archive
/
matrix-spec-proposals
mirror of https://github.com/matrix-org/matrix-spec-proposals
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,422 Commits
721 Branches
26 Tags
36 MiB
erikj/sss
travis/room-dir-pinned
rav/proposal/invite_blocking
main
tulir/remove-plaintext-sender-key
travis/msc/media-integrity
element-hq/oidc-qr-login
kaylendog/msc/simplified-encrypted-state
travis/msc/user-redact
kegan/persist-edu
hughns/user-limit-exceeded
quenting/account-deeplink
rav/proposal/encrypted_history_sharing
toger5/expiring-events-keep-alive
andybalaam/emoji-verification-images
hughns/capability-error-code
travis/msc/prev-events-fed
hughns/resource-limit-exceeded-extra-fields
hughns/sso-redirect-action
toger5/matrixRTC
anoa/tweak_msc_checklist
quenting/as-device-management
rei/msc_thread_subscriptions
travis/msc/3202/devices
devon/ssext_threads
rei/msc_ssext_threadsubs
hughns/device-authorization-grant
tulir/appservice-encryption-impersonation
kegan/placeholder-2
tulir/send-redact-backwards-compatibility
kegan/device-limit
travis/msc/mass-redactions-plural
hughns/rendezvous-api-update
travis/msc/placeholder/00-apr072025
dbkr/animated-image-flag
hs/user-search-profiles
hs/shared-rooms
hs/msc-as-profile-suppliments
travis/msc/in-room-bot-commands
travis/msc/modbot-api
toger5/matrixRTC-call-decline
toger5/matrixrtc-call-ringing
johannes/notify-in-app
travis/msc/invite-with-auth
kegan/msc4297
travis/msc/fix4289-pl150-tie
matthew/msc4289
matthew/msc4291
erikj/sync_v2_state_after
toger5/finalised-delayed-events-on-sync
rav/proposal/auth_events_in_correct_room
tulir/slighty-strict-user-id-grammar
tulir/remove-legacy-mentions
hughns/external-payment-details
travis/msc/redact-on-ban-room-version
travis/msc/client-room-version-caps
matthew/msc4290
travis/msc/widgets-send-receive-events
andybalaam/shared-key-backup-preference
richvdh-patch-2
hs/media-preview-switch
bnjbvr/interactive-roommessag
travis/msc/safety-glossay/ignore-block
hughns/delegated-oidc-architecture
travis/msc/reporting-v2/00-user-server
old_master
quenting/oauth2-revocation
andybalaam/crypto-terminology
travis/msc/soft-unfailure
hs/homeserver-content-trust-level
travis/msc/glossary
dbkr/threepid_submittoken_errors
travis/msc/report-user
johannes/rich-room-topics
travis/msc/process/modify-accepted
travis/msc/extev/00-base/mod/state
travis/msc/authenticated-media-v2
travis/msc/legacy-media-endpoints
travis/msc/widget-client-identification
travis/msc/mls/00-core
travis/msc/to-device-servers
travis/msc/immutable-encryption-algo
andybalaam/owner-state-events
kegan/placeholder-1
hughns/matrixrtc-m-call
matthew/msc4076
matthew/msc4234
travis/msc/knocking-server
travis/msc/abac
matthew/msc4231
rav/proposal/client_data_in_key_upload
travis/msc/search-redirect
rav/proposal/otks_in_upload_order
include_device_keys
tulir/service-members
travis/msc/safety-allow-errors-on-unbind
matthew/msc4220
matthew/msc4016
kegan/profile-changes
travis/msc/widgets-send-recv-toDevice
travis/msc/deprecated-endpoints
tulir/appservice-to-device
anoa/copy_hints
travis/msc/mention-spam-suppress
travis/msc/translated-errors
kegan/ssext-receipts
toger5/future-widget-api
kegan/otk-reset
aggregation-cleanup
toger5/rtc-focus-well-known
travis/msc/request-max-body-size
kegan/fallback-keys
travis/msc/room-labeling-filtering
rei/msc/accdata_ases
travis/msc/social-sign-on-authed-media
hughns/device-signing-upload-uia
travis/msc/verified-accounts-part1
tulir/fix-reply-intentional-mentions
travis/msc/t2bot/bot-buttons
travis/msc/head-media-download
travis/msc/fix-x-matrix-auth
babolivier/m_locked
matthew/msc4136
travis/msc/remove-qs-auth
hughns/gha-update
travis/msc/voluntary-flagging
travis/reinstated-events
travis/msc/appservice-soft-failure
hughns/simple-rendezvous-capability
travis/msc/feature-versioning
toger5/encrypted-event-indexing
matthew/msc4103
kegan/fix-threaded-read-receipts
travis/msc/signing-key-purpose
travis/msc/media-redirect-auth-cdn
toger5/localTimestamp-server-sync
kegan/complement-msc
justjanne/3981-relations-recursion
matthew/msc3018
travis/msc/delivery-receipts
giomfo/push_encrypted_events
kegan/msc3884
stefan/pusher-creation
travis/msc/2244-ext-uia
matthew/msc4083
gsouquet/unsigned-thread-id
andybalaam/event-thread-and-order
hs/proposal-admin-contact-1
kegan/sync-v3
rav/proposal/dead_device_key_claims
giomfo/tweak_email_notification
travis/msc/inhibit-profile
travis/msc/rules-prompt
travis/msc/mutable-events
travis/msc/additive-events
travis/msc/rbac-pl
clokep/mentions-mixin
travis/msc/room-id-is-create-event
travis/msc/send-as-server-or-room
travis/msc/room-send-key
travis/msc/make-send-pdu
travis/msc/drop-ips
travis/msc/strict-user-id-grammar
travis/msc/iana/service_name
andybalaam/thread-root-is-not-in-thread
andybalaam/deleting-state
babolivier/relation_redaction
weeman1337/voice-broadcast
travis/msc/polls-notifs
alfogrillo/poll_history_cache
travis/msc/room-model-config
kegan/pseudo-ids
bwindels/relation-redactions
clokep/thumbnail-media-negotiation
dbkr/voip-completed-elsewhere
madlittlemods/gappy-timelines
dbkr/2746-fix-typos
dbkr/msc2746
hughns/login-token-requests
clokep/encrypted-mentions-only-rooms
travis/msc/enc-as/otk-query
travis/msc/inline-widgets
travis/msc/voice-messages
travis/msc/extev/translatable
travis/msc/extev/video
travis/msc/extev/images
travis/msc/extev/files
travis/msc/extev/audio
travis/msc/extev/encryption
travis/msc/extev/notices
travis/msc/extev/emotes
madlittlemods/forwards-fill
hughns/device-scope-txnid
madlittlemods/join-timestamp-massaging
madlittlemods/timestamp-to-event-causality-parameter
matthew/msc2716
madlittlemods/createroom-timestamp-massaging
madlittlemods/power-level-up
kerry/display-notification-reason
travis/msc/linearized-matrix
hughns/sign-in-with-qr
kegan/ssext-account-data
kegan/ssext-typing
andybalaam/dynamic-predecessor
travis/msc/enc-as/key-query
travis/msc/otk-dl-appservice
hs/as-txn-limit
hughns/x25519-secure-channel
travis/msc/ietf-mimi-framework
hs/reporting-fixes
hughns/sign-in-with-qr-v2
kerry/remote-local-notification-toggle
madlittlemods/dynamic-predecessor
johannes/event-match-dotted-keys
dbkr/msc2747
clokep/room-tag-notifications
matthew/msc1767
matthew/msc3277
kegan/msc3885
SimonBrandner/msc/sfu
matthew/group-voip
kerry/remote-push-toggle
