8777.misc deleted file mode 100644 index e6da7d038d..0000000000 --- a/changelog.d/8777.misc +++ /dev/null @@ -1 +0,0 @@ - Refactor test utilities for injecting HTTP requests. diff --git a/changelog.d/8779.doc b/changelog.d/8779.doc deleted file mode 100644 index 3641ae7f91..0000000000 --- a/changelog.d/8779.doc +++ /dev/null @@ -1 +0,0 @@ -Update `turn-howto.md` with troubleshooting notes. diff --git a/changelog.d/8784.misc b/changelog.d/8784.misc deleted file mode 100644 index 18a4263398..0000000000 --- a/changelog.d/8784.misc +++ /dev/null @@ -1 +0,0 @@ -Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. diff --git a/changelog.d/8785.removal b/changelog.d/8785.removal deleted file mode 100644 index ee8ee32598..0000000000 --- a/changelog.d/8785.removal +++ /dev/null @@ -1 +0,0 @@ -Remove old `/_matrix/client/*/admin` endpoints which was deprecated since Synapse 1.20.0. \ No newline at end of file diff --git a/changelog.d/8793.doc b/changelog.d/8793.doc deleted file mode 100644 index f6eee1ea73..0000000000 --- a/changelog.d/8793.doc +++ /dev/null @@ -1 +0,0 @@ -Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. diff --git a/changelog.d/8795.doc b/changelog.d/8795.doc deleted file mode 100644 index f97a74efb5..0000000000 --- a/changelog.d/8795.doc +++ /dev/null @@ -1 +0,0 @@ -Improve the documentation for the admin API to list all media in a room with respect to encrypted events. diff --git a/changelog.d/8798.bugfix b/changelog.d/8798.bugfix deleted file mode 100644 index 9bdb2b51ea..0000000000 --- a/changelog.d/8798.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. diff --git a/changelog.d/8799.bugfix b/changelog.d/8799.bugfix deleted file mode 100644 index a7e6b3556d..0000000000 --- a/changelog.d/8799.bugfix +++ /dev/null @@ -1 +0,0 @@ -Allow per-room profiles to be used for the server notice user. diff --git a/changelog.d/8800.misc b/changelog.d/8800.misc deleted file mode 100644 index 57cca8fee5..0000000000 --- a/changelog.d/8800.misc +++ /dev/null @@ -1 +0,0 @@ -Add additional error checking for OpenID Connect and SAML mapping providers. diff --git a/changelog.d/8801.feature b/changelog.d/8801.feature deleted file mode 100644 index 77f7fe4e5d..0000000000 --- a/changelog.d/8801.feature +++ /dev/null @@ -1 +0,0 @@ -Add support for re-trying generation of a localpart for OpenID Connect mapping providers. diff --git a/changelog.d/8804.feature b/changelog.d/8804.feature deleted file mode 100644 index a907c8106c..0000000000 --- a/changelog.d/8804.feature +++ /dev/null @@ -1 +0,0 @@ -Allow Date header through CORS. Contributed by Nicolas Chamo. diff --git a/changelog.d/8806.misc b/changelog.d/8806.misc deleted file mode 100644 index ee144846a5..0000000000 --- a/changelog.d/8806.misc +++ /dev/null @@ -1 +0,0 @@ -Add type hints to HTTP abstractions. diff --git a/changelog.d/8809.misc b/changelog.d/8809.misc deleted file mode 100644 index bbf83cf18d..0000000000 --- a/changelog.d/8809.misc +++ /dev/null @@ -1 +0,0 @@ -Remove unnecessary function arguments and add typing to several membership replication classes. \ No newline at end of file diff --git a/changelog.d/8812.misc b/changelog.d/8812.misc deleted file mode 100644 index ee144846a5..0000000000 --- a/changelog.d/8812.misc +++ /dev/null @@ -1 +0,0 @@ -Add type hints to HTTP abstractions. diff --git a/changelog.d/8815.misc b/changelog.d/8815.misc deleted file mode 100644 index 647edeb568..0000000000 --- a/changelog.d/8815.misc +++ /dev/null @@ -1 +0,0 @@ -Optimise the lookup for an invite from another homeserver when trying to reject it. \ No newline at end of file diff --git a/changelog.d/8817.bugfix b/changelog.d/8817.bugfix deleted file mode 100644 index e45dbd2ba4..0000000000 --- a/changelog.d/8817.