synapse-product/synapse/config
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
2022-06-14 09:12:08 -04:00
..
__init__.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
__main__.py Additional type hints for config module. (#11465) 2021-12-01 07:28:23 -05:00
_base.py Reload cache factors from disk on SIGHUP (#12673) 2022-05-11 13:43:22 +00:00
_base.pyi Remove backing code for groups/communities (#12558) 2022-05-26 09:04:34 -04:00
_util.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
account_validity.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
api.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
appservice.py Remove remaining bits of groups code. (#12936) 2022-06-01 09:41:25 -04:00
auth.py Add an option allowing users to use their password to reauthenticate even though password authentication is disabled. (#12883) 2022-05-27 09:44:51 +00:00
background_updates.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
cache.py Add config flags to allow for cache auto-tuning (#12701) 2022-05-13 12:32:39 -07:00
captcha.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
cas.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
consent.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
database.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
emailconfig.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
experimental.py Move the (unstable) dir parameter for /relations behind an experimental flag. (#12984) 2022-06-08 09:00:35 -04:00
federation.py Disable device name lookup over federation by default (#12616) 2022-05-04 16:41:40 +01:00
homeserver.py Remove backing code for groups/communities (#12558) 2022-05-26 09:04:34 -04:00
jwt.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
key.py Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986) 2022-06-14 09:12:08 -04:00
logger.py Fix Synapse git info missing in version strings (#12973) 2022-06-07 15:24:11 +01:00
metrics.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
modules.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
oembed.py Properly close providers.json file stream. (#12794) 2022-05-19 14:23:59 +00:00
oidc.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
password_auth_providers.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
push.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
ratelimiting.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
redis.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
registration.py Fix typo in some instances of enable_registration_token_3pid_bypass. (#12639) 2022-05-05 07:11:52 -04:00
repository.py Add config options for media retention (#12732) 2022-05-31 16:35:29 +00:00
retention.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
room_directory.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
room.py add default_power_level_content_override config option. (#12618) 2022-05-12 10:41:35 +00:00
saml2.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
server_notices.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
server.py Add a background job to automatically delete stale devices (#12855) 2022-05-27 17:47:32 +02:00
spam_checker.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
sso.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
stats.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
third_party_event_rules.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
tls.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
tracer.py Easy type hints in synapse.logging.opentracing (#12894) 2022-05-27 11:17:33 +01:00
user_directory.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
voip.py Add missing type hints to config classes. (#12402) 2022-04-11 12:07:23 -04:00
workers.py Add the update_user_directory_from_worker configuration option (superseding update_user_directory) to allow a generic worker to be designated as the worker to update the user directory. (#12654) 2022-05-10 11:08:45 +01:00