Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-02 09:56:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

Rip out more refresh_token code

Browse source 
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.

Still TODO: removing the table from the schema.
This commit is contained in:
Richard van der Hoff 2016-11-30 17:40:18 +00:00
parent dc4b23e1a1
commit aa09d6b8f0
7 changed files with 5 additions and 160 deletions
Download patch file Download diff file Expand all files Collapse all files

5
synapse/api/auth.py
View file

@ -791,7 +791,7 @@ class Auth(object):
Args:
macaroon(pymacaroons.Macaroon): The macaroon to validate
type_string(str): The kind of token required (e.g. "access", "refresh",
type_string(str): The kind of token required (e.g. "access",
"delete_pusher")
verify_expiry(bool): Whether to verify whether the macaroon has expired.
user_id (str): The user_id required
@ -820,8 +820,7 @@ class Auth(object):
else:
v.satisfy_general(lambda c: c.startswith("time < "))
# access_tokens and refresh_tokens include a nonce for uniqueness: any
# value is acceptable
# access_tokens include a nonce for uniqueness: any value is acceptable
v.satisfy_general(lambda c: c.startswith("nonce = "))
v.verify(macaroon, self.hs.config.macaroon_secret_key)