Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Merge commit '6a3504636' into dinsic-release-v1.12.x
Browse files Browse the repository at this point in the history
* commit '6a3504636': (29 commits)
  Revert "Add options to disable setting profile info for prevent changes. (#7053)"
  Populate the room version from state events (#7070)
  Fix buggy condition in account validity handler (#7074)
  Use innerText instead of innerHTML
  Add type annotations and comments to auth handler (#7063)
  Lint
  Put the file in the templates directory
  Update wording and config
  Changelog
  Move the default SAML2 error HTML to a dedicated file
  Refactor a bit
  Also don't fail on aliases events in this case
  Lint
  Changelog
  Also don't filter out events sent by ignored users when checking state visibility
  Fix condition
  Don't filter out dummy events when we're checking the visibility of state
  Update sample_config.yaml
  Update synapse/config/registration.py
  lint, fix tests
  ...
  • Loading branch information
anoadragon453 committed Mar 24, 2020
2 parents 42cbe33 + 6a35046 commit 6095a49
Show file tree
Hide file tree
Showing 15 changed files with 302 additions and 149 deletions.
1 change: 1 addition & 0 deletions changelog.d/7063.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add type annotations and comments to the auth handler.
1 change: 1 addition & 0 deletions changelog.d/7066.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token.
1 change: 1 addition & 0 deletions changelog.d/7067.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process.
1 change: 1 addition & 0 deletions changelog.d/7070.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause `/sync` to return with 404 errors about missing events and unknown rooms.
1 change: 1 addition & 0 deletions changelog.d/7074.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases.
22 changes: 17 additions & 5 deletions docs/sample_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1497,12 +1497,24 @@ saml2_config:
#
#grandfathered_mxid_source_attribute: upn

# Path to a file containing HTML content to serve in case an error happens
# when the user gets redirected from the SAML IdP back to Synapse.
# If no file is provided, this defaults to some minimalistic HTML telling the
# user that something went wrong and they should try authenticating again.
# Directory in which Synapse will try to find the template files below.
# If not set, default templates from within the Synapse package will be used.
#
# DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.
# If you *do* uncomment it, you will need to make sure that all the templates
# below are in the directory.
#
# Synapse will look for the following templates in this directory:
#
# * HTML page to display to users if something goes wrong during the
# authentication process: 'saml_error.html'.
#
#error_html_path: /path/to/static/content/saml_error.html
# This template doesn't currently need any variable to render.
#
# You can see the default templates at:
# https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
#
#template_dir: "res/templates"



Expand Down
50 changes: 27 additions & 23 deletions synapse/config/saml2_config.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@
# limitations under the License.

import logging
import os

import pkg_resources

from synapse.python_dependencies import DependencyException, check_requirements
from synapse.util.module_loader import load_module, load_python_module
Expand All @@ -27,18 +30,6 @@
"synapse.handlers.saml_handler.DefaultSamlMappingProvider"
)

SAML2_ERROR_DEFAULT_HTML = """
<html>
<body>
<p>Oops! Something went wrong</p>
<p>
Try logging in again from your Matrix client and if the problem persists
please contact the server's administrator.
</p>
</body>
</html>
"""


def _dict_merge(merge_dict, into_dict):
"""Do a deep merge of two dicts
Expand Down Expand Up @@ -172,12 +163,13 @@ def read_config(self, config, **kwargs):
saml2_config.get("saml_session_lifetime", "5m")
)

if "error_html_path" in config:
self.saml2_error_html_content = self.read_file(
config["error_html_path"], "saml2_config.error_html_path",
)
else:
self.saml2_error_html_content = SAML2_ERROR_DEFAULT_HTML
template_dir = saml2_config.get("template_dir")
if not template_dir:
template_dir = pkg_resources.resource_filename("synapse", "res/templates",)

self.saml2_error_html_content = self.read_file(
os.path.join(template_dir, "saml_error.html"), "saml2_config.saml_error",
)

def _default_saml_config_dict(
self, required_attributes: set, optional_attributes: set
Expand Down Expand Up @@ -345,12 +337,24 @@ def generate_config_section(self, config_dir_path, server_name, **kwargs):
#
#grandfathered_mxid_source_attribute: upn
# Path to a file containing HTML content to serve in case an error happens
# when the user gets redirected from the SAML IdP back to Synapse.
# If no file is provided, this defaults to some minimalistic HTML telling the
# user that something went wrong and they should try authenticating again.
# Directory in which Synapse will try to find the template files below.
# If not set, default templates from within the Synapse package will be used.
#
# DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.
# If you *do* uncomment it, you will need to make sure that all the templates
# below are in the directory.
#
# Synapse will look for the following templates in this directory:
#
# * HTML page to display to users if something goes wrong during the
# authentication process: 'saml_error.html'.
#
# This template doesn't currently need any variable to render.
#
# You can see the default templates at:
# https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
#
#error_html_path: /path/to/static/content/saml_error.html
#template_dir: "res/templates"
""" % {
"config_dir_path": config_dir_path
}
6 changes: 5 additions & 1 deletion synapse/handlers/account_validity.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,11 @@ def __init__(self, hs):
self._show_users_in_user_directory = self.hs.config.show_users_in_user_directory
self.profile_handler = self.hs.get_profile_handler()

if self._account_validity.renew_by_email_enabled and load_jinja2_templates:
if (
self._account_validity.enabled
and self._account_validity.renew_by_email_enabled
and load_jinja2_templates
):
# Don't do email-specific configuration if renewal by email is disabled.
try:
app_name = self.hs.config.email_app_name
Expand Down
Loading

0 comments on commit 6095a49

Please sign in to comment.