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix bug where logging could break after a call to SIGHUP. diff --git a/changelog.d/8818.doc b/changelog.d/8818.doc deleted file mode 100644 index 571b0e3f60..0000000000 --- a/changelog.d/8818.doc +++ /dev/null @@ -1 +0,0 @@ -Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). \ No newline at end of file diff --git a/changelog.d/8819.misc b/changelog.d/8819.misc deleted file mode 100644 index a5793273a5..0000000000 --- a/changelog.d/8819.misc +++ /dev/null @@ -1 +0,0 @@ -Add tests for `password_auth_provider`s. diff --git a/changelog.d/8820.feature b/changelog.d/8820.feature deleted file mode 100644 index 9e35861b11..0000000000 --- a/changelog.d/8820.feature +++ /dev/null @@ -1 +0,0 @@ -Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as "the number of rooms with unread messages" or "total unread messages". diff --git a/changelog.d/8822.doc b/changelog.d/8822.doc deleted file mode 100644 index 4299245990..0000000000 --- a/changelog.d/8822.doc +++ /dev/null @@ -1 +0,0 @@ -Improve documentation how to configure prometheus for workers. \ No newline at end of file diff --git a/changelog.d/8823.bugfix b/changelog.d/8823.bugfix deleted file mode 100644 index 74af1c20b6..0000000000 --- a/changelog.d/8823.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix `register_new_matrix_user` failing with "Bad Request" when trailing slash is included in server URL. Contributed by @angdraug. diff --git a/changelog.d/8824.doc b/changelog.d/8824.doc deleted file mode 100644 index 683b436328..0000000000 --- a/changelog.d/8824.doc +++ /dev/null @@ -1 +0,0 @@ -Update example prometheus console. \ No newline at end of file diff --git a/changelog.d/8833.removal b/changelog.d/8833.removal deleted file mode 100644 index 5c2d195f94..0000000000 --- a/changelog.d/8833.removal +++ /dev/null @@ -1 +0,0 @@ -Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. diff --git a/changelog.d/8835.bugfix b/changelog.d/8835.bugfix deleted file mode 100644 index 446d04aa55..0000000000 --- a/changelog.d/8835.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. diff --git a/changelog.d/8843.feature b/changelog.d/8843.feature deleted file mode 100644 index 824d46d5aa..0000000000 --- a/changelog.d/8843.feature +++ /dev/null @@ -1 +0,0 @@ -Add `force_purge` option to delete-room admin api. diff --git a/changelog.d/8845.misc b/changelog.d/8845.misc deleted file mode 100644 index 7db1c31520..0000000000 --- a/changelog.d/8845.misc +++ /dev/null @@ -1 +0,0 @@ -Drop redundant database index on `event_json`. diff --git a/changelog.d/8847.misc b/changelog.d/8847.misc deleted file mode 100644 index 5028997b04..0000000000 --- a/changelog.d/8847.misc +++ /dev/null @@ -1 +0,0 @@ -Simplify `uk.half-shot.msc2778.login.application_service` login handler. diff --git a/changelog.d/8848.bugfix b/changelog.d/8848.bugfix deleted file mode 100644 index 499e66f05b..0000000000 --- a/changelog.d/8848.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. diff --git a/changelog.d/8849.misc b/changelog.d/8849.misc deleted file mode 100644 index 3dd496ce61..0000000000 --- a/changelog.d/8849.misc +++ /dev/null @@ -1 +0,0 @@ -Refactor `password_auth_provider` support code. diff --git a/changelog.d/8850.misc b/changelog.d/8850.misc deleted file mode 100644 index 4b54b8dd87..0000000000 --- a/changelog.d/8850.misc +++ /dev/null @@ -1 +0,0 @@ -Add missing `ordering` to background database updates. diff --git a/changelog.d/8851.misc b/changelog.d/8851.misc deleted file mode 100644 index 7bef422618..0000000000 --- a/changelog.d/8851.misc +++ /dev/null @@ -1 +0,0 @@ -Simplify the way the `HomeServer` object caches its internal attributes. diff --git a/changelog.d/8854.misc b/changelog.d/8854.misc deleted file mode 100644 index 5895df2d5c..0000000000 --- a/changelog.d/8854.misc +++ /dev/null @@ -1 +0,0 @@ -Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. \ No newline at end of file diff --git a/changelog.d/8855.feature b/changelog.d/8855.feature deleted file mode 100644 index 77f7fe4e5d..0000000000 --- a/changelog.d/8855.feature +++ /dev/null @@ -1 +0,0 @@ -Add support for re-trying generation of a localpart for OpenID Connect mapping providers. diff --git a/synapse/__init__.py b/synapse/__init__.py index 65c1f5aa3f..d33a99f230 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -48,7 +48,7 @@ try: except ImportError: pass -__version__ = "1.23.0" +__version__ = "1.24.0rc1" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when From c67af840aa015647f6e237935e02eb163151aa5c Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Wed, 2 Dec 2020 09:03:12 -0500 Subject: [PATCH 2/7] Minor fixes to changelog. --- CHANGES.