kerry/user-agent-on-device
travis/msc/extev/push-rules
travis/msc/extev-rel/push-rule-feature-condition
travis/msc/extev-rel/bulk-push-rule-change-endpoint
travis/msc/extev/rver-cond
travis/msc/audio-waveform
SimonBrandner/msc/call-notif
hs/appservice-no-notifs
travis/msc/del-srv
travis/msc/ietf-mimi-transport
travis/msc/ietf-mimi-message-format
fayed/cryptographic-membership
eric/msc-jump-to-date
rav/proposal/linking_media_to_events
matthew/owner-pl
madlittlemods/appservice-interested-in-local-users
justjanne/messages-endpoint-threads-filter
rav/propsal/content_tokens_for_media
matthew/msc1763
rav/proposal/faster_joins
fayed/tofu
babolivier/m_not_approved
rei/unable_partial_state_room
travis/msc/custom-stickers
babolivier/user_status
johannes/event-match-almost-anything
babolivier/msc_presence_busy
travis/msc/welcome-message
anoa/blurhash
hs/errcode-specific-failure
anoa/custom_room_presets
travis/msc/federated-reports
aggregations-references
travis/extev/power-levels
johannes/cascading-profile-tags
richvdh-patch-1
travis/clarify-msc/aggregations-on-sync
clokep/threads-push-rule
andybalaam/owned-state
travis/msc/v10
matthew/location-streaming
stefan/ephemeral-location-streaming
andybalaam/location-streaming-wip
rav/pr_templates
rav/readme
hawkowl/backfill-state
kerry/time-based-push-filtering
erikj/deprecate_sender_key
babolivier/unread_counts
travis/msc/state-change-acls
andybalaam/state-sub-keys
hs/deactivated-user-metadata
gsouquet/threading-via-relations
neilalexander/plints
travis/msc/soft-logout-flows
travis/msc/simplified-join-rules
rav/no_preview_proposals
hs/fix-as-login-typo
rav/update_deps
rav/missing_changelog
rav/clarify_send_join
warning-untagged
release/v1.2
neilalexander/powerlevels
anoa/numbers
matthew/typos
matthew/msc3676
stefan/encrypted-ephemeral-data-units
rav/fix_appservice_threepid_protocols
rav/empty_response_body_fixes
matthew/location
hs/widget-share-api
rav/allof-comments
dbkr/voip-early-media
gsouquet/from-param-msc3567
travis/msc/extev/replies-edits
neilalexander/msc/send
rav/proposal/drop-event-from-auth-events
release/v1.1
hs/appservice-login-spec
rav/fix_array_examples
shay/clarify_well_known
rav/fix_event_auth_spec
uhoreg/remove_room_message_feedback
hs/as-global-read
bwindels/aggregation-pagination
bwindels/relations-visibility
rav/update_validator
rav/fix_netlify_for_plus_branch
rav/move_prev_content
rav/fix_up_notifications
travis/msc/timeboxed-relations-endpoint
rav/remove_unsigned_from_federation_events
anoa/emote_clarifications
matthew/let-users-kick-each-other
rav/remove_event_def
hs/explicitly-link-RFC5870
kegan/spaces-summary
rav/no_rebuild_matrix.org
rav/netlify_previews
rav/del_bk_pipeline
rav/remove_old_templated
rav/fix_gen_swagger
matthew/guest-state-events
kegan/low-bandwidth
travis/msc/encrypted-state
hs/synthetic-appservice-events
daenney/msc-server-status
travis/msc/upgrade-state
dmr/remove_mentions_of_groups
rav/pagination_conventions
rav/master2
neilalexander/binary
rav/pagination_clarifications
rav/api_conventions
anoa/spec_release_infra
rav/docstyle_json_properties
rav/doc_style
rav/readme_updates
dkasak/tweak-pdu-diagram
dkasak/newsfragment-for-3339
hs/widget-invite-api
anoa/duplicate_mimetype_info
erikj/counters
kitsune/counting-unread-messages
fix-croatian-sas-emoji
hs/proposal-appservice-login
travis/msc/modal-widgets
j94/members-knock
jryans/mobile-toc-overlap
hs/explicit-room-id-for-tombstones
travis/msc/space-flair
hs/soft-kicks
clokep/batch-state
anoa/clarify_concerns_during_fcp
matthew/msc1772
travis/msc/trees
message-timezone-markup
dbkr/msc3144
rav/fix_pdu_size
rav/proposals/id_grammar
travis/msc/uia-fix-optional
dbkr/voip_asserted_identity
matthew/msc2962
travis/msc/mutable-subtypes
babolivier/msc-room-label
anoa/test
travis/msc/typed-typing-notifs
dbkr/i_felt_your_presence
anoa/room_version_7
matthew/matrix-uri
matthew/msc3020
travis/msc/tos-api
travis/msc/widgets-http-transport
travis/msc/widgets-scoped
anoa/support-rendered-data
travis/msc/widgets-re-exchange-caps
travis/msc/member-apis-event-id
travis/msc/widgets-navigate-permission
msc-connect-matrix-to-matrix
travis/msc/1337-joined-rooms
kegan/msc/threading
matthew/msc2753
travis/msc/move-widget-title
travis/widgets
travis/msc/widget-caps-respond
matthew/msc2444
travis/msc/global-event-ids
dbkr/msc2845
uhoreg/keys_withheld
dbkr/msc2772
clokep/test-pusher
travis/msc/widgets-data-error
travis/msc/widget-id
rav/proposals/notification_attributes
travis/msc/roles
neilalexander/identities
matthew/msc2775
babolivier/device_lists_clients
rav/remove_oauth2
travis/msc/ipfs
travis/msc/thumbnail-types
travis/msc/mxc-deduplication
travis/msc/media-ids
travis/msc/rudimentary-media-auth
jryans/matrix-to-uri-v2
jryans/get-event-by-id
rei/pushrules_define_enabled
rei/bug_type_actions
hs/msc-bridge-inf
matthew/msc2278
rav/proposal/mark_unread
travis/msc/impl-guide
server_server/release-r0.1.4
client_server/release-r0.6.1
kegan/backfill-wording
ben/captions-proposal
poljar/event-id-required
benp/proposals-scraper-fix
anoa/gpdr17
giomfo/tagged_events
anoa/media_as_rooms
matthew/msc1777
babolivier/identity-versions
babolivier/msc_email_case
anoa/no_auth_on_submit_token
anoa/no_client_secret
rav/proposal/fix_alias_redaction
rav/proposal/change_aliases_auth_rules
anoa/msc_media_information_api
anoa/msc_separate_hs_api
hs/msc-as-versions2
hs/msc-as-versions
jryans/clarify-cross-signing-examples
erikj/invite_reject_reasons
matthew/msc2326
msc2313
matthew/msc2359
hs/msc-2356
client_server/release-r0.6.0
identity_service/release-r0.3.0
matthew/msc2228
travis/msc/integrations/base
matthew/msc2301
matthew/2326
rav/proposal/remove_mxids_from_events
travis/msc/integrations/select-none
travis/msc/immutable-dms
travis/msc/kill-msisdn-pw-reset
matthew/msc2300
babolivier/standardised-federation-response-format
msc2271
matthew/msc2270
poljar/key_request_fix
dbkr/tos_2
dbkr/is_in_account_data
travis/msc/rejoin-private-rooms
anoa/msc2233
anoa/msc2322
travis/msc/upgraded-private-rooms
hs/hash-identity
travis/msc/third-party-power
anoa/is_store_hashed_3pids
matthew/msc1849
server_server/release-r0.1.3
application_service/release-r0.1.2
push_gateway/release-r0.1.1
matthew/msc1849-rewrite
anoa/test_pr
jryans/msc-push-rule-reactions
jryans/room-one-to-one-push-rule
anoa/typooo
identity_service/release-r0.2.1
travis/msc/federation-capabilities
client_server/release-r0.5.0
server_server/release-r0.1.2
identity_service/release-r0.2.0
application_service/release-r0.1.1
anoa/hs_3pid_tokens
matthew/1.0/msc688-msc1227-lazy-loading
matthew/msc1779
bwindels/messages-chunk-order
anoa/clarify_email_sending
rav/proposal/no_trailing_slash_on_key_request
babolivier/password-policy
matthew/room_v4
dbkr/dummy_auth_for_disambiguation
hs/disable-presence
anoa/missing_punctuation3
anoa/typo2
anoa/typo
anoa/missing_punctuation
rav/fix_jenkins_comments
neilj/Remove-prev_content-from-the-essential-keys-list2
travis/msc/integrations/stickerpicker
neilj/Remove-prev_content-from-the-essential-keys-list
rav/proposal/no_slash_in_event_id
neilj/v3_rooms_by_default
uhoreg/fix_export_format
erikj/unbind_threepid_msc
hs/proposal-admin-contact
travis/msc/cancel-3pid-sessions
babolivier/alttext-sticker
anoa/add_space
benpa/spelling-fix
erikj/fed_invite_error_code
matthew/msc1796
server_server/release-r0.1.1
server_server/release-r0.1.0
erikj/event_id_hashes
neilj/remove_presence_lists
neilj/msc-remove-presence-lists
neilj/msc_remove_presence_lists
erikj/make_membership_room_ver
dbkr/encrypted-recovery-keys
travis/msc/profile-discovery
anoa/sticky_headers_fix
matthew/msc1769
matthew/msc1776
rav/proposal/cs_capabilities
erikj/state_res_rejections
erikj/rooms_v2
erikj/event_checks
revert-1730-rav/proposal/cs_api_in_login
dbkr/add_sandbox_to_csp
rav/msc1730/work
rav/simplify_msc1730
rav/proposals/homeserver_in_sso_login
rav/proposal/signing_signing_keys
erikj/soft_logout
travis/msc/wellknown-improvements
erikj/soft_fail
matthew/encrypted-recovery-keys
travis/misc/room-spec-full
travis/notes/3pid-invites
matthew/device_list_update
matthew/to-device
client_server/release-r0.4.0
identity_service/release-r0.1.0
erikj/limit_auth_events
erikj/auth_events
erikj/auth_rejections
erikj/spec_3pid_ruls
erikj/fixup_auth_rules
application_service/release-r0.1.0
push_gateway/release-r0.1.0
human-id-rules
erikj/limit_txn_size
hs/guests-can-fetch-events
dbkr/room_tag_grammar
drafts/e2e
erikj/state_res_msc
dbkr/fix_room_tags
hs/dns-to-be-hostname
anoa/openapi_3
benp/clarifyintro
anoa/as_thirdparty_lookup
travis/proposals-pagination
benpa/travisci-ignore-proposals
hs/appservice-use-auth.type
t3chguy/errs
t3chguy/erase
t3chguy/group_id
matthew/filter_members
michaelkaye/re_add_proposals
benparsons/proposalsCI
t3chguy/search_docs
rxl881/stickerpack
proposals
rav/test
rxl881/stickers
rooms/event
dbkr/fix_keys_changes
dbkr/keys_query_token
client_server/r0.3.0_updates
dbkr/is_bulk_lookup
dbkr/threepid_add_msisdn
rav/travis
client_server/r0.2.0_updates
rav/projects-guillotine
babolivier/fix-invite-example
babolivier/third-party-invites
babolivier/fix-get-room-alias
leonerd/circle
dbkr/remove_unused_is_file_2
dbkr/remove_unused_is_file
markjh/thumbnail_url
markjh/replays
paul/thirdparty-lookup
dbkr/push_examples_api_path
erikj/report
dbkr/identity_api_right_path
dbkr/notifs_api
erikj/filter_url
rav/access_tokens
dbkr/clarify_highlight_and_sound
matthew/fix_state_sending_desc
dbkr/contains_display_name_override
dbkr/add_dot
markjh/filename
release/client-server/r0.2.0
erikj/account_deactivate
dbkr/more_requesttokens
dbkr/dont_line_wrap_rst
dbkr/threepid_requesttoken
erikj/presence
dbkr/default_state_defaults
drafts/reinstate_device_push_rules
rav/json_schema
paul/update-howto-for-r0
paul/migrating-from-v1
dbkr/fix_directory_path
dbkr/get_pushers
dbkr/add_push_change_event_id
markjh/pushrule_stream
dbkr/notification_counts
markjh/change_action
markjh/get_enabled
dbkr/fix_meta_escaping
markjh/default_rules
markjh/remove_device_specific_rules
dbkr/profile_return_null
markjh/3pid_login
markjh/three_pid_creds
invalid_user_name
erikj/create_room_3pid_invite
markjh/guest_access
markjh/account_data_filters
markjh/room_filter
markjh/wildcards
paul/federation
erikj/search_yet_agian
markjh/filter_inline
erikj/event_context_api
markjh/archived_flag
markjh/client_config
markjh/room_tags
more_nesting
markjh/syntax_highlighting_message_examples
markjh/full_http_api_docs
markjh/v2_sync_prev_content
markjh/request_syntax_highlighting
erikj/search
markjh/event_syntax_highlighting
erikj/login_fallback_v1
templating-nested-request-objects
erikj/search_actual
markjh/list_formatting
markjh/blockquote_css
clarify_scale_crop
appservice-swagger
spec-182-asapi-user-creation
registration-swagger
invite-room-state
room-avatar
proofing
proofing2
module-history-vis
module-im
spec-177-events-max-len
spec-207-asapi-unique-tokens
erikj/newline_gendoc_STOP_BEING_CRANKY
spec-205-password-strength
directory-api
spec-144-https-examples
module-push
data-messages
html-messages
markjh/initial_sync_archived_flag
markjh/v2_sync_templating
markjh/v2_sync_api
erikj/disable_federation
release-0.2.0
module-presence
module-content-repo
erikj/room_create_preset
module-receipts
module-voip
module-typing2
spec-feature-profiles
erikj/invite_state
paragraphs
erikj/login_token
spec-module-format
unused-template-vars
macaroons
markjh/check_request_schema
markjh/node_swagger_validator
spec-restructure-modules
convert-to-modules
markjh/document_v1_rooms_api
markjh/jenkins
markjh/example_checker
markjh/codehighlighting
markjh/swagger_examples
markjh/event-schema
spec-file-structure
spec-edits-cleanup
markjh/gendoc_directory
client_server_v2_http_api
newlines
receipts
markjh/history_for_rooms_that_have_been_left
history_visibility
erikj/canonical_alias
csauth2
templating
event-schemas
as-register-modifications
erikj/as-register-removal
key_v2_fixes
csauth
key_v2
ua925_reshuffle
push
v2-presence
application-services
use-cases
client_server_v2
push_gateway/r0.1.0
r0.0.0
0.2.0
application_service/r0.1.0
application_service/r0.1.1
application_service/r0.1.2
client-server/r0.1.0
client-server/r0.2.0
client-server/r0.3.0
client_server/r0.4.0
client_server/r0.5.0
client_server/r0.6.0
client_server/r0.6.1
identity_service/r0.1.0
identity_service/r0.2.0
identity_service/r0.2.1
identity_service/r0.3.0
push_gateway/r0.1.1
r0.0.1
server_server/r0.1.0
server_server/r0.1.1
server_server/r0.1.2
server_server/r0.1.3
server_server/r0.1.4
v1.1
v1.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '83613457f7'
${ noResults }
Commit Graph

