Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Media authentication & event linking (MSC3916, MSC3911) #465

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Media authentication & event linking (MSC3916, MSC3911) #465

wants to merge 4 commits into from

Conversation

turt2live
Copy link
Member

@turt2live turt2live commented Sep 10, 2023
edited

MSCs:

Fixes #421
Closes #103
Closes #266

TODO:

  • MSC3916 - Split endpoints into Client-Server and Federation APIs
  • MSC3916 - X-Matrix authentication on Federation APIs
  • MSC3916 - Access token authentication on Client-Server APIs
  • MSC3916 - multipart/mixed Content-Type on new /download and /thumbnail endpoints
  • MSC3916 - Use new endpoints to download media
  • MSC3911 - Flag uploaded/created media as restricted
  • MSC3911 - Refuse download if restricted media checks fail
  • MSC3911 - Link media to events on send (refuse duplicate binds)
  • MSC3911 - Link media to profiles on update (maybe using MSC4069; refuse duplicate binds)
  • MSC3911 - Delete/quarantine media when event is redacted
  • MSC3911 - Delete/quarantine media when profile is updated away from event
  • MSC3911 - Add media copy API
  • MSC3911 - Delete unused restricted media after some (configurable?) time

MSC3916 implementation (with code commented out to bypass X-Matrix auth for curl 馃槆):

travp@DESKTOP-S0KMB7S MINGW64 ~
$ curl -s -X POST -H "Authorization: Bearer ${token}" -H "Content-Type: text/plain" --data 'Hello, world. This text needs to be longer so here are more characters.' http://localhost:8001/_matrix/media/v3/upload?filename=test.txt
{"content_uri":"mxc://localhost/cc1ad9bf8cc37be5c5369b739fc00233eaa9d8fb1700741659764981760"}


travp@DESKTOP-S0KMB7S MINGW64 ~
$ curl -s -X GET http://localhost:8001/_matrix/federation/unstable/org.matrix.msc3916/media/download/localhost/cc1ad9bf8cc37be5c5369b739fc00233eaa9d8fb1700741659764981760
--b82a7ae9c7f41bc9e8019a6b751b46fa50e407a9e8d05bba3099fb4cb91e
Content-Type: application/json

{}
--b82a7ae9c7f41bc9e8019a6b751b46fa50e407a9e8d05bba3099fb4cb91e
Content-Disposition: attachment; filename=test.txt
Content-Type: text/plain

Hello, world. This text needs to be longer so here are more characters.
--b82a7ae9c7f41bc9e8019a6b751b46fa50e407a9e8d05bba3099fb4cb91e--

@turt2live turt2live mentioned this pull request Sep 10, 2023
Open
@turt2live turt2live mentioned this pull request Nov 25, 2023
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
auth enhancement no matrix spec
Projects
None yet
Milestone
No milestone
1 participant
@turt2live