From 8b6a4013c6220be71c79fe5e060dd08f777769b4 Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Fri, 24 Apr 2020 13:48:37 -0400 Subject: [PATCH 1/2] Add more documentation about the possible templates for SSO. --- docs/sample_config.yaml | 24 ++++++++++++++++++++++++ synapse/config/sso.py | 24 ++++++++++++++++++++++++ 2 files changed, 48 insertions(+) diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 6d5f4f316d2e..fc970986c63f 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -1518,6 +1518,30 @@ sso: # # * server_name: the homeserver's name. # + # * HTML page which notifies the user that they are authenticating to confirm + # an operation on their account during the user interactive authentication + # process: 'sso_auth_confirm.html'. + # + # When rendering, this template is given the following variables: + # * redirect_url: the URL the user is about to be redirected to. Needs + # manual escaping (see + # https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping). + # + # * description: the operation which the user is being asked to confirm + # + # * HTML page shown after a successful user interactive authentication session: + # 'sso_auth_success.html'. + # + # Note that this page must include the JavaScript which notifies of a successful authentication + # (see https://matrix.org/docs/spec/client_server/r0.6.0#fallback). + # + # This template has no additional variables. + # + # * HTML page shown during single sign-on if a deactivated user (according to Synapse's database) + # attempts to login: 'sso_account_deactivated.html'. + # + # This template has no additional variables. + # # You can see the default templates at: # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates # diff --git a/synapse/config/sso.py b/synapse/config/sso.py index 6cd37d432477..cac6bc0139e8 100644 --- a/synapse/config/sso.py +++ b/synapse/config/sso.py @@ -113,6 +113,30 @@ def generate_config_section(self, **kwargs): # # * server_name: the homeserver's name. # + # * HTML page which notifies the user that they are authenticating to confirm + # an operation on their account during the user interactive authentication + # process: 'sso_auth_confirm.html'. + # + # When rendering, this template is given the following variables: + # * redirect_url: the URL the user is about to be redirected to. Needs + # manual escaping (see + # https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping). + # + # * description: the operation which the user is being asked to confirm + # + # * HTML page shown after a successful user interactive authentication session: + # 'sso_auth_success.html'. + # + # Note that this page must include the JavaScript which notifies of a successful authentication + # (see https://matrix.org/docs/spec/client_server/r0.6.0#fallback). + # + # This template has no additional variables. + # + # * HTML page shown during single sign-on if a deactivated user (according to Synapse's database) + # attempts to login: 'sso_account_deactivated.html'. + # + # This template has no additional variables. + # # You can see the default templates at: # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates # From 1642c353d6b82aca1e34bd93c55730eaa0e3120d Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Fri, 24 Apr 2020 13:52:48 -0400 Subject: [PATCH 2/2] Add changelog. --- changelog.d/7343.feature | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/7343.feature diff --git a/changelog.d/7343.feature b/changelog.d/7343.feature new file mode 100644 index 000000000000..01057aa396ba --- /dev/null +++ b/changelog.d/7343.feature @@ -0,0 +1 @@ +Support SSO in the user interactive authentication workflow.