6422 Commits (83613457f7be829d5bd123e7023e83faf20e581f)
 

Author SHA1 Message Date
Travis Ralston 83613457f7 MSC: Supporting alternative room directory sorting 1 week ago
Hugh Nimmo-Smith e9f0f31d27
MSC3824: OAuth 2.0 API aware clients (#3824) 
* Add an optional query parameter to SSO redirect

* MSC3824

* Update proposals/3824-sso-redirect-action.md

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Add supported actions per auth type

* Add GET /_matrix/client/v3/register alternative

* Rework proposal to be about OIDC aware clients

* Rename proposal file

* Use _ formatted flag name

* Fixes to Homeserver and Client requirements list

* RECOMMENDED: label SSO button as "Continue"

* Use unstable prefix for action query param

* Reference to MSC3861

* Update proposals/3824-oidc-aware-clients.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Style

* Reorganise requiremetns

* Add 3pid and session management requirements

* Update account management/web UI link parameters for consistency with MSC2965

https://github.com/sandhose/matrix-doc/blob/msc/sandhose/oidc-discovery/proposals/2965-oidc-discovery.md#account-management-url-parameters

* Update to reference OAuth 2.0 API in spec and MSC4191

* Add note about session_end vs org.matrix.session_end

* Update proposals/3824-oidc-aware-clients.md

* Add note on where action=login|register value might come from

* Clarify what was meant by "compatibility layer"

* Add requirement about deactivating account

* Use org.matrix.device_delete from MSC4191 not org.matrix.session_end

* Update proposals/3824-oidc-aware-clients.md

Co-authored-by: David Baker <dbkr@users.noreply.github.com>

* Cleanup

* Feedback from review

Re https://github.com/matrix-org/matrix-spec-proposals/pull/3824#discussion_r2410559153

* Linewrap

* DItto

* Links

* Link to m.login.sso

* Attempt to clarify purpose/intent of MSC

* Fix links

* Spelling

* Clarify that server discovery is needed + that the whole thing is optional

* Clarify that m.login.password is only required where homeserver previously supported it

* Apply suggestions from code review

Co-authored-by: Hubert Chathi <hubertc@matrix.org>

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
 1 week ago
Quentin Gliech 2b6da16d52
MSC4191: Account management for OAuth 2.0 API (#4191) 
* WIP: Account management deep-linking

* Update to reference OAuth 2.0 API

* Update title for MSC4191 deep-linking proposal

* Clarifications and relate to existing wording in spec

* Update proposals/4191-account-deeplink.md

* Add note about malicious link mitigation

* Apply suggestions from code review

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>

* Update action values and reorder sections for readability

* Update proposals/4191-account-deeplink.md

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Update proposals/4191-account-deeplink.md

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Update cross-signing reset action with additional details

Added a reference to MSC4312 for cross-signing reset details.

* Apply suggestions from code review

Co-authored-by: Tonkku <contact@tonkku.me>

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@element.io>
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Tonkku <contact@tonkku.me>
 1 week ago
timedout 24f045ba45
MSC4323: User suspension & locking endpoints (#4323) 2 weeks ago
codedust 765af8d00f
Proposal template: explicitly mention RFC 3552 in security section (#4378) 
* Template: explicitly mention RFC 3552 in security section

Signed-off-by: codedust <codedust@users.noreply.github.com>

* Apply suggestions from code review

---------

Signed-off-by: codedust <codedust@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
 3 weeks ago
Andrew Morgan b8a558afd9 fix MSC ID in MSC3820 title 3 weeks ago
Andrew Morgan 5921d432b0
Note general endpoint reminders apply to existing endpoints that are modified (#4364) 3 weeks ago
Johannes Marbach ea0aef0aa3
MSC4312: Resetting cross-signing keys in the OAuth world (#4312) 
* MSC4312: Resetting cross-signing keys in the OAuth world

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Link to MSC4191

* Add org.matrix.cross_signing_reset navigation action

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Mention RFC9470 as an alternative as per @hughns's suggestion

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Rename m.cross_signing_reset to m.oauth

Co-authored-by: Travis Ralston <travpc@gmail.com>

* Clarify that security risks are specific to implementations

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Rename leftover occurrences of m.cross_signing_reset

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Clarify that this proposal (now) aims to spec an interim solution

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Reformat

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Mention MSC4363 as a future alternative

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Add recommendation for how to migrate from the unstable to the stable identifier

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Explain the renaming to m.oauth

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Relax wording around server requirements

---------

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Travis Ralston <travpc@gmail.com>
 2 months ago
Hubert Chathi 55ec009949
MSC4153: Exclude non-cross-signed devices (#4153) 2 months ago
Quentin Gliech ebb7d204ec
MSC4190: Device management for application services (#4190) 
Co-authored-by: Tulir Asokan <tulir@maunium.net>
 2 months ago
Travis Ralston 2b15b1074b
MSC4326: Device masquerading for appservices (#4326) 
Co-authored-by: Tulir Asokan <tulir@maunium.net>
 2 months ago
Tulir Asokan 130da801e3
Fix links and remove linebreaks in checklist (#4346) 
Signed-off-by: Tulir Asokan <tulir@maunium.net>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 3 months ago
Patrick Cloke 05bc4b4c13
MSC4175: Profile field for user time zone (#4175) 
* MSC4175: Profile field for user time zone

* Expand security section.

