Commit Graph

6127 Commits (810c64db856828fcdb8e5e885965ce394444804b)
 

Author SHA1 Message Date
Quentin Gliech 84ccbeacca MSC2918: Refresh tokens (#2918)
* Refresh tokens MSC

* MSC2918: minor changes

* MSC2918: access token expiration as milliseconds

* MSC2918: account registration API changes

* MSC2918: fix `expires_in_ms` example

* MSC2918: add precision about token revocation

* MSC2918: specify error codes for the refresh API

* MSC2918: clarify that the change also applies to ASes

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* MSC2918: clarify what problem this MSC solves

* MSC2918: minor formatting and rephrasing

* MSC2918: clarify ratelimiting, masquerading and authentication on refresh token API

* MSC2918: make expires_in_ms/refresh_token optional

* MSC2918: soft logout in refresh token API

* MSC2918: add detailed rationale

While not exhaustive, it outlines a few attack vectors this MSC tries to
mitigate.

* MSC2918: minor fix

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>

* MSC2918: clarifications on backward compatibility

* MSC2918: advertise support in the request body

* MSC2918: clarify on what happen when token expire

* MSC2918: remove redundant precision about token expiration and lifetime

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* MSC2918: minor clarification

* MSC2918: soft logout when using expired token

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
3 years ago
Alexandre Franke 0ee4c5eeef 💚 Hardcode the master branch for matrix.org
Signed-off-by: Alexandre Franke <alexandre.franke@matrix.org>
3 years ago
Alexandre Franke 26d972a997 💚 Fix branch ref
Signed-off-by: Alexandre Franke <alexandre.franke@matrix.org>
3 years ago
Alexandre Franke 423d22ed23
Add API Server config for RapiDoc (#3415)
*  Add API Server config for RapiDoc

Signed-off-by: Alexandre Franke <alexandre.franke@matrix.org>

* Update scripts/dump-swagger.py

Co-authored-by: Alexandre Franke <alexandre.franke@matrix.org>
Co-authored-by: Travis Ralston <travisr@matrix.org>
3 years ago
Callum Brown 0c3b488805 MSC3231: Token authenticated registration (#3231)
* Proposal for token authenticated registration

Signed-off-by: Callum Brown <callum@calcuode.com>

* Hard-wrap lines

Signed-off-by: Callum Brown <callum@calcuode.com>

* Link to released version of spec

Signed-off-by: Callum Brown <callum@calcuode.com>

* Fix unstable prefix wording

Signed-off-by: Callum Brown <callum@calcuode.com>

* Tokens should only be invalidated after registration

Signed-off-by: Callum Brown <callum@calcuode.com>

* Change auth type to m.login.registration_token

This is consistent with the other UIAA auth types, and does not suggest
that other `m.login.*` types cannot be used for registration.

Signed-off-by: Callum Brown <callum@calcuode.com>

* Add proposal for checking the validity of a token

Signed-off-by: Callum Brown <callum@calcuode.com>

* Fix validity checking endpoint

Signed-off-by: Callum Brown <callum@calcuode.com>

* Limit allowed characters and length of token

This allows tokens to be used easily in query parameters

Signed-off-by: Callum Brown <callum@calcuode.com>

* Give reason for limiting token length and chars

Signed-off-by: Callum Brown <callum@calcuode.com>

* Note all stages must be complete for registration

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Fix mistake in MSC number

Signed-off-by: Callum Brown <callum@calcuode.com>

* Validity checking should be rate limited

Signed-off-by: Callum Brown <callum@calcuode.com>

* Change v1 to r0

Signed-off-by: Callum Brown <callum@calcuode.com>

* Include `.` and `~` in allowed characters for registration tokens

For consistency with the unreserved URL characters in RFC3986

https://www.ietf.org/rfc/rfc3986.html#section-2.3

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
3 years ago
Travis Ralston b7e6104713
Remove extraneous mimetype from EncryptedFile examples, per MSC2582 (#3412)
* Remove extraneous mimetype from EncryptedFile examples, per MSC2582

MSC: https://github.com/matrix-org/matrix-doc/pull/2582

* changelog
3 years ago
Travis Ralston 7e67aa2e23
Clarify how redacted_because actually works for events (#3411)
* Clarify how redacted_because actually works for events

* changelog

* mention federation

* Fix wording

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
3 years ago
Jonas Platte 6e78cde3eb
Fix wrong matrix.to URL in spec appendices (#3409) 3 years ago
Alexandre Franke 08b67761f9
💚 Trigger website rebuild (#3408)
Signed-off-by: Alexandre Franke <alexandre.franke@gmail.com>
3 years ago
Alexandre Franke 845e4c87db
🐛 Fix handling of postponed proposals (#3397)
Fixes #3396

Signed-off-by: Alexandre Franke <alexandre.franke@gmail.com>
3 years ago
Patrick Cloke fa479afa97
MSC3375: Room version 9. (#3375)
* Room version 9.

* Fix text which was swapped.

