Add draft Linking API
Also re-add sigils to regex.
This commit is contained in:
parent
7d56113b4f
commit
e0e9beebc0
1 changed files with 52 additions and 11 deletions
|
@ -30,10 +30,8 @@ Notes:
|
|||
- Namespaces are represented by POSIX extended regular expressions in JSON.
|
||||
They look like::
|
||||
users: [
|
||||
"irc\.freenode\.net/.*",
|
||||
"@irc\.freenode\.net/.*",
|
||||
]
|
||||
The sigil prefix ``@`` is omitted since it is clear from the ``users`` key that these namespace
|
||||
prefixes are for users. Likewise, ``#`` for ``aliases`` and ``!`` for ``rooms``.
|
||||
::
|
||||
|
||||
POST /register
|
||||
|
@ -44,13 +42,13 @@ Notes:
|
|||
as_token: "some_AS_token",
|
||||
namespaces: {
|
||||
users: [
|
||||
"irc\.freenode\.net/.*"
|
||||
"@irc\.freenode\.net/.*"
|
||||
],
|
||||
aliases: [
|
||||
"irc\.freenode\.net/.*"
|
||||
"#irc\.freenode\.net/.*"
|
||||
],
|
||||
rooms: [
|
||||
"irc\.freenode\.net/.*"
|
||||
"!irc\.freenode\.net/.*"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
@ -146,16 +144,59 @@ This API is called by the HS when the HS wants to push an event (or batch of eve
|
|||
|
||||
|
||||
|
||||
Client -> Application Service
|
||||
-----------------------------
|
||||
This contains application service APIs which are used by the client.
|
||||
Client -> Server -> Application Service
|
||||
---------------------------------------
|
||||
This contains home server APIs which are used by the client, to communicate with
|
||||
the application service.
|
||||
|
||||
Linking ``[TODO]``
|
||||
Linking ``[Draft]``
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
.. NOTE::
|
||||
- How does the application service know that the matrix user really is the virtual
|
||||
user they claim to be? If we force an IS lookup, then this would resolve on its
|
||||
own as anyone who wants to talk to the virtual user will do a lookup before trying
|
||||
the application service...
|
||||
|
||||
Clients may want to link their matrix user ID to their 3PID (e.g. IRC nick). This
|
||||
API allows the AS to do this, so messages sent from the AS are sent as the client.
|
||||
|
||||
- Probably OAuth2
|
||||
This is not achieved using OAuth2 or similar because the trust relationships are
|
||||
different. The application service already has a huge amount of trust from the
|
||||
home server, unlike a random third-party web app. As a result, the data flow is
|
||||
different because the third-party (the application service) is trusted by the
|
||||
authorisation entity (the home server). Furthermore, it is desirable to not have
|
||||
the clients communicate directly with the application service in order to
|
||||
decrease the complexity of AS design.
|
||||
|
||||
To grant permission for an application service to masquerade as a user:
|
||||
|
||||
Inputs:
|
||||
- Credentials of user (e.g. ``access_token``)
|
||||
- The user ID within an application service's namespace to claim.
|
||||
- Restrictions if any (e.g. only for rooms X,Y,Z. Only for 10 hours. etc)
|
||||
Output:
|
||||
- None.
|
||||
Side effects:
|
||||
- The home server will generate an ``access_token`` and push it to the
|
||||
application service along with both user IDs if this response 200s.
|
||||
Notes:
|
||||
- Repeated calls to this API should invalidate any existing token for this
|
||||
user ID / application service combo and provision a new token which is then
|
||||
pushed.
|
||||
- The generated access token MUST honour the restrictions laid out by the
|
||||
client.
|
||||
|
||||
To revoke permission for an application service to masquerade as a user:
|
||||
|
||||
Inputs:
|
||||
- Credentials of user (e.g. ``access_token``)
|
||||
- The user ID within an application service's namespace to revoke. If blank,
|
||||
revokes all user IDs linked to this matrix user ID.
|
||||
Output:
|
||||
- None.
|
||||
Side effects:
|
||||
- The home server invalidate all access tokens for this user ID / AS combo
|
||||
and push this invalidation to the application service if this response 200s.
|
||||
|
||||
Client-Server v2 API Extensions
|
||||
-------------------------------
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue