Commit Graph

125 Commits (6a3cf10be9bf40f9ceb3abf9c8228447fa337634)

Author SHA1 Message Date
Hubert Chathi 6a3cf10be9 Merge remote-tracking branch 'origin/master' into well-known 6 years ago
Hubert Chathi 292d334509
document new login identifier object (#1390) 6 years ago
Ben Parsons 07aeaadef9 update links which used to point to docs/spec/intro 6 years ago
Travis Ralston 423d5593f5 Generify how OPTIONS and CORS are handled 6 years ago
Hubert Chathi ce1e2c0904 incorporate feedback from reviewers 6 years ago
Travis Ralston 0779d81e52 Clarify which requests should have CORS headers
Spoilers: all of them.
6 years ago
Travis Ralston 4ca54404fa Document the CORS/preflight headers
Fixes https://github.com/matrix-org/matrix-doc/issues/1006
6 years ago
Hubert Chathi 0dd330962d initial draft of .well-known discovery 6 years ago
Andrew Morgan cd26c170de Specify token used in /login is not an Access Token (#1155)
* Specify token used in /login is not an Access Token

While working through the implementation of /login in Dendrite, it was
confusing what the contents of the token attribute in the login request
body referred to. Initially, I thought it was an access token, which led
to further confusion. This commit explicitly states that the token is a
login token, which is separate from an access token, hopefully reducing
confusion for future readers.

Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
7 years ago
Michael Telatynski 4d90d2b495
fix depr link 7 years ago
Nathan Musoke 7e94cd5a0b
Typo in client-server spec: ether -> either 7 years ago
Michael Telatynski 784adade9b
changes based on Pull Request feedback 7 years ago
Michael Telatynski 3d8fe6e090
merge profiles with user directory into user data, also fix typo 7 years ago
Michael Telatynski 97445195f6
add user_directory 7 years ago
Richard van der Hoff e9c1b87a1d Remove `git log` reference
We keep the changelog up to date anyway, so there's not much point in trying to
get people to use `git log`
7 years ago
Richard van der Hoff 0ce58fdb28 Prepare for next spec dev cycle 7 years ago
Travis Ralston b1801ea6db Spec /account/whoami
Signed-off-by: Travis Ralston <travpc@gmail.com>
7 years ago
Michael Telatynski c2b1b7a10e
mention that we can send tokens via headers 7 years ago
Richard van der Hoff 6b23b7fc0b Merge branch 'client_server/r0.2.0_updates' 7 years ago
Richard van der Hoff b94c4a9f36 Sneaky update to 0.2.0 spec to link unstable
This doesn't count as a spec release, right??
7 years ago
Richard van der Hoff a8afbfd27d Avoid external link in search swagger 7 years ago
Michael Telatynski bf3b49f13c document joined_members and joined_rooms endpoints (#999) 7 years ago
Richard van der Hoff 1e3f5683c8 Make clear that the /sync timeout is zero by default 7 years ago
Brendan Abolivier 750d980bc0 Room member (#950)
* Fixed an incorrect membership on example
* Added precision on membership upon profile update
* Changed first example into a join
* Changed the state/{eventType}/{stateKey} example with an actual state key
7 years ago
Richard van der Hoff da6938b818 Key management APIs (#894)
Spec the e2e key-management APIs.
8 years ago
Richard van der Hoff 8a9629167a httpsify the speculator link 8 years ago
Richard van der Hoff 461bfdb0d8 Merge branch 'master' into rav/device_management 8 years ago
Richard van der Hoff 22777970da Fix speculator link
the link to the 'latest version' was broken
8 years ago
Richard van der Hoff 9265b03008 Client device doc
Document client devices, and the mods to the login and register apis to support
them.
8 years ago
Richard van der Hoff cbc5774ade JSON key names also use underscores. 8 years ago
Richard van der Hoff 8523af1385 Document convention of using underscores in APIs
Everybody has agreed to it. Now we just have to remember to do it.
8 years ago
Richard van der Hoff 6c88d698ae uia fallback example: check event origin 8 years ago
Richard van der Hoff e850fd718d window.postmessage for Interactive Auth fallback
Require that User-Interactive auth fallback pages call
`window.postMessage` to notify apps of completion.
8 years ago
Richard van der Hoff 909aef2b18 Merge pull request #389 from matrix-org/erikj/create_room_is_direct
Spec /createRoom is_direct flag, is_direct in member event and m.direct
8 years ago
David Baker 301595c071 Linkify account_data API
Also change other links because it turns out the .. isn't part
of the syntax
8 years ago
David Baker 2a987c3369 Linkify endpoints properly 8 years ago
Richard van der Hoff a8d35b2409 UI Auth: servers should 401 when a request fails
(ref https://matrix.org/jira/browse/SYN-744)
8 years ago
Richard van der Hoff 37fb1ceb65 Merge pull request #395 from matrix-org/rav/kill_refresh_tokens
Remove references to refresh tokens and tokenrefresh
8 years ago
Richard van der Hoff f4c7fdfd03 Remove references to refresh tokens and tokenrefresh
refresh tokens are dead.
8 years ago
Richard van der Hoff ebaaa7e3b3 Review feedback
* store-and-forward -> send-to-device
* describe motivation
* device ids are 10 capital chars
* etc
8 years ago
Benjamin Saunders cade909e25 Fix inconsistencies regarding redacted_because
Signed-off-by: Benjamin Saunders <ben.e.saunders@gmail.com>
8 years ago
Benjamin Saunders 77b668a5dc Fix some obsolete uses of user_id key in events
Signed-off-by: Benjamin Saunders <ben.e.saunders@gmail.com>
8 years ago
Richard van der Hoff 2fa7aac3be Merge pull request #377 from Ralith/typos
Fix typo
8 years ago
Benjamin Saunders 80bfbbdd33 Fix typo
Signed-off-by: Benjamin Saunders <ben.e.saunders@gmail.com>
8 years ago
Richard van der Hoff c51c4acf7f Clarifications to authentication mechanisms
* Make the purpose of the `auth` key in /register requests explicit, and say
  that it should be empty at first.

* Restructure the UA-auth section a bit.

* In the UA-auth section, say that clients should submit no `auth` to start
  with, and add 'Stage 0' representing  this to the example.

* s/{stage,login} type/authentication type/ in the UA-auth section. Seems
   clearer to me.

* Try to distinguish the example responses from the example requests by giving
  an HTTP header.
8 years ago
Richard van der Hoff 0248afe6ac login with invalid token gives a 403 8 years ago
Richard van der Hoff 1f1dfdd91c More clarifications 8 years ago
Richard van der Hoff 41368dc5a7 document CAS login
Following the spirit of "document how it is, not how we wish it was", document
the CAS login bits.
8 years ago
Richard van der Hoff ec20f15407 /tokenrefresh should expire the access token
It's possible for clients to call /tokenrefresh before the access_token has
expired, potentially leading to a proliferation of valid access_tokens.
8 years ago
Richard van der Hoff 2370a4c970 Spell out the state algorithm for createRoom
Fixes https://matrix.org/jira/browse/SPEC-429.

Synapse currently follows the specified ordering, but does *not* give the
specified error when the state is invalid (instead it creates the room anyway
but gives a 403 M_FORBIDDEN). Still, I don't think that should be a real
problem for any real clients, and nothing would break if we changed this in
synapse, so it might as well go in the spec anyway.
8 years ago