wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Respond to some review comments

Browse source
This commit is contained in:
Daniel Wagner-Hall 2015-09-25 13:17:11 +01:00
parent 5c4398c181
commit 6c1491b3ba
2 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/client-server/v1/login.yaml
View file

@ -115,7 +115,8 @@ paths:
description: |-
The refresh token was accepted, and a new access token has been issued.
The passed refresh token is no longer valid and cannot be used.
A new refresh token may have been returned.
A new refresh token will have been returned unless some policy does
not allow the user to continue to renew their session.
examples:
application/json: |-
{

4
drafts/macaroons_caveats.rst
View file

@ -1,7 +1,9 @@
Macaroon Caveats
================
Macaroons (http://theory.stanford.edu/~ataly/Papers/macaroons.pdf) are issued by Matrix servers as authorization tokens. Macaroons may be restricted by adding caveats to them.
`Macaroons`_ are issued by Matrix servers as authorization tokens. Macaroons may be restricted by adding caveats to them.
.. _Macaroons: http://theory.stanford.edu/~ataly/Papers/macaroons.pdf)
Caveats can only be used for reducing the scope of a token, never for increasing it. Servers are required to reject any macroon with a caveat that they do not understand.