Accept access_token instead of id_access_token on the IS, accept Authorization header #697
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
richvdh
approved these changes
Sep 11, 2019
|
The tests will fail until we merge matrix-org/synapse#6013 unfortunately. |
anoadragon453
added a commit
to matrix-org/synapse
that referenced
this pull request
Sep 11, 2019
Two things I missed while implementing [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R80). 1. Access tokens should be provided to the identity server as `access_token`, not `id_access_token`, even though the homeserver may accept the tokens as `id_access_token`. 2. Access tokens must be sent to the identity server in a query parameter, the JSON body is not allowed. We now send the access token as part of an `Authorization: ...` header, which fixes both things. The breaking code was added in #5892 Sytest PR: matrix-org/sytest#697
|
And it's been merged! |
anoadragon453
added a commit
to matrix-org/synapse
that referenced
this pull request
Sep 13, 2019
Two things I missed while implementing [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R80). 1. Access tokens should be provided to the identity server as `access_token`, not `id_access_token`, even though the homeserver may accept the tokens as `id_access_token`. 2. Access tokens must be sent to the identity server in a query parameter, the JSON body is not allowed. We now send the access token as part of an `Authorization: ...` header, which fixes both things. The breaking code was added in #5892 Sytest PR: matrix-org/sytest#697
anoadragon453
added a commit
that referenced
this pull request
Mar 18, 2020
…ase-v1.4.0 * origin/release-v1.4.0: (36 commits) Improve logging for a failing test (#709) Make 3PID binding tests use /account/3pid/bind ala MSC2290 (#703) Use unstable prefix for 3PID unbind API Add support for handling email validation challenges (#707) do requestToken before adding a 3pid (#706) Configure synapse to use the test mail server (#705) Implement a mail server to help with 3pid testing (#704) federated_rooms_fixture (#701) Use Sytest develop for Dendrite's master branch (#700) Don't assume atomicity Fix flakiness due to create_room_synced (#702) Don't require an avatar_url Replace HOMESERVER_INFO incantations (#699) add some logging for flaky sync test (#698) Fix problems when using hash Accept access_token instead of id_access_token on the IS, accept Authorization header (#697) Use hash and handle variable sized final chunk Have the in-built identity server support v2 (#689) Add tests for 3PID /unbind API (#691) Fix typo ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Synapse PR: matrix-org/synapse#6013 which has context
We now accept
access_tokeninstead ofid_access_tokenand do so using theAuthorizationheader instead of in the JSON body, as MSC2140 states.