synapse-product/synapse/config
Matthew Hodgson c0e0740bef add options to require an access_token to GET /profile and /publicRooms on CS API (#5083)
This commit adds two config options:

* `restrict_public_rooms_to_local_users`

Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API.

* `require_auth_for_profile_requests`

When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301.

MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though.

Groups have been intentionally omitted from this commit.
2019-05-08 18:26:56 +01:00
..
__init__.py ConsentResource to gather policy consent from users 2018-05-15 15:11:59 +01:00
__main__.py Fix synapse.config.__main__ on python 3 (#4356) 2019-01-08 10:03:09 +11:00
_base.py Use yaml safe_load 2019-03-22 10:20:17 +00:00
api.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
appservice.py Use yaml safe_load 2019-03-22 10:20:17 +00:00
captcha.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
cas.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
consent_config.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
database.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
emailconfig.py Don't crash on lack of expiry templates 2019-04-18 14:50:05 +01:00
groups.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
homeserver.py Infer no_tls from presence of TLS listeners 2019-02-11 21:39:14 +00:00
jwt_config.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
key.py Add config.signing_key_path. (#4974) 2019-04-02 16:59:27 +01:00
logger.py Use yaml safe_load 2019-03-22 10:20:17 +00:00
metrics.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
password_auth_providers.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
password.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
push.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
ratelimiting.py Batch up outgoing read-receipts to reduce federation traffic. (#4890) 2019-03-20 16:02:25 +00:00
registration.py Merge pull request #5047 from matrix-org/babolivier/account_expiration 2019-04-17 14:57:39 +01:00
repository.py more config comment updates 2019-05-03 15:50:59 +01:00
room_directory.py Fix up config comments 2019-03-20 14:24:53 +00:00
saml2_config.py Remove periods from copyright headers (#5046) 2019-04-11 17:08:13 +01:00
server_notices_config.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
server.py add options to require an access_token to GET /profile and /publicRooms on CS API (#5083) 2019-05-08 18:26:56 +01:00
spam_checker.py Attempt to make default config more consistent 2019-02-19 13:54:29 +00:00
tls.py Config option for verifying federation certificates (MSC 1711) (#4967) 2019-04-25 14:22:49 +01:00
user_directory.py Fix up sample config 2019-03-20 14:35:41 +00:00
voip.py Comment out most options in the generated config. (#4863) 2019-03-19 10:06:40 +00:00
workers.py Correctly handle all command line options 2019-03-14 13:32:14 +00:00