* Fix typos.

Co-authored-by: Will Hunt <will@half-shot.uk>

* Updates.

* Update with concerns

* Add additional required info

* Typo fix

* Review comments.

Co-authored-by: Travis Ralston <travisr@matrix.org>

* Typo fix

Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>

* Add examples

---------

Co-authored-by: Will Hunt <will@half-shot.uk>
Co-authored-by: Travis Ralston <travisr@matrix.org>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
 3 months ago
Travis Ralston 71cb0bdbb5
MSC4311: Ensuring the create event is available on invites (#4311) 
* MSC: Ensuring the create event is available on invites and knocks

* Clarify that we're not replacing auth checks on create events

* Acknowledge disparity in unaffected room formats

* This isn't a word despite what spellcheck thinks

* add migration steps

* Just use the normal stripped_state format

* Rewrite problem statement and solution components to match new scope

* review: improve intro

* review: clarify format

* review: fix knocks

* review: fix room_id calculation

* review: rework migration wording

* Fully format all events in stripped state

* Spelling

* Make migration normative

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Adjust requirements on servers

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 3 months ago
Tulir Asokan 0b27750479
MSC4142: Remove unintentional intentional mentions in replies (#4142) 
* Proposal for removing unintentional intentional mentions in replies

Signed-off-by: Tulir Asokan <tulir@maunium.net>

* Explicitly specify that clients can add more mentions

Signed-off-by: Tulir Asokan <tulir@maunium.net>

---------

Signed-off-by: Tulir Asokan <tulir@maunium.net>
 3 months ago
Travis Ralston e7475e0c5b
Placeholder for MSC4289 unembargo (#4328) 
* Placeholder for MSC4289 unembargo

* Incorporate pre-FCP embargoed MSC content

Cover security@ email too
 4 months ago
Travis Ralston 75f585d1df
MSC4304: Room Version 12 (#4304) 
* Create 4304-placeholder.md

* MSC: Room Version 12

spellcheck

Update 4304-room-version-12.md

Encourage servers to deviate from the SHOULD in the spec

Apply suggestions from code review

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

---------

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 4 months ago
Kegan Dougal d9ec3387c0
MSC4297: State Resolution 2.1 (#4297) 
* Placeholder

* Add MSC4297: SR2.1 manually

`git apply` hates me

---------

Co-authored-by: Travis Ralston <travisr@matrix.org>
 4 months ago
Johannes Marbach 2bb34224dd
Clarify capability behaviour with respect to avatar_url and displayname in MSC4133 (#4327) 4 months ago
Travis Ralston f6df298869
Clarify `/upgrade` behaviour in MSC4289 to match implementation (#4315) 
Discovered while writing the spec PR.
 4 months ago
Travis Ralston 0dcb9d063b
Editorial: Fix dates & unstable prefix of MSC4291 (#4314) 
* Fix dates & unstable prefix of MSC4291

* circular dep is circular

* fix the correct circular dep
 4 months ago
Matthew Hodgson 3d68238b0f
MSC4289: Explicitly privilege room creators (#4289) 
* msc4289 placeholder

* Populate MSC

---------

Co-authored-by: Travis Ralston <travisr@matrix.org>
 4 months ago
Matthew Hodgson b1f4ea8c3d
MSC4291: Room IDs as hashes of the create event (#4291) 
* msc4291 placeholder

* Add MSC4291: Room IDs as hashes of the create event

Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz>

* Fix image src

* Review comments

* Add prose on blocking alternative

* Add MSC4311 note

* Update proposals/4291-room-ids-as-hashes.md

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* 11th hour review

---------

Co-authored-by: Kegan Dougal <7190048+kegsay@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Travis Ralston <travisr@matrix.org>
 4 months ago
Richard van der Hoff 45fb4ba63e
Proposal to fix the auth events (#4307) 5 months ago
Erik Johnston 6e3e1622b5
MSC4222: Adding `state_after` to `/sync` (#4222) 
* First draft of MSC4222

* Fix indentation

* Fix json

* Include msc number in unstable prefixes

* Update proposals/4222-sync-v2-state-after.md

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Update proposals/4222-sync-v2-state-after.md

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Apply suggestions from code review

As discussed during the MSC clinic hour

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Re-word the paragraphs about rebuilding the history of state

* Add more details about why /v3/sync's current behaviour is insufficient.

* Clarify state_after limitation regarding state removal

* Update proposals/4222-sync-v2-state-after.md

Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: fkwp <fkwp@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
Co-authored-by: fkwp <github-fkwp@w4ve.de>
Co-authored-by: Travis Ralston <travisr@matrix.org>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
 5 months ago
Tulir Asokan 07ee4ffef7
MSC4210: Remove legacy mentions (#4210) 
* Remove legacy mentions

Signed-off-by: Tulir Asokan <tulir@maunium.net>

* Add another potential issue

Signed-off-by: Tulir Asokan <tulir@maunium.net>

* Add new room version to alternatives

Signed-off-by: Tulir Asokan <tulir@maunium.net>

* Specify that including `m.mentions` in all events is still necessary

Signed-off-by: Tulir Asokan <tulir@maunium.net>

* Add links to current spec

---------

Signed-off-by: Tulir Asokan <tulir@maunium.net>
 5 months ago
Richard van der Hoff 5beaf2e7a7
checklist: fix links (#4285) 
Fix a couple of broken links in the MSC checklist
 7 months ago
Travis Ralston c8d22786c3 typo 8 months ago
Quentin Gliech b2ea1a7f9e
MSC2967: API scopes (#2967) 
* API Scopes MSC

* Proposed insufficient privilege response format

* Remove realm as not required

* Clarifications + update on latest device management proposal

* Revised namespace structure + unstable prefixes

* Revise prefix for device ID

* Reference to MSC3861 + cleanup

* Add scope for guest access and tidy up

* No need for UIA scope

* Update proposals/2967-api-scopes.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Clarification about encoding of device ID within URN scope

* Rework MSC

- Remove insufficient privilege response
- Remove guest scopes
- Reword some parts

* Update proposals/2967-api-scopes.md

Co-authored-by: Travis Ralston <travpc@gmail.com>

* Reword as dbkr suggested

* Reword how unstable subdivisions are used

* Remove confusing sentence

* Gather all the links at the bottom of the document

* Tyding up, define exactly how device IDs are handled

* Don't use a table for a single row

* Typo

Co-authored-by: David Baker <dbkr@users.noreply.github.com>

* Fix math rendering

* Fix the math

* Minor rewording on device uniqueness

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Simplify wording around the ASCII range

