Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-02 11:56:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

Remove non-functional 'expire_access_token' setting (#5782)

Browse source 
The `expire_access_token` didn't do what it sounded like it should do. What it
actually did was make Synapse enforce the 'time' caveat on macaroons used as
access tokens, but since our access token macaroons never contained such a
caveat, it was always a no-op.

(The code to add 'time' caveats was removed back in v0.18.5, in #1656)
This commit is contained in:
Richard van der Hoff 2019-07-30 08:25:02 +01:00 committed by GitHub
parent 865077f1d1
commit 8c97f6414c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 9 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

2
synapse/handlers/auth.py
View file

@ -860,7 +860,7 @@ class AuthHandler(BaseHandler):
try:
macaroon = pymacaroons.Macaroon.deserialize(login_token)
user_id = auth_api.get_user_id_from_macaroon(macaroon)
auth_api.validate_macaroon(macaroon, "login", True, user_id)
auth_api.validate_macaroon(macaroon, "login", user_id)
except Exception:
raise AuthError(403, "Invalid token", errcode=Codes.FORBIDDEN)
self.ratelimit_login_per_account(user_id)