* Update stability.
3 years ago
Patrick Cloke d2cb13cc8c
Add proto-MSC on the design of URL previews. (#3378) 3 years ago
Alexandre Franke 89b0ad8051
Port CI to Github Actions (#3363)
This is intended to replace the existing Buildkite one, but the latter can be removed at a later point when all the bits are in place.
3 years ago
Alexandre Franke cbe3081685
🐛 Handle empty bodies when fetching MSCs (#3374)
Signed-off-by: Alexandre Franke <alexandre.franke@gmail.com>
3 years ago
Denis Kasak ed08c1cb9e Tweak PDU diagram demonstrating `prev_events`. (#3340)
This tweaks the DAG to be simpler, with two linear event chains E4 -> E3
-> E2 -> E1 and E6 -> E5 -> E2 -> E1. The extremities of the DAG are now
the first and only point in the DAG where multiple event parents occur.
Since the point of the diagram is to demonstrate this very situation,
it's better didactically if there is only one such situation in the
diagram.
3 years ago
Sorunome d9dd37de0c MSC2582: Remove mimetype from EncryptedFile object (#2582)
* add proposal

* Update proposals/2582-remove-mimetype-from-encrypted-file.md

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>

* Update proposals/2582-remove-mimetype-from-encrypted-file.md

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
3 years ago
Alexandre Franke 72888c9a89 Revert per room spell check language MSC
This reverts commit 70192e8e11.
This reverts commit 1b8f4e22b6.
3 years ago
Alexandre Franke c7c3a76c42 Fix MSC number 3 years ago
Alexandre Franke 3eb383c120 Add per room spell check language MSC 3 years ago
Richard van der Hoff 35277ff041 Trigger the matrix.org rebuild when the main branch builds 3 years ago
Richard van der Hoff f8b83b7fb1 Replace "Pagination" section in C-S API with text in appendices (#3366)
The Pagination section in the C-S API was, basically, full of rubbish. I think that anything of any value it contained was repeated either directly on the API definitions or in the text specific to syncing at https://spec.matrix.org/unstable/client-server-api/#syncing.

The conventions I've added to the Appendices are based on the discussions in #1898. They are there because I don't want to have to go through it all again next time we add a paginated API.

Fixes: #1898
Fixes: #2268
3 years ago
Travis Ralston 3662a1cf14 Merge pull request #3365 from aaronraimist/fix-404
Fix two links on the CS API page
3 years ago
Neil Alexander 3d278b891d Add clarification on binary data and base64 encoding to Appendices (#3362)
* Add clarification on binary data and base64 encoding (closes #3341)

* Add changelog fragment

* Delete 3362.clarification
3 years ago
Aaron Raimist 525728971b Fix two links on the CS API page
Signed-off-by: Aaron Raimist <aaron@raim.ist>
3 years ago
Travis Ralston 2c249fc6a1 Merge pull request #3364 from ColonisationCaptain/patch-1
Insert missing space
3 years ago
Richard van der Hoff 6bd7b6cbb5 Clarifications to pagination parameters for various APIs (#3353) 3 years ago
ColonisationCaptain 7c58999c6a Insert missing space
Insert missing space
3 years ago
Richard van der Hoff 4b2bbbabcc Start a 'conventions' section in the Appendices (#3350)
I wanted a section for "here's what new APIs ought to do", which isn't really
very useful for consumers of the existing APIs.
3 years ago
Richard van der Hoff cafb9ff5a8 Update documentation_style.rst (#3352) 3 years ago
Richard van der Hoff a187996383 Notes on how to use `hugo` from docker (#3349)
... and the minimum version required.
3 years ago
Richard van der Hoff 6afe10409e Update documentation_style.rst (#3351)
hugo tales commonmark.
3 years ago
Alexey Rusakov 6d2c388144 Merge pull request #3336 from lukaslihotzki/include-peek-events
OpenAPI: include peekEvents
3 years ago
Denis Kasak 14ed131761 Add newsfragment for #3339. (#3342) 3 years ago
Lukas Lihotzki 8a8db03a13 OpenAPI: include peekEvents
Disambiguate from getEvents by a trailing space in path (like inviteUser).

Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
3 years ago
Denis Kasak 3fb4fcaad9 Merge pull request #3339 from matrix-org/dkasak/fix-typo-indentity
Fix typo in /_matrix/client/r0/account/3pid/delete (indentity -> identity).
3 years ago
Hubert Chathi b231220bbd Merge pull request #3337 from uhoreg/room_create_canonical_alias
room creation: create canonical alias event if alias specified
3 years ago
Denis Kasak ddbbd76b32 Fix typo in /_matrix/client/r0/account/3pid/delete. 3 years ago
Alexey Rusakov fbf4259a83 Merge pull request #3330 from lukaslihotzki/add-titles
OpenAPI: add titles
3 years ago
Hubert Chathi 8536cd3e16 drop initial state check 3 years ago
Alexey Rusakov 5749325fc3 Merge pull request #3329 from lukaslihotzki/missing-tags
OpenAPI: improve tags
3 years ago
Lukas Lihotzki 13f7df1379 OpenAPI: add titles 3 years ago
Hubert Chathi f814f86031 add changelog 3 years ago
Hubert Chathi 89089e8913 Merge pull request #3332 from lukaslihotzki/required-bodies
OpenAPI: require all bodies in cross_signing
3 years ago
Lukas Lihotzki 39e70a2902 OpenAPI: split User data tag
Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
3 years ago
Alexey Rusakov 3bf7e48e13 Merge pull request #3327 from lukaslihotzki/unique-ids
OpenAPI: fix key_backup
3 years ago
Hubert Chathi ee92c94cfe Mention that a canonical alias event should be created if alias specified 3 years ago
Hubert Chathi 88479ca851 Merge pull request #3331 from lukaslihotzki/add-uia
OpenAPI: add auth property in uploadCrossSigningKeys
3 years ago
Lukas Lihotzki 1a81a46865 OpenAPI: require all bodies in cross_signing
Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
3 years ago
Lukas Lihotzki 97ebe5aec2 OpenAPI: add missing tags
peekEvents remains untagged, because it is explicitly excluded.

Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
3 years ago
Andrew Morgan ff2c93af1c Use `changelogs/release.yaml` for the version number source everywhere (#3310)
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
3 years ago