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Typo

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Scope vs scope token is confusing

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Reword how the device ID is requested

* Explain why we keep the device ID generation on the client

* MSCXXXX is a better placeholder

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* The scope MUST have a device ID

* Clarify that device IDs are still unique per user

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 8 months ago
Quentin Gliech d83a46e498
MSC2966: Usage of OAuth 2.0 Dynamic Client Registration in Matrix (#2966) 
* OAuth 2.0 Dynamic Registration MSC

* contacts is required non-empty

* Make client_uri mandatory

* Rework MSC

 - makes some metadata optional
 - better explain how each metadata field is used
 - better explain what the restrictions on redirect_uris are
 - remove the signed metadata part
 - mention the client metadata JSON document alternative

* Mention the `token_endpoint_auth_method` client metadata

* Update proposals/2966-oauth2-dynamic-registration.md

Co-authored-by: Tonkku <4409524+tonkku107@users.noreply.github.com>

* State that the homeserver should display the tos_uri and policy_uri

* Make the wording for the refresh token clearer

* Clarify that native callbacks with no slashes are allowed

* Give an example where the server ignores an unsupported grant type

* Add security considerations

* must -> MUST, should -> SHOULD, may -> MAY

* Clarify the client should store the client_id

* Simplify definition of client_uri, already covered by the RFC

* Explain the point of the MSC earlier

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Remove empty section

* Explicitly state that the client_uri is required

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Fix the web/native client sub-sub-sub sections

* Clarify the localhost port-less redirect URIs

* The server should return a 201 on successful registration

* Explain better the restrictions on URIs

* Allow custom ports in the redirect URI

* Client regs won't grow exponentially

* Explain how to mitigate the problem of client registrations growing over time.

* Add missing metadata in the dynamic registration response

* Make 'metadata localization' its own sub-sub-sub-sub-section

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Server may still deduplicate registrations

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Suggest different strategies to mitigate the growing number of client registrations

* Let the server delete client registrations that have no active sessions

* Really, shoud MUST do a new client reg

* Make sure the summary doesn't sound authoritative

* Put the links at the end of the file

* Explain what is Matrix-specific, what is not

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Tonkku <4409524+tonkku107@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 8 months ago
Quentin Gliech 52db4c684a
MSC2964: Usage of OAuth 2.0 authorization code grant and refresh token grant (#2964) 
* OAuth 2.0 profile MSC

* Refer to OP rather than AS to avoid clash with Application Service

* Title update and intro about architectural change

* Add section on endpoints that would now be outside of scope and so removed

* Spelling

* Section on proposed endpoints that would no longer be relevant

* Consistency with MSC3861 and cleanup

* Standardise terminology on OpenID Provider = OP

* Update proposals/2964-oauth2-profile.md

Co-authored-by: Dominik Henneke <dominik.henneke@nordeck.net>

* Notes on QR and browserless

* OpenID id_token endpoint is still needed

* Notes about confusion with existing OIDC and OpenID capabilities

* Additional endpoints to be removed

* Add 3pid endpoints that would be removed

* Changes to GET /account/3pid

* Alternative proposal for 3PID handling

* Add section on removing UIA

* Refer to UIA as API

* We now have proposal for 3PID and guest access

* Logout semantics

* Remove TBDs that are done

* More done items

* Remove dependency loop

* Rework proposal to only cover the authorization code flow

* Fix a bunch of todos

* Fix typos

* Fix the response_mode being an authorization request parameter

* Apply suggestions from code review

Co-authored-by: Tonkku <tonkku.kallio3@gmail.com>

* Remove unused images

* Expand the security considerations section

* Clarify that using PKCE with *S256* is mandatory

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* All Matrix clients are public clients, no need to be too specific

* Add PAR/RAR in 'alternatives' section

* Replace horizontal rules with subsections

* Clarify how the client should handle access token refresh failures

* Explain why clients should use the fragment response_mode better

* Explain the scope better in the example

* Clarify that `code_verifier` should be cryptographically random

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Typo

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Hugh Nimmo-Smith <hughns@element.io>
Co-authored-by: Dominik Henneke <dominik.henneke@nordeck.net>
Co-authored-by: Tonkku <tonkku.kallio3@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 8 months ago
Hugh Nimmo-Smith 2f670cafb3
MSC3861: Next-generation auth for Matrix, based on OAuth 2.0/OIDC (#3861) 
* Matrix architecture change to delegate authentication via OIDC

* MSC3861

* typoe

* typoes

* typoes

* Add proposal for Matrix.org Foundation to become member of OpenID Foundation

* Update proposals/3861-delegated-oidc-architecture.md

Co-authored-by: greizgh <greizgh@ephax.org>

* Move images inline

* Use term OpenID Provider

* Add note about extending UIA as alternative

* Add reference to related MSCs

* Rework the MSC to better explain the rationale for the change

* Start writing the actual proposal

* Remove unused images

* Expand on 'why not just OIDC' and fix some typos

* Add note on the history of the proposal

* renamed 3861-delegated-oidc-architecture.md -> 3861-next-generation-auth.md

* Define token revocation through MSC4254 & add sample flow

* Use the new version of MSC2965

* List a few potential issues

* Mention areweoidcyet.com

* Apply suggestions from code review

Co-authored-by: Travis Ralston <travisr@matrix.org>

* § about how we keep the ecosystem open

* Update the alternatives table to stop mentioning 'OP'

* Reword how we mention MSC dependencies that are already in the spec

* Reformat with prettier

* Make it clearer what proposals are adjacente, write about ASes

* Add links about the current C-S API

* Add links to the spec

* Add links about OIDC and OAuth 2.0

* Clarify what the 'system browser' means

* Give an example of a better email verification flow

* Typo

* Reword what the benefits of using the homeserver's domain name are

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Talk more about the implications of scoped access tokens.

* Linkify /capabilities

* Clarify that the sample flow is non-normative

* Explain why we can't 'just use' OpenID Connect better

* Explain how currently HS can restrict client used

* Clarify what 'UIA APIs' mean in this proposal

* Mention that in theory UIA fallbacks also means implementation complexity on the homeserver side.

* Clarify that it doesn't have to be the *default* browser

* Clarify that I meant /login

* Reword around dynamic registration

* Reword: /login is not UIA!

