anonymousland-synapse/synapse
Matthew Hodgson c0e0740bef add options to require an access_token to GET /profile and /publicRooms on CS API (#5083)
This commit adds two config options:

* `restrict_public_rooms_to_local_users`

Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API.

* `require_auth_for_profile_requests`

When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301.

MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though.

Groups have been intentionally omitted from this commit.
2019-05-08 18:26:56 +01:00
..
_scripts Fix flake8 (#4519) 2019-01-30 10:53:17 +00:00
api Do checks on aliases for incoming m.room.aliases events (#5128) 2019-05-08 17:01:30 +01:00
app Merge pull request #5037 from matrix-org/erikj/limit_inflight_dns 2019-05-08 17:11:03 +01:00
appservice Run the AS senders as background processes (#4189) 2018-12-04 10:53:49 +01:00
config add options to require an access_token to GET /profile and /publicRooms on CS API (#5083) 2019-05-08 18:26:56 +01:00
crypto remove extraneous exception logging 2019-04-25 22:02:03 +01:00
events Do checks on aliases for incoming m.room.aliases events (#5128) 2019-05-08 17:01:30 +01:00
federation add options to require an access_token to GET /profile and /publicRooms on CS API (#5083) 2019-05-08 18:26:56 +01:00
groups Add functions to delete a group 2019-04-03 16:29:52 +01:00
handlers add options to require an access_token to GET /profile and /publicRooms on CS API (#5083) 2019-05-08 18:26:56 +01:00
http Config option for verifying federation certificates (MSC 1711) (#4967) 2019-04-25 14:22:49 +01:00
metrics Add metrics for number of outgoing EDUs, by type (#4695) 2019-02-20 14:13:14 +00:00
module_api Allow password providers to bind emails (#4947) 2019-03-28 15:48:07 +00:00
push Add a default .m.rule.tombstone push rule (#4867) 2019-04-29 15:40:31 -06:00
replication Replace SlavedKeyStore with a shim 2019-04-08 23:59:07 +01:00
res/templates Send out emails with links to extend an account's validity period 2019-04-17 14:42:20 +01:00
rest add options to require an access_token to GET /profile and /publicRooms on CS API (#5083) 2019-05-08 18:26:56 +01:00
server_notices Merge branch 'develop' of github.com:matrix-org/synapse into erikj/admin_contact 2018-08-24 17:00:37 +01:00
state Fix grammar and document get_current_users_in_room (#4998) 2019-04-03 14:32:20 +01:00
static Avoid redundant URL encoding (#4555) 2019-04-04 12:05:56 +01:00
storage Fix infinite loop in presence handler 2019-04-26 11:14:49 +01:00
streams
util Merge branch 'master' into develop 2019-05-03 19:25:01 +01:00
__init__.py 0.99.3.2 2019-05-03 18:56:24 +01:00
event_auth.py Collect room-version variations into one place (#4969) 2019-04-01 10:24:38 +01:00
notifier.py Remove redundant PreserveLoggingContext 2019-03-04 18:31:18 +00:00
python_dependencies.py Merge branch 'master' into develop 2019-05-03 19:25:01 +01:00
secrets.py Port over enough to get some sytests running on Python 3 (#3668) 2018-08-20 23:54:49 +10:00
server.py Send out emails with links to extend an account's validity period 2019-04-17 14:42:20 +01:00
server.pyi Rename and move the classes 2019-03-13 20:02:56 +00:00
types.py declare a ReadReceipt class 2019-03-13 17:20:55 +00:00
visibility.py Implement soft fail 2019-03-06 16:22:16 +00:00