From 4278cd56a40f4d81037dbba033e7a19af1c2f42c Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Sun, 27 May 2018 11:45:36 -0600 Subject: [PATCH 1/7] Document /logout/all Fixes https://github.com/matrix-org/matrix-doc/issues/700 Signed-off-by: Travis Ralston --- api/client-server/logout.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/api/client-server/logout.yaml b/api/client-server/logout.yaml index 3a2f71e9..2dfd6d97 100644 --- a/api/client-server/logout.yaml +++ b/api/client-server/logout.yaml @@ -44,3 +44,26 @@ paths: properties: {} tags: - Session management + "/logout/all": + post: + summary: Invalidates all access tokens for a user + description: |- + Invalidates all access tokens for a user, so that they can no longer be used for + authorization. This includes the access token that made this request. + + This endpoint does not require UI authorization because UI authorization is + designed to protect against attacks where the someone gets hold of a single access + token then takes over the account. This endpoint invalidates all access tokens for + the user, including the token used in the request, and therefore the attacker is + unable to take over the account in this way. + operationId: logout_all + security: + - accessToken: [] + responses: + 200: + description: The user's access tokens were succesfully invalidated. + schema: + type: object + properties: {} + tags: + - Session management From 59ea10b84282dba6dd8d1af0412716d218bd6d04 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Sun, 27 May 2018 11:47:28 -0600 Subject: [PATCH 2/7] Add changelog entry for /logout/all Signed-off-by: Travis Ralston --- changelogs/client_server.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/changelogs/client_server.rst b/changelogs/client_server.rst index 3c4fbffa..9833662e 100644 --- a/changelogs/client_server.rst +++ b/changelogs/client_server.rst @@ -48,6 +48,8 @@ Unreleased changes (`#1142 `_). - Add the ``/register/available`` endpoint for username availability (`#1151 `_). + - Document ``/logout/all`` endpoint + (`#1263 `_). r0.3.0 ====== From 34090b24c432ce4b94da59884e3e136db1aa8013 Mon Sep 17 00:00:00 2001 From: Ben Parsons Date: Tue, 29 May 2018 14:19:03 +0100 Subject: [PATCH 3/7] prepare proposals.py for CI --- scripts/proposals.py | 4 ++-- specification/proposals.rst | 12 ++++++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/scripts/proposals.py b/scripts/proposals.py index a84804a7..33fa6416 100644 --- a/scripts/proposals.py +++ b/scripts/proposals.py @@ -11,7 +11,7 @@ authors = set() prs = set() def getpage(url, page): - resp = requests.get(url + str(page)) + resp = requests.get(url + str(page), auth=('benparsons', '99fbc9df2d75a18b5ac7f24e326e4de548b06172')) for link in resp.links.values(): if link['rel'] == 'last': @@ -100,7 +100,7 @@ for label in labels: text_file.write(" - " + updated.strftime('%Y-%m-%d') + "\n") # list of document links (urls comma-separated) - maindoc = re.search('^Documentation: (.+?)\n', str(item['body'])) + maindoc = re.search('^Documentation: (.+?)