MatrixSynapse/synapse/util
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
2022-06-14 09:12:08 -04:00
..
caches Fix caching behavior for relations push rules. (#12859) 2022-05-25 07:49:54 -04:00
__init__.py Fix Synapse git info missing in version strings (#12973) 2022-06-07 15:24:11 +01:00
async_helpers.py Immediately retry any requests that have backed off when a server comes back online. (#12500) 2022-05-10 10:39:54 +01:00
batching_queue.py
check_dependencies.py Try to detect borked package installations. (#12244) 2022-03-18 19:03:46 +00:00
daemonize.py Upgrade mypy to version 0.931 (#12030) 2022-02-18 15:57:26 +00:00
distributor.py Use `ParamSpec` in a few places (#12667) 2022-05-09 10:27:39 +00:00
file_consumer.py Add missing type hints to `synapse.logging.context` (#11556) 2021-12-14 17:35:28 +00:00
frozenutils.py Consistently use collections.abc.Mapping to check frozendict. (#12564) 2022-04-27 09:00:07 -04:00
gai_resolver.py Add most missing type hints to synapse.util (#11328) 2021-11-16 08:47:36 -05:00
hash.py
httpresourcetree.py
iterutils.py
linked_list.py Eliminate a few `Any`s in `LruCache` type hints (#11453) 2021-11-30 15:39:07 +00:00
logcontext.py
logformatter.py
macaroons.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
manhole.py
metrics.py Use `ParamSpec` in a few places (#12667) 2022-05-09 10:27:39 +00:00
module_loader.py
msisdn.py
patch_inline_callbacks.py Use `ParamSpec` in a few places (#12667) 2022-05-09 10:27:39 +00:00
ratelimitutils.py
retryutils.py Fix `RetryDestinationLimiter` re-starting finished log contexts (#12803) 2022-05-19 20:17:10 +01:00
rlimit.py
stringutils.py Discard null-containing strings before updating the user directory (#12762) 2022-05-18 11:28:14 +01:00
templates.py Implement a Jinja2 filter to extract localparts from email addresses (#12212) 2022-03-11 15:15:11 +00:00
threepids.py Add a callback to allow modules to deny 3PID (#11854) 2022-02-08 11:20:32 +01:00
wheel_timer.py Prevent memory leak from reoccurring when presence is disabled. (#12656) 2022-05-06 16:41:57 +00:00