`OtelData` is going to become private in a future version of
`tracing-opentelemetry`. Use the new `get_otel_context` function
introduced in 0.32.1 to extract the trace ID from the span context.
The cleanup-queue-jobs job was failing because it tried to delete
completed/failed jobs still referenced by `queue_schedules.last_scheduled_job_id`.
The FK defaulted to RESTRICT, blocking the delete.
Change it to `ON DELETE SET NULL` so cleanup can proceed, matching the
existing semantics (NULL = "never scheduled or cleaned up").
Fixes#5545
This moves the username policy check lower in the flow to fix
linking of locally existing user accounts with upstream accounts,
when on_conflict allows this, even if the registration policy
would disallow the user.
Currently `syn2mas` will always error in the Synapse checks phase if it finds auth providers in the `user_external_ids` database table, that are not configured in Synapse config. While normally this the right thing to do, we may have situations where we know what we're doing, and want to ignore invalid looking data in the external identifiers table. If the flag is given, ignore errors and output them as warnings instead.
This adds three new scheduled cleanup jobs that clear the last_active_ip
field from sessions that have been inactive for more than 30 days:
- CleanupInactiveOAuth2SessionIpsJob
- CleanupInactiveCompatSessionIpsJob
- CleanupInactiveUserSessionIpsJob
This helps with data minimization by not retaining IP addresses longer
Implements hard deletion of user/browser sessions that have been finished for more than 30 days, but only after all child sessions are cleaned up.
User sessions can only be deleted when no child sessions exist, ensuring backchannel logout propagation continues to work correctly.
Change compat_sessions.user_session_id FK from ON DELETE SET NULL to ON DELETE NO ACTION. This prevents deletion of user_sessions while compat_sessions still reference them, which is critical for backchannel logout propagation.
When an upstream IdP sends a backchannel logout, MAS must trace through:
upstream_oauth_authorization_sessions -> user_sessions -> compat_sessions
If user_session_id links are SET NULL, logout propagation fails.
Uses two-step migration (DROP+ADD NOT VALID, then VALIDATE) to minimize table locking during deployment.