$', str(item['body']), flags=re.MULTILINE) if maindoc is not None: maindoc = maindoc.group(1) doc_list_formatted = ["`" + str(item['number']) + "-" + str(i) + " <" + x.strip() + ">`_" for i, x in enumerate(maindoc.split(','),1)] diff --git a/specification/proposals.rst b/specification/proposals.rst index 80d1ce0f..a19d820f 100644 --- a/specification/proposals.rst +++ b/specification/proposals.rst @@ -140,7 +140,7 @@ proposal-wip * - `MSC1222 `_ - Pushing updates about Groups (Communities) to clients - 2018-01-02 - - 2018-05-15 + - 2018-05-24 - `1222-1 `_ - `@ara4n`_ - None @@ -156,7 +156,7 @@ proposal-wip * - `MSC1227 `_ - Proposal for lazy-loading room members to improve initial sync speed and client RAM usage - 2018-03-05 - - 2018-05-15 + - 2018-05-28 - `1227-1 `_ - `@ara4n`_ - None @@ -185,6 +185,14 @@ proposal-wip - `@neilisfragile`_ - None - + * - `MSC1267 `_ + - Interactive Key Verification + - 2018-05-28 + - 2018-05-28 + - `1267-1 `_ + - `@uhoreg`_ + - None + - From 7a82a5d4279f47560258b389433c7835bb919b67 Mon Sep 17 00:00:00 2001 From: Ben Parsons Date: Tue, 29 May 2018 14:20:48 +0100 Subject: [PATCH 4/7] correct proposals.py --- scripts/proposals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/proposals.py b/scripts/proposals.py index 33fa6416..5bbe3d08 100644 --- a/scripts/proposals.py +++ b/scripts/proposals.py @@ -11,7 +11,7 @@ authors = set() prs = set() def getpage(url, page): - resp = requests.get(url + str(page), auth=('benparsons', '99fbc9df2d75a18b5ac7f24e326e4de548b06172')) + resp = requests.get(url + str(page)) for link in resp.links.values(): if link['rel'] == 'last': From 419bf1e52cd5dabc1428df7365ee77e726718190 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Wed, 30 May 2018 09:42:56 +0100 Subject: [PATCH 5/7] Fix continuserv instructions As per f04b17f1c90df655771aa53e71900329cccd1378 Also dedup continuserv readme --- README.rst | 10 +++++----- scripts/continuserv/README | 6 ------ scripts/continuserv/README.md | 3 +++ 3 files changed, 8 insertions(+), 11 deletions(-) delete mode 100644 scripts/continuserv/README create mode 100644 scripts/continuserv/README.md diff --git a/README.rst b/README.rst index 76f4ad55..6c87201c 100644 --- a/README.rst +++ b/README.rst @@ -68,10 +68,10 @@ Windows users ~~~~~~~~~~~~~ If you're on Windows Vista or higher, be sure that the "Symbolic Links" -option was selected when installing Git prior to cloning this repository. If -you're still seeing errors about files not being found it is likely because -the symlink at ``api/client-server/definitions/event-schemas`` looks like a -file. To correct the problem, open an Administrative/Elevated shell in your +option was selected when installing Git prior to cloning this repository. If +you're still seeing errors about files not being found it is likely because +the symlink at ``api/client-server/definitions/event-schemas`` looks like a +file. To correct the problem, open an Administrative/Elevated shell in your cloned matrix-doc directory and run the following:: cd api\client-server\definitions @@ -121,7 +121,7 @@ changes. It is written in Go, so you will need the ``go`` compiler installed on your computer. You will also need to install fsnotify by running:: - go get gopkg.in/fsnotify.v1 + go get gopkg.in/fsnotify/fsnotify.v1 Then, create a virtualenv as described above under `Preparation`_, and:: diff --git a/scripts/continuserv/README b/scripts/continuserv/README deleted file mode 100644 index edb9aef4..00000000 --- a/scripts/continuserv/README +++ /dev/null @@ -1,6 +0,0 @@ -continuserv proactively re-generates the spec on filesystem changes, and serves it over HTTP. - -To run it, you must install the `go` tool. You will also need to install fsnotify by running: - `go get gopkg.in/fsnotify/fsnotify.v1` -You can then run continuserv by running: - `go run main.go` diff --git a/scripts/continuserv/README.md b/scripts/continuserv/README.md new file mode 100644 index 00000000..40321bb6 --- /dev/null +++ b/scripts/continuserv/README.md @@ -0,0 +1,3 @@ +continuserv proactively re-generates the spec on filesystem changes, and serves +it over HTTP. For notes on using it, see [the main +readme](../../README.rst#continuserv). From cb00fc35abfb53429f0f495cde58d207c3be4bff Mon Sep 17 00:00:00 2001 From: Ben Parsons Date: Thu, 31 May 2018 15:54:23 +0100 Subject: [PATCH 6/7] git checkout master --- scripts/proposals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/proposals.py b/scripts/proposals.py index 5bbe3d08..241b0708 100644 --- a/scripts/proposals.py +++ b/scripts/proposals.py @@ -22,7 +22,7 @@ def getpage(url, page): def getbylabel(label): pagecount = 1 json = list() - urlbase = 'https://api.github.com/repos/matrix-org/matrix-doc/issues?state=open&labels=' + label + '&page=' + urlbase = 'https://api.github.com/repos/matrix-org/matrix-doc/issues?state=all&labels=' + label + '&page=' print(urlbase) json.extend(getpage(urlbase, 1)) for page in range(2, int(pagecount) + 1): From 7a44351a34f8b1fb7d08dfd498f162e2d4c3f83d Mon Sep 17 00:00:00 2001 From: Ben Parsons Date: Thu, 31 May 2018 16:13:31 +0100 Subject: [PATCH 7/7] update following rvdh spec blitz --- specification/proposals.rst | 121 +++++++++++++++++++++++++----------- 1 file changed, 85 insertions(+), 36 deletions(-) diff --git a/specification/proposals.rst b/specification/proposals.rst index a19d820f..636877ff 100644 --- a/specification/proposals.rst +++ b/specification/proposals.rst @@ -68,7 +68,7 @@ proposal-wip * - `MSC1207 `_ - Publishing Room Lists for 3rd party networks - 2016-10-21 - - 2018-05-15 + - 2018-05-31 - `1207-1 `_ - `@erikjohnston`_ - None @@ -212,14 +212,6 @@ proposal-ready-for-review - Author - Shepherd - PRs - * - `MSC1183 `_ - - Document key-share requests - - 2018-04-30 - - 2018-05-15 - - `1183-1 `_ - - `@richvdh`_ - - None - - * - `MSC1232 `_ - Media limits API - 2018-05-04 @@ -236,6 +228,14 @@ proposal-ready-for-review - `@turt2live`_ - None - + * - `MSC1270 `_ + - Synapse /_matrix/media/v1/resolve_url to API download and preview urls in the clients despite on CORS + - 2018-05-31 + - 2018-05-31 + - `1270-1 `_ + - `@oivoodoo`_ + - None + - @@ -333,6 +333,14 @@ spec-pr-missing - Author - Shepherd - PRs + * - `MSC1200 `_ + - Configuration of E2E encryption in a room + - 2016-06-16 + - 2018-05-31 + - `1200-1 `_ + - `@richvdh`_ + - None + - * - `MSC1201 `_ - Device Management API - 2016-07-14 @@ -429,14 +437,22 @@ spec-pr-missing - `@lukebarnard1`_ - None - - * - `MSC1216 `_ - - @room notification proposal + * - `MSC1033 `_ + - Doc @room notifications - 2017-10-23 - - 2018-05-15 - - `1216-1 `_ + - 2018-05-31 + - - `@dbkr`_ - None - - `PR#1176`_ + - + * - `MSC1183 `_ + - Document key-share requests + - 2018-04-30 + - 2018-05-31 + - `1183-1 `_ + - `@richvdh`_ + - None + - * - `MSC1230 `_ - Temporary mitigation for depth parameter abuse - 