mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-29 15:39:00 +03:00
fe1daad672
This simplifies the access token verification logic by removing the `rights` parameter which was only ever used for the unsubscribe link in email notifications. The latter has been moved under the `/_synapse` namespace, since it is not a standard API. This also makes the email verification link more secure, by embedding the app_id and pushkey in the macaroon and verifying it. This prevents the user from tampering the query parameters of that unsubscribe link. Macaroon generation is refactored: - Centralised all macaroon generation and verification logic to the `MacaroonGenerator` - Moved to `synapse.utils` - Changed the constructor to require only a `Clock`, hostname, and a secret key (instead of a full `Homeserver`). - Added tests for all methods. |
||
---|---|---|
.. | ||
caches | ||
__init__.py | ||
test_async_helpers.py | ||
test_batching_queue.py | ||
test_check_dependencies.py | ||
test_dict_cache.py | ||
test_expiring_cache.py | ||
test_file_consumer.py | ||
test_itertools.py | ||
test_linearizer.py | ||
test_logcontext.py | ||
test_logformatter.py | ||
test_lrucache.py | ||
test_macaroons.py | ||
test_ratelimitutils.py | ||
test_retryutils.py | ||
test_rwlock.py | ||
test_stream_change_cache.py | ||
test_stringutils.py | ||
test_threepids.py | ||
test_treecache.py | ||
test_wheel_timer.py |