* Clarify that SSO login applies to the legacy authentication API
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Do not point to specific authentication API for obtaining access token
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add warnings about incompatibility with OAuth 2.0 to endpoints that use UIA
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add note about API standards not applying to OAuth 2.0
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Apply suggestions from code review
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Currently, the example for `ExportedSessionData` is missing values for
`room_id` and `session_id`.
Move the example field values for `KeyBackupSessionData` into the field
definitions, so that an example for the object as a whole is built
automatically, and when we extend it to form `ExportedSessionData` the
explicit example does not override the more complete autogenerated one.
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Kim Brose <2803622+HarHarLinks@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Include method in all API endpoint children's IDs
Avoids duplicate IDs for object of endpoints
that use the same path but a different method.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate API endpoints' request and response children's IDs
Ensures that the objects have a unique ID compared to other parts of the endpoint.
Mostly useful for the Error type that can be used for responses with different status codes.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate the names of both SessionData formats
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* C2S: Deprecate now-legacy endpoints
* C2S: Fix MXC URI code block while we're here
* C2S: Describe the authentication and deprecation requirements
* C2S: Intro the upload/download endpoints differently
* C2S: Literally copy/paste the `content-repo.yaml` spec
* C2S: Drop `/upload` and `/create` because we aren't replacing them today
* C2S: Fix notes while we're here
* C2S: Update metadata for new endpoints
* C2S: Add authentication to new endpoints
* C2S: Drop `allow_remote` and `allow_redirect` on new endpoints
* C2S: Append backwards compatibility notes
* C2S: Decorate old media endpoints with pointers to the new ones
The server-server spec might have a harder time linking to these, but that can be fixed with verbiage.
* C2S: Annotate IdP icon spec with media auth implications
* S2S: Modernize section text
* S2S: Create content repository API
This is largely a copy/paste of the new authed content repo API in the Client-Server API, though some keywords (like "client") have been changed. Paths and response formats have also been changed to support the federation-specific requirements.
* C2S & S2S: Add plethora of changelogs
* Reference RFC 1341
* Upgrade keywords in changed text
* Mention caching
* Cross-reference IdP icons
* Update content/client-server-api/modules/content_repo.md
This was commented prior to the
port to OpenAPI 3.1 for technical reasons (#1127).
Now we can use it just fine.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
Since we already have three of these, and I'm about to add a fourth, let's pull
it out to a common definition.
We could, of course, keep defining the grammar each time it's used, but
defining it in an appendix helps us be consistent for future API design.
* "MXC URI" -> "`mxc://` URI"
We're a bit inconsistent with this currently, and IMHO "`mxc://` URI" is more
explicit.
* Update content/client-server-api/modules/content_repo.md
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* more MXCs
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Add information on MSC3758: event_property_is.
* Add information on MSC3966: event_property_contains.
* Add information on MSC3873 dotted-path escape rules.
* Newsfragment
* Update sync filter with ref to appendix.
* Escape example key.
* Fix typos.
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Fix links.
* Clarify the appendix a bit.
* Clarify support values.
* Add MSC3980 to changelog.
---------
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* `cross_signing_key.yaml`: the parameter documentation already restricts the number of properties
* `receipts.yaml`: use `maxProperties: 0` to say the object is empty (the comment is still there but is not really needed any more)
Signed-off-by: Alexey Rusakov <Kitsune.Ral@users.sf.net>
This strives to fix all remaining cases where additional attributes
(most often 'description' but not only) are provided next to $ref
by wrapping $ref in allOf; and also drops allOf in a couple of places
where $ref is the only element under it.
* Spec MSC3771: Threaded read receipts
Note: this builds on a (as of writing) non-existent "threading" section, which is part of a different commit.
* Spec MSC3773: Threaded notifications
* changelog
* Various clarifications per review
* Spec MSC3440: Threading (just the base)
Other threading MSCs to follow
* Spec MSC3856: Threads list API
* Spec MSC3715: Add`dir` to `/relations`
* changelog
* Apply suggestions from code review
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Update changelogs/client_server/newsfragments/1254.feature
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Johannes Marbach