2018-05-01 @@ -472,6 +488,14 @@ merged - Author - Shepherd - PRs + * - `MSC1197 `_ + - Ignoring Users + - 2016-05-03 + - 2018-05-18 + - `1197-1 `_ + - `@erikjohnston`_ + - None + - `PR#1142`_ * - `MSC1199 `_ - Notifications API - 2016-05-23 @@ -480,14 +504,6 @@ merged - `@dbkr`_ - None - - * - `MSC1200 `_ - - Configuration of E2E encryption in a room - - 2016-06-16 - - 2018-05-15 - - `1200-1 `_ - - `@richvdh`_ - - None - - * - `MSC1204 `_ - Access Token Semantics (refresh and macaroons) - aka Auth Sept 2016 Edition - 2016-09-29 @@ -496,6 +512,14 @@ merged - `@richvdh`_ - None - + * - `MSC953 `_ + - Add /user_directory/search API + - 2017-05-31 + - 2018-05-10 + - `953-1 `_ + - `@erikjohnston`_ + - None + - * - `MSC1233 `_ - A proposal for organising spec proposals - 2018-05-10 @@ -574,6 +598,22 @@ obsolete - Author - Shepherd - PRs + * - `MSC1223 `_ + - Replies event format + - 2018-02-01 + - 2018-05-15 + - `1223-1 `_ + - `@t3chguy`_ + - None + - + * - `MSC1224 `_ + - Replies - next steps + - 2018-02-03 + - 2018-05-15 + - `1224-1 `_ + - `@t3chguy`_ + - None + - * - `MSC1235 `_ - Proposal for Calendar Events - 2018-02-06 @@ -582,34 +622,43 @@ obsolete - `@Half-Shot`_ - None - + * - `MSC1220 `_ + - Rich quoting proposal + - 2018-05-10 + - 2018-05-15 + - `1220-1 `_ + - `@t3chguy`_ + - None + - +.. _@rxl881: https://github.com/rxl881 +.. _@psaavedra: https://github.com/psaavedra +.. _@erikjohnston: https://github.com/erikjohnston .. _@t3chguy: https://github.com/t3chguy +.. _@Kegsay: https://github.com/Kegsay .. _@KitsuneRal: https://github.com/KitsuneRal -.. _@pik: https://github.com/pik .. _@leonerd: https://github.com/leonerd .. _@turt2live: https://github.com/turt2live -.. _@erikjohnston: https://github.com/erikjohnston -.. _@neilisfragile: https://github.com/neilisfragile -.. _@psaavedra: https://github.com/psaavedra -.. _@richvdh: https://github.com/richvdh -.. _@NegativeMjark: https://github.com/NegativeMjark .. _@ara4n: https://github.com/ara4n -.. _@lukebarnard1: https://github.com/lukebarnard1 -.. _@lampholder: https://github.com/lampholder -.. _@dbkr: https://github.com/dbkr .. _@maxidor: https://github.com/maxidor -.. _others: https://github.com/thers -.. _@rxl881: https://github.com/rxl881 .. _@uhoreg: https://github.com/uhoreg -.. _@Kegsay: https://github.com/Kegsay +.. _@pik: https://github.com/pik +.. _@neilisfragile: https://github.com/neilisfragile +.. _@lukebarnard1: https://github.com/lukebarnard1 +.. _others: https://github.com/thers .. _@Half-Shot: https://github.com/Half-Shot .. _@aviraldg: https://github.com/aviraldg +.. _@oivoodoo: https://github.com/oivoodoo +.. _@richvdh: https://github.com/richvdh +.. _@NegativeMjark: https://github.com/NegativeMjark +.. _@lampholder: https://github.com/lampholder +.. _@dbkr: https://github.com/dbkr .. _PR#310: https://github.com/matrix-org/matrix-doc/pull/310 +.. _PR#1142: https://github.com/matrix-org/matrix-doc/pull/1142 .. _PR#1240: https://github.com/matrix-org/matrix-doc/pull/1240 .. _PR#1189: https://github.com/matrix-org/matrix-doc/pull/1189 -.. _PR#919: https://github.com/matrix-org/matrix-doc/pull/919 -.. _PR#1176: https://github.com/matrix-org/matrix-doc/pull/1176 \ No newline at end of file +.. _PR#919: https://github.com/matrix-org/matrix-doc/pull/919 \ No newline at end of file