Proposals for changes to the matrix specification
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Go to file
Callum Brown fa3f71f8c0
MSC3231: Token authenticated registration (#3231)
* Proposal for token authenticated registration

Signed-off-by: Callum Brown <callum@calcuode.com>

* Hard-wrap lines

Signed-off-by: Callum Brown <callum@calcuode.com>

* Link to released version of spec

Signed-off-by: Callum Brown <callum@calcuode.com>

* Fix unstable prefix wording

Signed-off-by: Callum Brown <callum@calcuode.com>

* Tokens should only be invalidated after registration

Signed-off-by: Callum Brown <callum@calcuode.com>

* Change auth type to m.login.registration_token

This is consistent with the other UIAA auth types, and does not suggest
that other `m.login.*` types cannot be used for registration.

Signed-off-by: Callum Brown <callum@calcuode.com>

* Add proposal for checking the validity of a token

Signed-off-by: Callum Brown <callum@calcuode.com>

* Fix validity checking endpoint

Signed-off-by: Callum Brown <callum@calcuode.com>

* Limit allowed characters and length of token

This allows tokens to be used easily in query parameters

Signed-off-by: Callum Brown <callum@calcuode.com>

* Give reason for limiting token length and chars

Signed-off-by: Callum Brown <callum@calcuode.com>

* Note all stages must be complete for registration

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

* Fix mistake in MSC number

Signed-off-by: Callum Brown <callum@calcuode.com>

* Validity checking should be rate limited

Signed-off-by: Callum Brown <callum@calcuode.com>

* Change v1 to r0

Signed-off-by: Callum Brown <callum@calcuode.com>

* Include `.` and `~` in allowed characters for registration tokens

For consistency with the unreserved URL characters in RFC3986

https://www.ietf.org/rfc/rfc3986.html#section-2.3

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
3 years ago
.buildkite Cut out legacy build scripts 4 years ago
.circleci Cut out legacy build scripts 4 years ago
.github Update idea.md 4 years ago
assets-hugo Fix sidebar overlap for small width devices 3 years ago
attic Move drafts to attic to reduce confusion 4 years ago
changelogs Tweak PDU diagram demonstrating `prev_events`. (#3340) 3 years ago
content Tweak PDU diagram demonstrating `prev_events`. (#3340) 3 years ago
data Fix two links on the CS API page 3 years ago
data-definitions Update i18n 4 years ago
informal Apply suggestions from code review 4 years ago
layouts Use `changelogs/release.yaml` for the version number source everywhere (#3310) 3 years ago
meta Update documentation_style.rst (#3352) 3 years ago
proposals MSC3231: Token authenticated registration (#3231) 3 years ago
scripts Fix event schema examples too 4 years ago
static Add knocking to the spec 4 years ago
themes Opt for serving new spec JS/CSS dependencies locally instead of downloading from CDNs (#3036) 4 years ago
.gitignore Rewrite readme and update contributor docs 4 years ago
.gitmodules Opt for serving new spec JS/CSS dependencies locally instead of downloading from CDNs (#3036) 4 years ago
CONTRIBUTING.rst Switch code formatting note about changelogs from RST to MD (#3103) 4 years ago
LICENSE Add a license to the spec 8 years ago
README.md Notes on how to use `hugo` from docker (#3349) 3 years ago
config-circleci.toml Update CircleCI and Buildkite configs to build the new spec (#3017) 4 years ago
config.toml Use `changelogs/release.yaml` for the version number source everywhere (#3310) 3 years ago
openapi_extensions.md Restore docs describing OpenAPI extensions that we use 4 years ago
package-lock.json Bump postcss from 7.0.32 to 7.0.36 3 years ago
package.json Support rendering of proposal tables 4 years ago
pyproject.toml goodbye legacy config 4 years ago

README.md

Matrix Specification

This repository contains the Matrix Specification, rendered at spec.matrix.org.

Developers looking to use Matrix should join #matrix-dev:matrix.org on Matrix for help.

Spec authors and proposal writers are welcome to join #matrix-spec:matrix.org. We welcome contributions! See CONTRIBUTING.rst for details.