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 662762c07c..ebc44c4b36 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -7,7 +7,7 @@ Features - Add admin API for logging in as a user. ([\#8617](https://github.com/matrix-org/synapse/issues/8617)) - Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\#8630](https://github.com/matrix-org/synapse/issues/8630)) - Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\#8801](https://github.com/matrix-org/synapse/issues/8801), [\#8855](https://github.com/matrix-org/synapse/issues/8855)) -- Allow Date header through CORS. Contributed by Nicolas Chamo. ([\#8804](https://github.com/matrix-org/synapse/issues/8804)) +- Allow the `Date` header through CORS. Contributed by Nicolas Chamo. ([\#8804](https://github.com/matrix-org/synapse/issues/8804)) - Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as "the number of rooms with unread messages" or "total unread messages". ([\#8820](https://github.com/matrix-org/synapse/issues/8820)) - Add `force_purge` option to delete-room admin api. ([\#8843](https://github.com/matrix-org/synapse/issues/8843)) @@ -19,10 +19,11 @@ Bugfixes - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776)) - Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\#8798](https://github.com/matrix-org/synapse/issues/8798)) - Allow per-room profiles to be used for the server notice user. ([\#8799](https://github.com/matrix-org/synapse/issues/8799)) -- Fix bug where logging could break after a call to SIGHUP. ([\#8817](https://github.com/matrix-org/synapse/issues/8817)) +- Fix a bug where logging could break after a call to SIGHUP. ([\#8817](https://github.com/matrix-org/synapse/issues/8817)) - Fix `register_new_matrix_user` failing with "Bad Request" when trailing slash is included in server URL. Contributed by @angdraug. ([\#8823](https://github.com/matrix-org/synapse/issues/8823)) -- Fix minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\#8835](https://github.com/matrix-org/synapse/issues/8835)) +- Fix a minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\#8835](https://github.com/matrix-org/synapse/issues/8835)) - Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\#8848](https://github.com/matrix-org/synapse/issues/8848)) +- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\#8784](https://github.com/matrix-org/synapse/issues/8784)) Improved Documentation @@ -41,7 +42,7 @@ Improved Documentation Deprecations and Removals ------------------------- -- Remove old `/_matrix/client/*/admin` endpoints which was deprecated since Synapse 1.20.0. ([\#8785](https://github.com/matrix-org/synapse/issues/8785)) +- Remove old `/_matrix/client/*/admin` endpoints which were deprecated since Synapse 1.20.0. ([\#8785](https://github.com/matrix-org/synapse/issues/8785)) - Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\#8833](https://github.com/matrix-org/synapse/issues/8833)) @@ -58,7 +59,6 @@ Internal Changes - Add a commandline script to sign arbitrary json objects. ([\#8772](https://github.com/matrix-org/synapse/issues/8772)) - Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\#8773](https://github.com/matrix-org/synapse/issues/8773)) - Add additional error checking for OpenID Connect and SAML mapping providers. ([\#8774](https://github.com/matrix-org/synapse/issues/8774), [\#8800](https://github.com/matrix-org/synapse/issues/8800)) -- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\#8784](https://github.com/matrix-org/synapse/issues/8784)) - Add type hints to HTTP abstractions. ([\#8806](https://github.com/matrix-org/synapse/issues/8806), [\#8812](https://github.com/matrix-org/synapse/issues/8812)) - Remove unnecessary function arguments and add typing to several membership replication classes. ([\#8809](https://github.com/matrix-org/synapse/issues/8809)) - Optimise the lookup for an invite from another homeserver when trying to reject it. ([\#8815](https://github.com/matrix-org/synapse/issues/8815)) From e41720d85f792b4bdc1ffb430b0a04967ad813c2 Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Wed, 2 Dec 2020 09:17:42 -0500 Subject: [PATCH 3/7] Minor changes to the CHANGES doc. --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index ebc44c4b36..e7aaebb1f3 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -29,7 +29,7 @@ Bugfixes Improved