mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2025-01-01 15:46:09 -05:00
Merge pull request #2613 from matrix-org/rav/kill_refresh_tokens
Remove the last vestiges of refresh_tokens
This commit is contained in:
commit
fbbacb284e
@ -161,7 +161,6 @@ class DeviceHandler(BaseHandler):
|
|||||||
|
|
||||||
yield self.store.user_delete_access_tokens(
|
yield self.store.user_delete_access_tokens(
|
||||||
user_id, device_id=device_id,
|
user_id, device_id=device_id,
|
||||||
delete_refresh_tokens=True,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
yield self.store.delete_e2e_keys_by_device(
|
yield self.store.delete_e2e_keys_by_device(
|
||||||
@ -196,7 +195,6 @@ class DeviceHandler(BaseHandler):
|
|||||||
for device_id in device_ids:
|
for device_id in device_ids:
|
||||||
yield self.store.user_delete_access_tokens(
|
yield self.store.user_delete_access_tokens(
|
||||||
user_id, device_id=device_id,
|
user_id, device_id=device_id,
|
||||||
delete_refresh_tokens=True,
|
|
||||||
)
|
)
|
||||||
yield self.store.delete_e2e_keys_by_device(
|
yield self.store.delete_e2e_keys_by_device(
|
||||||
user_id=user_id, device_id=device_id
|
user_id=user_id, device_id=device_id
|
||||||
|
@ -36,12 +36,15 @@ class RegistrationStore(background_updates.BackgroundUpdateStore):
|
|||||||
columns=["user_id", "device_id"],
|
columns=["user_id", "device_id"],
|
||||||
)
|
)
|
||||||
|
|
||||||
self.register_background_index_update(
|
# we no longer use refresh tokens, but it's possible that some people
|
||||||
"refresh_tokens_device_index",
|
# might have a background update queued to build this index. Just
|
||||||
index_name="refresh_tokens_device_id",
|
# clear the background update.
|
||||||
table="refresh_tokens",
|
@defer.inlineCallbacks
|
||||||
columns=["user_id", "device_id"],
|
def noop_update(progress, batch_size):
|
||||||
)
|
yield self._end_background_update("refresh_tokens_device_index")
|
||||||
|
defer.returnValue(1)
|
||||||
|
self.register_background_update_handler(
|
||||||
|
"refresh_tokens_device_index", noop_update)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def add_access_token_to_user(self, user_id, token, device_id=None):
|
def add_access_token_to_user(self, user_id, token, device_id=None):
|
||||||
@ -238,10 +241,9 @@ class RegistrationStore(background_updates.BackgroundUpdateStore):
|
|||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def user_delete_access_tokens(self, user_id, except_token_id=None,
|
def user_delete_access_tokens(self, user_id, except_token_id=None,
|
||||||
device_id=None,
|
device_id=None):
|
||||||
delete_refresh_tokens=False):
|
|
||||||
"""
|
"""
|
||||||
Invalidate access/refresh tokens belonging to a user
|
Invalidate access tokens belonging to a user
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
user_id (str): ID of user the tokens belong to
|
user_id (str): ID of user the tokens belong to
|
||||||
@ -250,8 +252,6 @@ class RegistrationStore(background_updates.BackgroundUpdateStore):
|
|||||||
device_id (str|None): ID of device the tokens are associated with.
|
device_id (str|None): ID of device the tokens are associated with.
|
||||||
If None, tokens associated with any device (or no device) will
|
If None, tokens associated with any device (or no device) will
|
||||||
be deleted
|
be deleted
|
||||||
delete_refresh_tokens (bool): True to delete refresh tokens as
|
|
||||||
well as access tokens.
|
|
||||||
Returns:
|
Returns:
|
||||||
defer.Deferred:
|
defer.Deferred:
|
||||||
"""
|
"""
|
||||||
@ -262,13 +262,6 @@ class RegistrationStore(background_updates.BackgroundUpdateStore):
|
|||||||
if device_id is not None:
|
if device_id is not None:
|
||||||
keyvalues["device_id"] = device_id
|
keyvalues["device_id"] = device_id
|
||||||
|
|
||||||
if delete_refresh_tokens:
|
|
||||||
self._simple_delete_txn(
|
|
||||||
txn,
|
|
||||||
table="refresh_tokens",
|
|
||||||
keyvalues=keyvalues,
|
|
||||||
)
|
|
||||||
|
|
||||||
items = keyvalues.items()
|
items = keyvalues.items()
|
||||||
where_clause = " AND ".join(k + " = ?" for k, _ in items)
|
where_clause = " AND ".join(k + " = ?" for k, _ in items)
|
||||||
values = [v for _, v in items]
|
values = [v for _, v in items]
|
||||||
|
@ -1,21 +0,0 @@
|
|||||||
/* Copyright 2015, 2016 OpenMarket Ltd
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
CREATE TABLE IF NOT EXISTS refresh_tokens(
|
|
||||||
id INTEGER PRIMARY KEY,
|
|
||||||
token TEXT NOT NULL,
|
|
||||||
user_id TEXT NOT NULL,
|
|
||||||
UNIQUE (token)
|
|
||||||
);
|
|
@ -1,17 +0,0 @@
|
|||||||
/* Copyright 2016 OpenMarket Ltd
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
INSERT INTO background_updates (update_name, progress_json) VALUES
|
|
||||||
('refresh_tokens_device_index', '{}');
|
|
@ -1,4 +1,4 @@
|
|||||||
/* Copyright 2016 OpenMarket Ltd
|
/* Copyright 2017 New Vector Ltd
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -13,4 +13,5 @@
|
|||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
ALTER TABLE refresh_tokens ADD COLUMN device_id TEXT;
|
/* we no longer use (or create) the refresh_tokens table */
|
||||||
|
DROP TABLE IF EXISTS refresh_tokens;
|
@ -86,7 +86,8 @@ class RegistrationStoreTestCase(unittest.TestCase):
|
|||||||
|
|
||||||
# now delete some
|
# now delete some
|
||||||
yield self.store.user_delete_access_tokens(
|
yield self.store.user_delete_access_tokens(
|
||||||
self.user_id, device_id=self.device_id, delete_refresh_tokens=True)
|
self.user_id, device_id=self.device_id,
|
||||||
|
)
|
||||||
|
|
||||||
# check they were deleted
|
# check they were deleted
|
||||||
user = yield self.store.get_user_by_access_token(self.tokens[1])
|
user = yield self.store.get_user_by_access_token(self.tokens[1])
|
||||||
@ -97,8 +98,7 @@ class RegistrationStoreTestCase(unittest.TestCase):
|
|||||||
self.assertEqual(self.user_id, user["name"])
|
self.assertEqual(self.user_id, user["name"])
|
||||||
|
|
||||||
# now delete the rest
|
# now delete the rest
|
||||||
yield self.store.user_delete_access_tokens(
|
yield self.store.user_delete_access_tokens(self.user_id)
|
||||||
self.user_id, delete_refresh_tokens=True)
|
|
||||||
|
|
||||||
user = yield self.store.get_user_by_access_token(self.tokens[0])
|
user = yield self.store.get_user_by_access_token(self.tokens[0])
|
||||||
self.assertIsNone(user,
|
self.assertIsNone(user,
|
||||||
|
Loading…
Reference in New Issue
Block a user