forked-synapse/tests
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
2022-06-14 09:12:08 -04:00
..
api Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
app Remove HomeServer.get_datastore() (#12031) 2022-02-23 11:04:02 +00:00
appservice Remove remaining bits of groups code. (#12936) 2022-06-01 09:41:25 -04:00
config Reload cache factors from disk on SIGHUP (#12673) 2022-05-11 13:43:22 +00:00
crypto Remove direct refeferences to PyNaCl (use signedjson instead). (#12902) 2022-06-01 07:32:35 -04:00
events Rename storage classes (#12913) 2022-05-31 12:17:50 +00:00
federation Clean up the test code for client disconnections (#12929) 2022-06-07 18:17:32 +01:00
handlers Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
http Clean up the test code for client disconnections (#12929) 2022-06-07 18:17:32 +01:00
logging Fixes for opentracing scopes (#11869) 2022-02-02 22:41:57 +00:00
module_api Additional constants for EDU types. (#12884) 2022-05-27 07:14:36 -04:00
push Experimental support for MSC3772 (#12740) 2022-05-24 13:23:23 +00:00
replication Clean up the test code for client disconnections (#12929) 2022-06-07 18:17:32 +01:00
rest Uniformize spam-checker API, part 4: port other spam-checker callbacks to return Union[Allow, Codes]. (#12857) 2022-06-13 18:16:16 +00:00
scripts Add some type hints to tests files (#12833) 2022-05-23 11:23:26 +00:00
server_notices Decouple synapse.api.auth_blocking.AuthBlocking from synapse.api.auth.Auth. (#13021) 2022-06-14 09:51:15 +01:00
state Type annotations for test_v2 (#12985) 2022-06-09 09:48:04 +01:00
storage Reduce the amount of state we pull from the DB (#12811) 2022-06-06 09:24:12 +01:00
test_utils Rename storage classes (#12913) 2022-05-31 12:17:50 +00:00
util Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
server.py Reload cache factors from disk on SIGHUP (#12673) 2022-05-11 13:43:22 +00:00
test_distributor.py Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00
test_event_auth.py Remove room_version param from check_auth_rules_for_event 2022-06-12 23:13:10 +01:00
test_federation.py Prefer make_awaitable over defer.succeed in tests (#12505) 2022-04-27 14:58:26 +01:00
test_mau.py Remove remaining bits of groups code. (#12936) 2022-06-01 09:41:25 -04:00
test_metrics.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
test_phone_home.py Add type hints to some tests files (#12371) 2022-04-05 13:54:41 +01:00
test_server.py Clean up the test code for client disconnections (#12929) 2022-06-07 18:17:32 +01:00
test_state.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
test_terms_auth.py Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00
test_test_utils.py Replace assertEquals and friends with non-deprecated versions. (#12092) 2022-02-28 07:12:29 -05:00
test_types.py Remove backing code for groups/communities (#12558) 2022-05-26 09:04:34 -04:00
test_visibility.py Rename storage classes (#12913) 2022-05-31 12:17:50 +00:00
unittest.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
utils.py Rename storage classes (#12913) 2022-05-31 12:17:50 +00:00