Documentation ---------------------- -- Clarify the usecase for an msisdn delegate. Contributed by Adrian Wannenmacher. ([\#8734](https://github.com/matrix-org/synapse/issues/8734)) +- Clarify the usecase for a msisdn delegate. Contributed by Adrian Wannenmacher. ([\#8734](https://github.com/matrix-org/synapse/issues/8734)) - Remove extraneous comma from JSON example in User Admin API docs. ([\#8771](https://github.com/matrix-org/synapse/issues/8771)) - Update `turn-howto.md` with troubleshooting notes. ([\#8779](https://github.com/matrix-org/synapse/issues/8779)) - Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\#8793](https://github.com/matrix-org/synapse/issues/8793)) From 295c209cdd9364a5f277470da66d06a3d4133ad7 Mon Sep 17 00:00:00 2001 From: Jordan Bancino Date: Fri, 4 Dec 2020 08:01:06 -0500 Subject: [PATCH 4/7] Remove version pin prometheus_client dependency (#8875) This removes the version pin of the `prometheus_client` dependency, in direct response to #8831. If merged, this will close #8831 As far as I can tell, no other changes are needed, but as I'm no synapse expert, I'm relying heavily on CI and maintainer reviews for this. My very primitive test of synapse with prometheus_client v0.9.0 on my home server didn't bring up any issues, so we'll see what happens. Signed-off-by: Jordan Bancino --- changelog.d/8875.misc | 1 + docker/Dockerfile | 2 +- synapse/python_dependencies.py | 13 +++++-------- 3 files changed, 7 insertions(+), 9 deletions(-) create mode 100644 changelog.d/8875.misc diff --git a/changelog.d/8875.misc b/changelog.d/8875.misc new file mode 100644 index 0000000000..5a56a62968 --- /dev/null +++ b/changelog.d/8875.misc @@ -0,0 +1 @@ +Add support for the latest third-party libraries. Contributed by Jordan Bancino. diff --git a/docker/Dockerfile b/docker/Dockerfile index 791cd6936b..afd896ffc1 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -37,7 +37,7 @@ RUN pip install --prefix="/install" --no-warn-script-location \ jaeger-client \ opentracing \ # Match the version constraints of Synapse - "prometheus_client>=0.4.0,<0.9.0" \ + "prometheus_client>=0.4.0" \ psycopg2 \ pycparser \ pyrsistent \ diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index aab77fc453..c899ca14d3 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -40,6 +40,10 @@ logger = logging.getLogger(__name__) # Note that these both represent runtime dependencies (and the versions # installed are checked at runtime). # +# Also note that we replicate these constraints in the Synapse Dockerfile while +# pre-installing dependencies. If these constraints are updated here, the same +# change should be made in the Dockerfile. +# # [1] https://pip.pypa.io/en/stable/reference/pip_install/#requirement-specifiers. REQUIREMENTS = [ @@ -69,14 +73,7 @@ REQUIREMENTS = [ "msgpack>=0.5.2", "phonenumbers>=8.2.0", # we use GaugeHistogramMetric, which was added in prom-client 0.4.0. - # prom-client has a history of breaking backwards compatibility between - # minor versions (https://github.com/prometheus/client_python/issues/317), - # so we also pin the minor version. - # - # Note that we replicate these constraints in the Synapse Dockerfile while - # pre-installing dependencies. If these constraints are updated here, the - # same change should be made in the Dockerfile. - "prometheus_client>=0.4.0,<0.9.0", + "prometheus_client>=0.4.0", # we use attr.validators.deep_iterable, which arrived in 19.1.0 (Note: # Fedora 31 only has 19.1, so if we want to upgrade we should wait until 33 # is out in November.) From 22c6c19f91d7325c82eddfada696826adad69e5b Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Fri, 4 Dec 2020 08:25:15 -0500 Subject: [PATCH 5/7] Fix a regression that mapping providers should be able to redirect users. (#8878) This was broken in #8801. --- changelog.d/8878.bugfix | 1 + docs/sso_mapping_providers.md | 7 +++++++ synapse/handlers/oidc_handler.py | 2 +- synapse/handlers/sso.py | 27 ++++++++++++++++++++++----- tests/handlers/test_oidc.py | 3 +-- tests/handlers/test_saml.py | 28 ++++++++++++++++++++++++++++ 6 files changed, 60 insertions(+), 8 deletions(-) create mode 100644 changelog.d/8878.bugfix diff --git a/changelog.d/8878.bugfix b/changelog.d/8878.bugfix new file