OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
MatrixSynapse/tests/handlers
History
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
 		2022-06-14 09:12:08 -04:00
..
__init__.py
oidc_test_key.p8
oidc_test_key.pub.pem
test_admin.py
test_appservice.py
test_auth.py
test_cas.py
test_deactivate_account.py
test_device.py
test_directory.py
test_e2e_keys.py
test_e2e_room_keys.py
test_federation.py
test_federation_event.py
test_message.py
test_oidc.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
test_password_providers.py
test_presence.py
test_profile.py
test_receipts.py
test_register.py
test_room.py
test_room_summary.py
test_saml.py
test_send_email.py
test_stats.py
test_sync.py
test_typing.py
test_user_directory.py