OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
MatrixSynapse/synapse/util
History
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
 		2022-06-14 09:12:08 -04:00
..
caches
__init__.py
async_helpers.py
batching_queue.py
check_dependencies.py
daemonize.py
distributor.py
file_consumer.py
frozenutils.py
gai_resolver.py
hash.py
httpresourcetree.py
iterutils.py
linked_list.py
logcontext.py
logformatter.py
macaroons.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
manhole.py
metrics.py
module_loader.py
msisdn.py
patch_inline_callbacks.py
ratelimitutils.py
retryutils.py
rlimit.py
stringutils.py
templates.py
threepids.py
wheel_timer.py