Structure

The Matrix spec is compiled with Hugo (a static site generator) with the following structure:

  • /assets: assets that need postprocessing using Hugo Pipes. For example, Sass files would go here.

  • /content: files that will become pages in the site go here. Typically these are Markdown files with some YAML front matter indicating, among other things, what layout should be applied to this page. The organization of files under /content determines the organization of pages in the built site.

  • /data: this can contain TOML, YAML, or JSON files. Files kept here are directly available to template code as data objects, so templates don't need to load them from a file and parse them. This is also where our Swagger/OpenAPI definitions and schemas are.

  • /layouts: this contains Hugo templates. Some templates define the overall layout of a page: for example, whether it has header, footer, sidebar, and so on.

    • /layouts/partials: these templates can be called from other templates, so they can be used to factor out template code that's used in more than one template. An obvious example here is something like a sidebar, where several different page layouts might all include the sidebar. But also, partial templates can return values: this means they can be used like functions, that can be called by multiple templates to do some common processing.
    • /layouts/shortcodes: these templates can be called directly from files in /content.
  • /static: static files which don't need preprocessing. JS or CSS files could live here.

  • /themes: you can use just Hugo or use it with a theme. Themes primarily provide additional templates, which are supplied in a /themes/$theme_name/layouts directory. You can use a theme but customise it by providing your own versions of any of the theme layouts in the base /layouts directory. That is, if a theme provides /themes/$theme_name/layouts/sidebar.html and you provide /layouts/sidebar.html, then your version of the template will be used.

It also has the following top-level file:

  • config.toml: site-wide configuration settings. Some of these are built-in and you can add your own. Config settings defined here are available in templates. All these directories above are configurable via config.toml settings.

Additionally, the following directories may be of interest:

  • /attic: Here contains historical sections of specification and legacy drafts for the specification.
  • /changelogs: Various bits of changelog for the specification areas.
  • /data-definitions: Bits of structured data consumable by Matrix implementations.
  • /meta: Documentation relating to the spec's processes that are otherwise untracked (release instructions, etc).
  • /scripts: Various scripts for generating the spec and validating its contents.
  • /proposals: Matrix Spec Change (MSC) proposals. See https://spec.matrix.org/unstable/proposals/.

Authoring changes to the spec

Please read CONTRIBUTING.rst before authoring a change to the spec. Note that spec authoring takes place after an MSC has been accepted, not as part of a proposal itself.

  1. Install the extended version (often the OS default) of Hugo: https://gohugo.io/getting-started/installing. Note that at least Hugo v0.74 is required.

    Alternatively, use the Docker image at https://hub.docker.com/r/klakegg/hugo/.

  2. Run git submodule update --init --recursive for good measure.

  3. Run npm i to install the dependencies. Note that this will require NodeJS to be installed.

  4. Run npm run get-proposals to seed proposal data. This is merely for populating the content of the "Spec Change Proposals" page and is not required.

  5. Run hugo serve (or docker run --rm -it -v $(pwd):/src -p 1313:1313 klakegg/hugo serve) to run a local webserver which builds whenever a file change is detected. If watching doesn't appear to be working for you, try adding --disableFastRender to the commandline.

  6. Edit the specification 🙂

We use a highly customized Docsy theme for our generated site, which uses Bootstrap and Font Awesome. If you're looking at making design-related changes to the spec site, please coordinate with us in #matrix-docs:matrix.org before opening a PR.

Building the specification

If for some reason you're not a CI/CD system and want to render a static version of the spec for yourself, follow the above steps for authoring changes to the specification and instead of hugo serve run hugo -d "spec" - this will generate the spec to /spec. If you'd like to serve the spec off a path instead of a domain root (eg: /unstable), add --baseURL "/unstable" to the hugo -d "spec" command.

For building the swagger definitions, create a python3 virtualenv and activate it. Then run pip install -r ./scripts/requirements.txt and finally python ./scripts/dump-swagger.py to generate it to ./scripts/swagger/api-docs.json. To make use of the generated file, there are a number of options:

Issue tracking

Specification issues are tracked on github at https://github.com/matrix-org/matrix-doc/issues.

See meta/github-labels.rst for information on what the labels mean.