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Add link for "web-based fallback"

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Typo

Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>

* Reword the browser redirect explanation

Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>

* Remove easter egg

* Better outline the rationale for this MSC

Co-Authored-By: Erik Johnston <erikj@matrix.org>

* Remove the redundant point about 'protecting the user's creds'

* Simplify the argument for client registration

Co-Authored-By: Richard van der Hoff <richvdh@users.noreply.github.com>
Co-Authored-By: Erik Johnston <erikj@matrix.org>

* Clarify what we aim to deprecate

* Typo

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

---------

Co-authored-by: Matthew Hodgson <matthew@matrix.org>
Co-authored-by: greizgh <greizgh@ephax.org>
Co-authored-by: Quentin Gliech <quenting@element.io>
Co-authored-by: Travis Ralston <travisr@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Co-authored-by: Erik Johnston <erikj@matrix.org>
Co-authored-by: Richard van der Hoff <richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 8 months ago
Quentin Gliech 8d2fb67793
MSC4254: Usage of RFC7009 Token Revocation for Matrix client logout (#4254) 
* MSC4254: Usage of RFC7009 Token Revocation for Matrix client logout

* Clarify how the token_type_hint parameter is used

* Clarify what the server should do if the client_id is not provided

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Tonkku <contact@tonkku.me>

* Explain why we allow revoking without a client_id better

* Clarify how this replaces the /logout API

* Some non-contentious clarifying bits

* s/login/logout/

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Tonkku <contact@tonkku.me>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
 8 months ago
Quentin Gliech 1e689aaff8
MSC2965: OAuth 2.0 Authorization Server Metadata discovery (#2965) 
* OIDC discovery MSC

* Add `account` field

* Add id_token_hint to account management URL

* Add reference to MSC3861

* Add missing heading

* Fix reference to MSC3861

* Update proposals/2965-oidc-discovery.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Fix typo

* Update 2965-oidc-discovery.md

* Update proposals/2965-oidc-discovery.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update proposals/2965-oidc-discovery.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* OIDC Provider -> OpenID Provider

* Define account management URL params

* Link for account management URLs

* MSC2965: move from well-known discovery to a dedicated C-S endpoint

* MSC2965: add a note about why the well-known alternative has been discarded

* MSC2965: move the account management URL to the provider metadata

* MSC2965: line breaks

* MSC2965: update note about the account endpoint metadata

* Move the /auth_issuer endpoint to the v1 prefix

* Add the `org.matrix.cross_signing_reset` action

* Typo

* Rename MSC

* Remove account-related URLs

* Mention RFC8414 as alternative

* Outline another alternative: publish the metadata through a C-S API

* Fix the alternative flow

* Publish the auth server metadata through a new C-S API endpoint

This removes the depdency on OIDC specs

* renamed 2965-oidc-discovery.md -> 2965-auth-metadata.md

* Clarify auth & rate limiting requirements

Co-authored-by: Travis Ralston <travpc@gmail.com>

* Mention the MSCs using each metadata value

* Explain what to do when next-gen auth is not available

* Add rationale for not using a .well-known endpoint

* Reformat with prettier

* Add `issuer` to the required metadata fields

* Explain why we don't just use static C-S endpoints

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Move the rationale for not using a `.well-known` document to the alternatives section.

* Typo

* Clarify why using the .well-known would be confusing

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Clarify what 'UIA flows' are exactly

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

---------

Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 8 months ago
Travis Ralston 9e729ec18c Fix typos 8 months ago
DeepBlueV7.X e39f38ae8a MSC3266: Room summary API (#3266) 
* Room summary proposal

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Remove alias resolution step from the federation API

* Reference #688 in the alternatives section

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Remove `is_direct` from response

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Fix unstable prefixes for implementations which keep the prefix and rest of the path separate

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add allowed_room_ids field

That way the requesting server knows, if any user would have access to
that room and it can forward the room to the user.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Extend rationale for additional fields to reference MSC2946

Also explain that membership is already accessible information.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add bulk API as an alternative

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Remove federation API and address feedback

- Add some additional rationale to some things.
- Federation API now reuses MSC 2946
- roomid -> roomId
- Move it out of /rooms, because it allows using an alias

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* fix prefixes again

* Remove extensions to federation API since that MSC is amended now

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Fix minor inaccuracy about the spaces sumary api

* Add encryption field back

* Add room version field

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Apply suggestions from code review

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>

* Add a bit more reasoning

* version -> room_version

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Try to address review comments

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Fix incorrect statement about encryption being a bool

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Split up the big alternatives section

* Collapse the same descriptions for publicRooms and hierarchy into one

* Shorten the 'accessible' section again

* Update proposals/3266-room-summary.md

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Update proposals/3266-room-summary.md

* Update proposals/3266-room-summary.md

Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>

* Support knock_restricted rooms and rename to room_summary

As well as a few smaller clarifications.

* Be more explicit about authentication

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Fix error codes and missing "Optional"

* Also add allowed_room_ids to hierarchy API

It suffers from the same knock_restricted issue.

* Apply suggestions from code review

Co-authored-by: Eric Eastwood <madlittlemods@gmail.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update spec links

* Clarify accessibility rules

* Update proposals/3266-room-summary.md

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Update proposals/3266-room-summary.md

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Unauthenticated access is impl-dependent

* add  to response

* Clarify resposnse documentation.

* Clarify situation for invited rooms

* further clarification about unauth access

* Update proposals/3266-room-summary.md

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

---------

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Eric Eastwood <madlittlemods@gmail.com>
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>
 8 months ago
Travis Ralston a15271b608
MSC4260: Reporting users (Client-Server API) (#4260) 
* MSC: Reporting users (Client-Server API)

* Add guest access requirements

* Add examples; fix reason

* Clarify that reports don't transit federation, but can still be received
 9 months ago
Johannes Marbach 3f3b34a427
MSC3765: Rich text in room topics (#3765) 
* Add rich room topic MSC

Signed-off-by: Johannes Marbach <johannesm@element.io>

* Rename to reflect propper MSC number

* Fix typo

* Explain why m.topic is kept separate from m.message

* Use json5 for formatting code snippet

Co-authored-by: Travis Ralston <travisr@matrix.org>

* Remove unneeded unstable room version

* Adapt to latest version of MSC1767

* Add paragraph about preventing formatting abuse

* Introduce wrapping m.topic content block (#4111)

* Clarify the case of HTML-only topics and transition logic (#4112)

* Clarify and simplify transition logic

* Clarify the case of HTML-only topics

* Make it more explicit that m.topic replaces m.room.topic without deprecation (#4181)

* Remove line-based formatting logic and limit length of topics (#4182)

* Update MSC3765: Rich text in room topics (#4215)

Updates MSC from feedback,

* Accept suggestion

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Clarify length / display limits.