mode 100644 index 0000000000..e53005ee1c --- /dev/null +++ b/changelog.d/8878.bugfix @@ -0,0 +1 @@ +Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. diff --git a/docs/sso_mapping_providers.md b/docs/sso_mapping_providers.md index dee53b5d40..ab2a648910 100644 --- a/docs/sso_mapping_providers.md +++ b/docs/sso_mapping_providers.md @@ -168,6 +168,13 @@ A custom mapping provider must specify the following methods: the value of `mxid_localpart`. * `emails` - A list of emails for the new user. If not provided, will default to an empty list. + + Alternatively it can raise a `synapse.api.errors.RedirectException` to + redirect the user to another page. This is useful to prompt the user for + additional information, e.g. if you want them to provide their own username. + It is the responsibility of the mapping provider to either redirect back + to `client_redirect_url` (including any additional information) or to + complete registration using methods from the `ModuleApi`. ### Default SAML Mapping Provider diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py index 55c4377890..c605f7082a 100644 --- a/synapse/handlers/oidc_handler.py +++ b/synapse/handlers/oidc_handler.py @@ -888,7 +888,7 @@ class OidcHandler(BaseHandler): # continue to already be in use. Note that the error raised is # arbitrary and will get turned into a MappingException. if failures: - raise RuntimeError( + raise MappingException( "Mapping provider does not support de-duplicating Matrix IDs" ) diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py index f42b90e1bc..47ad96f97e 100644 --- a/synapse/handlers/sso.py +++ b/synapse/handlers/sso.py @@ -17,6 +17,7 @@ from typing import TYPE_CHECKING, Awaitable, Callable, List, Optional import attr +from synapse.api.errors import RedirectException from synapse.handlers._base import BaseHandler from synapse.http.server import respond_with_html from synapse.types import UserID, contains_invalid_mxid_characters @@ -28,7 +29,9 @@ logger = logging.getLogger(__name__) class MappingException(Exception): - """Used to catch errors when mapping the UserInfo object + """Used to catch errors when mapping an SSO response to user attributes. + + Note that the msg that is raised is shown to end-users. """ @@ -145,6 +148,14 @@ class SsoHandler(BaseHandler): sso_to_matrix_id_mapper: A callable to generate the user attributes. The only parameter is an integer which represents the amount of times the returned mxid localpart mapping has failed. + + It is expected that the mapper can raise two exceptions, which + will get passed through to the caller: + + MappingException if there was a problem mapping the response + to the user. + RedirectException to redirect to an additional page (e.g. + to prompt the user for more information). grandfather_existing_users: A callable which can return an previously existing matrix ID. The SSO ID is then linked to the returned matrix ID. @@ -154,8 +165,8 @@ class SsoHandler(BaseHandler): Raises: MappingException if there was a problem mapping the response to a user. - RedirectException: some mapping providers may raise this if they need - to redirect to an interstitial page. + RedirectException: if the mapping provider needs to redirect the user + to an additional page. (e.g. to prompt for more information) """ # first of all, check if we already have a mapping for this user @@ -179,10 +190,16 @@ class SsoHandler(BaseHandler): for i in range(self._MAP_USERNAME_RETRIES): try: attributes = await sso_to_matrix_id_mapper(i) + except (RedirectException, MappingException): + # Mapping providers are allowed to issue a redirect (e.g. to ask + # the user for more information) and can issue a mapping exception + # if a name cannot be generated. + raise except Exception as e: + # Any other exception is unexpected. raise MappingException( - "Could not extract user attributes from SSO response: " + str(e) - ) + "Could not extract user attributes from SSO response." + ) from e logger.debug( "Retrieved user attributes from user mapping provider: %r (attempt %d)", diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py index d485af52fd..a308c46da9 100644 --- a/tests/handlers/test_oidc.py +++ b/tests/handlers/test_oidc.py @@ -705,8 +705,7 @@ class