Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC2832: HS -> AS authorization header #2832

Merged
merged 3 commits into from
Jul 17, 2022

Conversation

tulir
Copy link
Member

@tulir tulir commented Oct 24, 2020

Rendered

Fixes matrix-org/matrix-spec#679

This has been implemented by mautrix-python for a long time already, as I had mistakenly thought the spec was fixed long ago.

Signed-off-by: Tulir Asokan <[email protected]>


FCP Checkboxes

@turt2live turt2live added the needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. label Jun 8, 2021
proposals/2832-appservice-auth-fix.md Outdated Show resolved Hide resolved
proposals/2832-appservice-auth-fix.md Outdated Show resolved Hide resolved
@turt2live
Copy link
Member

removing needs-implementation: we know this works from the client server API, and I'm not convinced it's overly complex for appservices/homeservers to send a header instead of query string.

In fact, I think it might even be reasonable to switch the spec to headers instead of supporting both.

@turt2live turt2live added application services and removed needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels Jun 9, 2022
@turt2live
Copy link
Member

this is pretty trivial

@mscbot fcp merge

@mscbot
Copy link
Collaborator

mscbot commented Jun 9, 2022

Team member @turt2live has proposed to merge this. The next step is review by the rest of the tagged people:

Once at least 75% of reviewers approve (and there are no outstanding concerns), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for information about what commands tagged team members can give me.

@mscbot mscbot added disposition-merge proposed-final-comment-period Currently awaiting signoff of a majority of team members in order to enter the final comment period. labels Jun 9, 2022
Co-authored-by: Jonathan de Jong <[email protected]>
@mscbot
Copy link
Collaborator

mscbot commented Jul 17, 2022

The final comment period, with a disposition to merge, as per the review above, is now complete.

@mscbot mscbot added finished-final-comment-period and removed disposition-merge final-comment-period This MSC has entered a final comment period in interest to approval, postpone, or delete in 5 days. labels Jul 17, 2022
@turt2live turt2live merged commit 3297d37 into matrix-org:old_master Jul 17, 2022
@turt2live turt2live added spec-pr-missing Proposal has been implemented and is being used in the wild but hasn't yet been added to the spec and removed finished-final-comment-period labels Jul 17, 2022
turt2live pushed a commit that referenced this pull request Jul 17, 2022
* Proposal to fix homeserver -> appservice authorization

Signed-off-by: Tulir Asokan <[email protected]>

* Remove query parameter entirely instead of deprecating it

Signed-off-by: Tulir Asokan <[email protected]>

* Update title

Co-authored-by: Jonathan de Jong <[email protected]>

Co-authored-by: Jonathan de Jong <[email protected]>
@turt2live turt2live self-assigned this Aug 2, 2022
turt2live added a commit to matrix-org/matrix-spec that referenced this pull request Aug 3, 2022
@turt2live
Copy link
Member

Spec PR: matrix-org/matrix-spec#1200

@turt2live turt2live added spec-pr-in-review A proposal which has been PR'd against the spec and is in review and removed spec-pr-missing Proposal has been implemented and is being used in the wild but hasn't yet been added to the spec labels Aug 3, 2022
turt2live added a commit to matrix-org/matrix-spec that referenced this pull request Aug 4, 2022
* Use auth header instead of query param for hs->as comms

MSC: matrix-org/matrix-spec-proposals#2832

* Fix for OpenAPI 2
@turt2live
Copy link
Member

Merged 🎉

@turt2live turt2live added merged A proposal whose PR has merged into the spec! and removed spec-pr-in-review A proposal which has been PR'd against the spec and is in review labels Aug 4, 2022
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Oct 29, 2022
Upstream changes:

Synapse 1.70.1 (2022-10-28)
===========================

(bugfixes)


Synapse 1.70.0 (2022-10-26)
===========================

Features
--------

- Support for
  [MSC3856](matrix-org/matrix-spec-proposals#3856):
  threads list
  API. ([\#13394](matrix-org/synapse#13394),
  [\#14171](matrix-org/synapse#14171),
  [\#14175](matrix-org/synapse#14175))

- Support for thread-specific notifications & receipts
  ([MSC3771](matrix-org/matrix-spec-proposals#3771)
  and
  [MSC3773](matrix-org/matrix-spec-proposals#3773)). ([\#13776](matrix-org/synapse#13776),
  [\#13824](matrix-org/synapse#13824),
  [\#13877](matrix-org/synapse#13877),
  [\#13878](matrix-org/synapse#13878),
  [\#14050](matrix-org/synapse#14050),
  [\#14140](matrix-org/synapse#14140),
  [\#14159](matrix-org/synapse#14159),
  [\#14163](matrix-org/synapse#14163),
  [\#14174](matrix-org/synapse#14174),
  [\#14222](matrix-org/synapse#14222))

- Stop fetching missing `prev_events` after we already know their
  signature is
  invalid. ([\#13816](matrix-org/synapse#13816))

- Send application service access tokens as a header (and query
  parameter). Implements
  [MSC2832](matrix-org/matrix-spec-proposals#2832). ([\#13996](matrix-org/synapse#13996))

- Ignore server ACL changes when generating pushes. Implements
  [MSC3786](matrix-org/matrix-spec-proposals#3786). ([\#13997](matrix-org/synapse#13997))

- Experimental support for redirecting to an implementation of a
  [MSC3886](matrix-org/matrix-spec-proposals#3886)
  HTTP rendezvous
  service. ([\#14018](matrix-org/synapse#14018))

- The `/relations` endpoint can now be used on
  workers. ([\#14028](matrix-org/synapse#14028))

- Advertise support for Matrix 1.3 and 1.4 on
  `/_matrix/client/versions`. ([\#14032](matrix-org/synapse#14032),
  [\#14184](matrix-org/synapse#14184))

- Improve validation of request bodies for the [Device
  Management](https://spec.matrix.org/v1.4/client-server-api/#device-management)
  and [MSC2697 Device
  Dehyrdation](matrix-org/matrix-spec-proposals#2697)
  client-server API
  endpoints. ([\#14054](matrix-org/synapse#14054))

- Experimental support for
  [MSC3874](matrix-org/matrix-spec-proposals#3874):
  Filtering threads from the `/messages`
  endpoint. ([\#14148](matrix-org/synapse#14148))

- Improve the validation of the following PUT endpoints:
  [`/directory/room/{roomAlias}`](https://spec.matrix.org/v1.4/client-server-api/#put_matrixclientv3directoryroomroomalias),
  [`/directory/list/room/{roomId}`](https://spec.matrix.org/v1.4/client-server-api/#put_matrixclientv3directorylistroomroomid)
  and
  [`/directory/list/appservice/{networkId}/{roomId}`](https://spec.matrix.org/v1.4/application-service-api/#put_matrixclientv3directorylistappservicenetworkidroomid). ([\#14179](matrix-org/synapse#14179))


Deprecations and Removals
-------------------------

- Remove the experimental implementation of
  [MSC3772](matrix-org/matrix-spec-proposals#3772). ([\#14094](matrix-org/synapse#14094))

- Remove the unstable identifier for
  [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#14106](matrix-org/synapse#14106),
  [\#14146](matrix-org/synapse#14146))
benkuly added a commit to benkuly/trixnity that referenced this pull request Nov 2, 2022
…der instead of `access_token` when talking to the application service, as per [MSC2832](matrix-org/matrix-spec-proposals#2832).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
application services kind:maintenance MSC which clarifies/updates existing spec merged A proposal whose PR has merged into the spec! proposal A matrix spec change proposal
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

Application service API authentication requires access_token to be in the query parameters
7 participants