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Apply clarifications from author

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Make MSC3765 independent of extensible events and new room versions (#4240)

* Apply suggestions from code review

* Update proposals/3765-rich-room-topics.md

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Properly explain why the m.topic content block is needed (#4251)

* Apply suggestions from code review

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

---------

Signed-off-by: Johannes Marbach <johannesm@element.io>
Co-authored-by: Travis Ralston <travisr@matrix.org>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 9 months ago
David Baker 93b0353581
MSC4183: Additional Error Codes for submitToken endpoint (#4183) 
* MSC4180: Additional Error Codes for submitToken endpoint

* Bah, markdown

* Line wrapping

* Typos

* Right MSC number

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>

* Rename

* Add http status code

* Apply suggestions from code review

Spelling / grammar fixes

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Word wrap

* Clearer wording

* clarify

* Clarify

* Add note about not reusing error code

* Clarify that we're taking about the submittoken api in requestToken

* spelling

* Clearer wording

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Add note on POST email submitToken api

and how it isn't really a thing in practice

* Hopefully make more clearer

* Apply same change to other submitToken endpoints

...from the other requestToken enpoints

Also try to further clarify the note about the largely unused POST email submitToken

* Remove stray lines, more clarifications & consistency fix

* clarify only c/s api

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Typos & clarity

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Clarify

---------

Co-authored-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 9 months ago
Tom Foster eb813af46d
MSC4133: Extending User Profile API with Key:Value Pairs (#4133) 
* Extended profile fields

* Unstable client features

* Clarification on limits

* Warning about avatar_url and displayname limits

* Error code clarification

* Whitespace fixes

* Adjusted size limits

* Clarified Canonical JSON

* Clarifications

* Clarifications

* Remove UTF-16

* Clarify key persistence

* Out of date line

* Clarify only `u.*` namespace is limited to 512 bytes

* Include read-only fields in capability

* Change missing capability behaviour

* Typo correction

* Privacy clarification for T&S

* Consolidation and rewrite

* Whitespace fix

* Safety and security updates

* Clarify servers can hide fields

* References to MSC4201 and MSC4202

* Clarify redacted `m.room.member` events

* Error codes and redundant instructions

* Removing custom fields

* Typo fix

* Clarifications and readability

* Correct key length error to match common grammar limit

* Remove PATCH/PUT.

* Removed redundant sections after `PUT` and `PATCH` methods removed

* Re-add client feature for managing profile fields

* Update proposals/4133-extended-profiles.md

Co-authored-by: Travis Ralston <travpc@gmail.com>

* Clarify 403 error scenarios

* Add section on caching behaviour under S-S API

* Link to Canonical JSON in current spec

* Cut down instructions for clients on when to display content from federated users.

* Revert c82dab67d1

* Clarify caching and freshness challenges

* Adjust abuse section

* Authentication/rate-limiting/guest access requirements

* Un-revert accidental revert of af87bbeb26

* Simplify caching recommendations

* Up to clients whether they check capability

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Technically correct is the best kind of correct

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Link to current federation profile endpoint

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Mention check for spec version when using profile fields

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Attempt to clarify what servers should not enforce about key naming

* Fix line wrapping after 9b2918e373

* Add `M_MISSING_PARAM` error

* Clarify where errors apply

* Clarify optional ability to not always federate every field

* Fix inconsistent line wrapping

* Offer suggestions for hiding extended fields when member event redacted

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Fix wrapping length of one line

---------

Co-authored-by: Patrick Cloke <patrickc@matrix.org>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 10 months ago
Travis Ralston 4c1cfb1125
MSC4239: Room version 11 as the default room version (#4239) 
* MSC: Room version 11 as the default room version

* s
 10 months ago
Johannes Marbach 03197edb69
MSC4213: Remove server_name parameter (#4213) 
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
 11 months ago
Hubert Chathi 51ebe01d75
MSC4147: Including device keys with Olm-encrypted events (#4147) 12 months ago
Richard van der Hoff 5370f489cd
MSC4225: Specification of an order in which one-time-keys should be issued (#4225) 
* Initial proposal

* edits

* typos

* Add impl note about dropping old keys
 12 months ago
David Teller aa7a3fc035
MSC3823: Account Suspension (#3823) 
* MSC: A code for account suspension

Signed-off-by: David Teller <davidt@element.io>

* WIP: Adding prefix

* Update proposals/3823-code-for-account-suspension.md

Co-authored-by: Travis Ralston <travpc@gmail.com>

* Apply suggestions from code review

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>

* Update for latest requirements

* Add list of permitted/forbidden actions
* Remove `href` from error code - this will be handled in a later MSC
* Match modern template

* Clarify MSC

* Clarify differences in locking vs suspension, and future scope

---------

Signed-off-by: David Teller <davidt@element.io>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>
Co-authored-by: Travis Ralston <travisr@matrix.org>
 1 year ago
DeepBlueV7.X 9deddd1558 MSC2781: Remove the reply fallbacks from the specification (#2781) 
* MSC2781: Down with the fallbacks

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add a note about dropping the html requirement

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add an unstable prefix for removed fallbacks.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add a section about fallbacks not being properly specified.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add appendix about which clients do not support replies (and why, if possible)

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Correct weechat status

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add another alternative

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Document a few more issues with fallbacks

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Update client status, remove proposal for edits and try to turn down the language a bit

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Remove mistaken reference to the Qt renderer

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Try to make motivation a bit clearer in the proposal

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* How do anchors work?

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Drop reference to issues with edit fallbacks

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Typos

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Address review comments

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* More edits

Move edit section to a single sentence in "interaction with other
features".

Spell out why the IRC example is there.

Reword body stripping.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Implementation traps

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Add dates to client status list

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Mention pushrules proposal in the alternatives section

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Update proposal to 2024

This also addresses several review comments from clokep and Travis.

* Be explicit about removal

* Apply suggestions from code review

Thanks dbkr, richvdh and clokep!

Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Update proposals/2781-down-with-the-fallbacks.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Simplify wording around invalid html and potential issues

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

---------

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 1 year ago
Richard van der Hoff 22c774de58 Revert "MSC3061: Sharing room keys for past messages (#3061)" 
This reverts commit 6a3ab1d64c.

Per https://matrix.org/blog/2024/10/security-disclosure-matrix-js-sdk-and-matrix-react-sdk/
and https://github.com/matrix-org/matrix-spec-proposals/pull/3061#issuecomment-2444845098,
we are removing the merged status of this PR.
 1 year ago
Travis Ralston b76697ed1a spelling 1 year ago
Sorunome c1fc612e86 MSC2409: Proposal to send EDUs to appservices (#2409) 
* Initial proposal commit

* Add body of proposal

* rename file

* finish up MSC

* address issues

* change key names and add unstable prefix

* Clarifications; to-device handling

* It's not exactly like sync

* Move to-device messages

* Copy edu_type behaviour

* Add full transaction example

* Add implementation notes for to-device cleanup

* Use type instead of edu_type to match realities of implementations

* Add note to say ephemeral can be omitted.

* Improve wording on why we use a seperate array.

Co-authored-by: Kevin Cox <kevincox@kevincox.ca>

* push_ephemeral -> receive_ephemeral

* Fix some typos and clarify EDU room association

* Clarify EDU formatting

* Explicitly list all event types

* Delete to-device events

to be moved to a new MSC

* Update spec link and fix typo

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Add private read receipt rules

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Wrap lines

* Apply suggestions from code review

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Explicitly mention to-device events are not here

* Mention the possibility of more granular filtering

---------

Co-authored-by: Will Hunt <will@half-shot.uk>
Co-authored-by: Travis Ralston <travisr@matrix.org>
Co-authored-by: Kevin Cox <kevincox@kevincox.ca>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 1 year ago
Johannes Marbach 6b10266b14
MSC4170: 403 error responses for profile APIs (#4170) 
Relates to matrix-org/matrix-spec#1867

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
 1 year ago