OidcHandlerTestCase(HomeserverTestCase): MappingException, ) self.assertEqual( - str(e.value), - "Could not extract user attributes from SSO response: Mapping provider does not support de-duplicating Matrix IDs", + str(e.value), "Mapping provider does not support de-duplicating Matrix IDs", ) @override_config({"oidc_config": {"allow_existing_users": True}}) diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py index e1e13a5faf..45dc17aba5 100644 --- a/tests/handlers/test_saml.py +++ b/tests/handlers/test_saml.py @@ -14,6 +14,7 @@ import attr +from synapse.api.errors import RedirectException from synapse.handlers.sso import MappingException from tests.unittest import HomeserverTestCase, override_config @@ -49,6 +50,13 @@ class TestMappingProvider: return {"mxid_localpart": localpart, "displayname": None} +class TestRedirectMappingProvider(TestMappingProvider): + def saml_response_to_user_attributes( + self, saml_response, failures, client_redirect_url + ): + raise RedirectException(b"https://custom-saml-redirect/") + + class SamlHandlerTestCase(HomeserverTestCase): def default_config(self): config = super().default_config() @@ -166,3 +174,23 @@ class SamlHandlerTestCase(HomeserverTestCase): self.assertEqual( str(e.value), "Unable to generate a Matrix ID from the SSO response" ) + + @override_config( + { + "saml2_config": { + "user_mapping_provider": { + "module": __name__ + ".TestRedirectMappingProvider" + }, + } + } + ) + def test_map_saml_response_redirect(self): + saml_response = FakeAuthnResponse({"uid": "test", "username": "test_user"}) + redirect_url = "" + e = self.get_failure( + self.handler._map_saml_response_to_user( + saml_response, redirect_url, "user-agent", "10.10.10.10" + ), + RedirectException, + ) + self.assertEqual(e.value.location, b"https://custom-saml-redirect/") From 693dab487c8de75ca1e7573474a3d4429ce8b313 Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Fri, 4 Dec 2020 08:48:04 -0500 Subject: [PATCH 6/7] 1.24.0rc2 --- CHANGES.md | 15 +++++++++++++++ changelog.d/8875.misc | 1 - changelog.d/8878.bugfix | 1 - synapse/__init__.py | 2 +- 4 files changed, 16 insertions(+), 3 deletions(-) delete mode 100644 changelog.d/8875.misc delete mode 100644 changelog.d/8878.bugfix diff --git a/CHANGES.md b/CHANGES.md index e7aaebb1f3..26d4138445 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,18 @@ +Synapse 1.24.0rc2 (2020-12-04) +============================== + +Bugfixes +-------- + +- Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\#8878](https://github.com/matrix-org/synapse/issues/8878)) + + +Internal Changes +---------------- + +- Add support for the latest third-party libraries. Contributed by Jordan Bancino. ([\#8875](https://github.com/matrix-org/synapse/issues/8875)) + + Synapse 1.24.0rc1 (2020-12-02) ============================== diff --git a/changelog.d/8875.misc b/changelog.d/8875.misc deleted file mode 100644 index 5a56a62968..0000000000 --- a/changelog.d/8875.misc +++ /dev/null @@ -1 +0,0 @@ -Add support for the latest third-party libraries. Contributed by Jordan Bancino. diff --git a/changelog.d/8878.bugfix b/changelog.d/8878.bugfix deleted file mode 100644 index e53005ee1c..0000000000 --- a/changelog.d/8878.bugfix +++ /dev/null @@ -1 +0,0 @@ -Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. diff --git a/synapse/__init__.py b/synapse/__init__.py index d33a99f230..2e354f2cc6 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -48,7 +48,7 @@ try: except ImportError: pass -__version__ = "1.24.0rc1" +__version__ = "1.24.0rc2" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when From 2602514f34aab76934d27791400d7405c1da6336 Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Fri, 4 Dec 2020 09:00:32 -0500 Subject: [PATCH 7/7] Minor update to CHANGES. --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 26d4138445..d5e578ee3a 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -10,7 +10,7 @@ Bugfixes Internal Changes ---------------- -- Add support for the latest third-party libraries. Contributed by Jordan Bancino. ([\#8875](https://github.com/matrix-org/synapse/issues/8875)) +- Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\#8875](https://github.com/matrix-org/synapse/issues/8875)) Synapse 1.24.0rc1 (2020-12-02)