archive
/
matrix-spec
mirror of https://github.com/matrix-org/matrix-spec
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Spec device ID masquerading

Browse Source
pull/2221/head
Travis Ralston 2 months ago
parent 0a649cb0db
commit 83da144a7b
4 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File

1
changelogs/application_service/newsfragments/2221.feature
Unescape Escape View File

@ -0,0 +1 @@
Allow application services to masquerade as specific devices belonging to users, as per [MSC4326](https://github.com/matrix-org/matrix-spec-proposals/pull/4326).

1
changelogs/client_server/newsfragments/2221.feature
Unescape Escape View File

@ -0,0 +1 @@
Allow application services to masquerade as specific devices belonging to users, as per [MSC4326](https://github.com/matrix-org/matrix-spec-proposals/pull/4326).

13
content/application-service-api.md
Unescape Escape View File

@ -356,6 +356,7 @@ service would like to masquerade as.
Inputs: Inputs:
- Application service token (`as_token`) - Application service token (`as_token`)
- User ID in the AS namespace to act as. - User ID in the AS namespace to act as.
- Device ID belonging to the User ID to act with.
Notes: Notes:
- This applies to all aspects of the Client-Server API, except for - This applies to all aspects of the Client-Server API, except for
@ -375,9 +376,19 @@ service's `user` namespaces. If the parameter is missing, the homeserver
is to assume the application service intends to act as the user implied is to assume the application service intends to act as the user implied
by the `sender_localpart` property of the registration. by the `sender_localpart` property of the registration.
{{% added-in v="1.17" %}} Application services MAY similarly masquerade
as a specific device ID belonging the user ID through use of the `device_id`
query string parameter on the request. If the given device ID is not known
to belong to the user, the server will return a 400 `M_UNKNOWN_DEVICE` error.
If no `user_id` is supplied, the `device_id` MUST belong to the user implied
by the `sender_localpart` property of the application service's registration.
If no `device_id` is supplied, the homeserver is to assume the request is
being made without a device ID and will fail to complete operations which
require a device ID (such as uploading one-time keys).
An example request would be: An example request would be:
GET /_matrix/client/v3/account/whoami?user_id=@_irc_user:example.org GET /_matrix/client/v3/account/whoami?user_id=@_irc_user:example.org&device_id=ABC123
Authorization: Bearer YourApplicationServiceTokenHere Authorization: Bearer YourApplicationServiceTokenHere
#### Timestamp massaging #### Timestamp massaging

4
content/client-server-api/_index.md
Unescape Escape View File

@ -132,6 +132,10 @@ The server did not understand the request. This is expected to be returned with
a 404 HTTP status code if the endpoint is not implemented or a 405 HTTP status a 404 HTTP status code if the endpoint is not implemented or a 405 HTTP status
code if the endpoint is implemented, but the incorrect HTTP method is used. code if the endpoint is implemented, but the incorrect HTTP method is used.
`M_UNKNOWN_DEVICE`
{{% added-in v="1.17" %}} The device ID supplied by the application service does
not belong to the user ID during [identity assertion](/application-service-api/#identity-assertion).
`M_UNKNOWN` `M_UNKNOWN`
An unknown error has occurred. An unknown error has occurred.

Write Preview
Loading…
Cancel
Save