Quentin Gliech fe1daad672 Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) ... This simplifies the access token verification logic by removing the `rights` parameter which was only ever used for the unsubscribe link in email notifications. The latter has been moved under the `/_synapse` namespace, since it is not a standard API. This also makes the email verification link more secure, by embedding the app_id and pushkey in the macaroon and verifying it. This prevents the user from tampering the query parameters of that unsubscribe link. Macaroon generation is refactored: - Centralised all macaroon generation and verification logic to the `MacaroonGenerator` - Moved to `synapse.utils` - Changed the constructor to require only a `Clock`, hostname, and a secret key (instead of a full `Homeserver`). - Added tests for all methods.		2022-06-14 09:12:08 -04:00
..
admin	Fix Synapse git info missing in version strings (#12973)	2022-06-07 15:24:11 +01:00
client	Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)	2022-06-14 09:12:08 -04:00
consent	Remove HomeServer.get_datastore() (#12031)	2022-02-23 11:04:02 +00:00
key	Fix typechecker problems exposed by signedjson 1.1.2 (#12326)	2022-03-29 21:37:50 +00:00
media	Uniformize spam-checker API, part 4: port other spam-checker callbacks to return Union[Allow, Codes]. (#12857)	2022-06-13 18:16:16 +00:00
synapse	Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)	2022-06-14 09:12:08 -04:00
__init__.py	Remove user-visible groups/communities code (#12553)	2022-05-25 07:53:40 -04:00
health.py	Add missing type hints to non-client REST servlets. (#10817)	2021-09-15 08:45:32 -04:00
well_known.py	Default value for public_baseurl (#11210)	2021-11-08 14:13:10 +00:00