Support stable endpoint and scopes from the MSC3861 family #18549
Conversation
| # Scope as defined by MSC2967 | ||
| # https://github.com/matrix-org/matrix-spec-proposals/pull/2967 | ||
| SCOPE_MATRIX_API = "urn:matrix:org.matrix.msc2967.client:api:*" | ||
| SCOPE_MATRIX_GUEST = "urn:matrix:org.matrix.msc2967.client:api:guest" |
There was a problem hiding this comment.
For reference, this guest scope was removed from MSC2967 in the rework commit
| if access_token != self._admin_token(): | ||
| await self._record_request(request, requester) | ||
|
|
||
| if not allow_guest and requester.is_guest: |
There was a problem hiding this comment.
Should we get rid of all of the allow_guest stuff in this file now that's unused?
There was a problem hiding this comment.
Meh, it's still in the base 'auth' API, and this code is soon to go away anyway. The new stable integration doesn't have that anymore: https://github.com/element-hq/synapse/blob/develop/synapse/api/auth/mas.py
|
@MadLittleMods re-requesting reviews as I merged develop back in this since #18759 is merged. So I did the support for the stable scope also in the stable integration |
| ("urn:matrix:client:device:", "urn:matrix:client:api:*"), | ||
| ( | ||
| "urn:matrix:org.matrix.msc2967.client:device:", | ||
| "urn:matrix:org.matrix.msc2967.client:api:*", |
There was a problem hiding this comment.
We could replace these with constants
There was a problem hiding this comment.
I prefer to not use constants from the codebase in tests, because it can hide bugs when changing them
| UNSTABLE_SCOPE_MATRIX_API = "urn:matrix:org.matrix.msc2967.client:api:*" | ||
| UNSTABLE_SCOPE_MATRIX_DEVICE_PREFIX = "urn:matrix:org.matrix.msc2967.client:device:" | ||
| STABLE_SCOPE_MATRIX_API = "urn:matrix:client:api:*" | ||
| STABLE_SCOPE_MATRIX_DEVICE_PREFIX = "urn:matrix:client:device:" |
There was a problem hiding this comment.
These are the same as the ones below synapse/api/auth/msc3861_delegated.py. We should have these shared from a single source of truth.
There was a problem hiding this comment.
synapse/api/auth/msc3861_delegated.py should be removed sooner than later, so I don't really mind if they are shared for now
# Synapse 1.139.0 (2025-09-30) ## Features - Add experimental support for [MSC4308: Thread Subscriptions extension to Sliding Sync](matrix-org/matrix-spec-proposals#4308) when [MSC4306: Thread Subscriptions](matrix-org/matrix-spec-proposals#4306) and [MSC4186: Simplified Sliding Sync](matrix-org/matrix-spec-proposals#4186) are enabled. ([\#18695](element-hq/synapse#18695)) - Update push rules for experimental [MSC4306: Thread Subscriptions](matrix-org/matrix-spec-proposals#4306) to follow a newer draft. ([\#18846](element-hq/synapse#18846)) - Add `get_media_upload_limits_for_user` and `on_media_upload_limit_exceeded` module API callbacks to the media repository. ([\#18848](element-hq/synapse#18848)) - Support [MSC4169](matrix-org/matrix-spec-proposals#4169) for backwards-compatible redaction sending using the `/send` endpoint. Contributed by @SpiritCroc @ Beeper. ([\#18898](element-hq/synapse#18898)) - Add an in-memory cache to `_get_e2e_cross_signing_signatures_for_devices` to reduce DB load. ([\#18899](element-hq/synapse#18899)) - Update [MSC4190](matrix-org/matrix-spec-proposals#4190) support to return correct errors and allow appservices to reset cross-signing keys without user-interactive authentication. Contributed by @tulir @ Beeper. ([\#18946](element-hq/synapse#18946)) ## Deprecations and Removals - Remove obsolete and experimental `/sync/e2ee` endpoint. ([\#18583](element-hq/synapse#18583)) # Synapse 1.138.0 (2025-09-09) ## Features - Support for the stable endpoint and scopes of [MSC3861](matrix-org/matrix-spec-proposals#3861) & co. ([\#18549](element-hq/synapse#18549))
2 participants
This adds stable APIs for both MSC2965 and MSC2967