archive
/
matrix-spec-proposals
mirror of https://github.com/matrix-org/matrix-spec-proposals
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #363 from matrix-org/rav/tokenrefresh_expires_access_token

Browse Source 
/tokenrefresh should expire the access token
pull/364/head
Richard van der Hoff 8 years ago committed by GitHub
parent 66bfd0462b ec20f15407
commit 93cc75299c
3 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File

10
api/client-server/login.yaml
Unescape Escape View File

@ -90,9 +90,8 @@ paths:
refresh for a new token on failure, and retry the request with the new token. refresh for a new token on failure, and retry the request with the new token.
refresh_token: refresh_token:
type: string type: string
# TODO: Work out how to linkify /tokenrefresh
description: |- description: |-
(optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the /tokenrefresh API endpoint. Optional. A ``refresh_token`` may be exchanged for a new ``access_token`` using the |/tokenrefresh|_ API endpoint.
home_server: home_server:
type: string type: string
description: The hostname of the homeserver on which the account has been registered. description: The hostname of the homeserver on which the account has been registered.
@ -123,6 +122,11 @@ paths:
description: |- description: |-
Exchanges a refresh token for a new access token. Exchanges a refresh token for a new access token.
This is intended to be used if the access token has expired. This is intended to be used if the access token has expired.
The server MUST invalidate the supplied ``refresh_token`` if the
request is successful. It MUST also invalidate the ``access_token``
which was issued at the same time as the ``refresh_token``, if it
has not already expired.
security: security:
- accessToken: [] - accessToken: []
parameters: parameters:
@ -163,7 +167,7 @@ paths:
The access token may expire at some point, and if so, it SHOULD come with a ``refresh_token``. The access token may expire at some point, and if so, it SHOULD come with a ``refresh_token``.
refresh_token: refresh_token:
type: string type: string
description: (optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the TODO Linkify /tokenrefresh API endpoint. description: Optional. A new ``refresh_token`` which may be exchanged for another new ``access_token``.
403: 403:
description: |- description: |-
The exchange attempt failed. For example, the refresh token may have already been used. The exchange attempt failed. For example, the refresh token may have already been used.

2
changelogs/client_server.rst
Unescape Escape View File

@ -5,6 +5,8 @@
- Spell out the way that state is handled by ``POST /createRoom`` - Spell out the way that state is handled by ``POST /createRoom``
(`#362 <https://github.com/matrix-org/matrix-doc/pull/362>`_). (`#362 <https://github.com/matrix-org/matrix-doc/pull/362>`_).
- Emphasise that ``POST /tokenrefresh`` should expire the access token
(`#363 <https://github.com/matrix-org/matrix-doc/pull/363>`_).
r0.2.0 r0.2.0
====== ======

3
specification/client_server_api.rst
Unescape Escape View File

@ -1191,6 +1191,9 @@ have to wait in milliseconds before they can try again.
.. |/initialSync| replace:: ``/initialSync`` .. |/initialSync| replace:: ``/initialSync``
.. _/initialSync: #get-matrix-client-%CLIENT_MAJOR_VERSION%-initialsync .. _/initialSync: #get-matrix-client-%CLIENT_MAJOR_VERSION%-initialsync
.. |/tokenrefresh| replace:: ``/tokenrefresh``
.. _/tokenrefresh: #post-matrix-client-%CLIENT_MAJOR_VERSION%-tokenrefresh
.. |/sync| replace:: ``/sync`` .. |/sync| replace:: ``/sync``
.. _/sync: #get-matrix-client-%CLIENT_MAJOR_VERSION%-sync .. _/sync: #get-matrix-client-%CLIENT_MAJOR_VERSION%-sync

Write Preview
Loading…
Cancel
Save