Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3916: Authentication for media #3916

Merged
merged 25 commits into from
Jun 10, 2024
Merged

MSC3916: Authentication for media #3916

merged 25 commits into from
Jun 10, 2024

Conversation

richvdh
Copy link
Member

@richvdh richvdh commented Oct 23, 2022

@richvdh richvdh added the proposal A matrix spec change proposal label Oct 23, 2022
@turt2live turt2live added s2s Server-to-Server API (federation) client-server Client-Server API kind:core MSC which is critical to the protocol's success hacktoberfest-accepted needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels Oct 24, 2022
@ghost
Copy link

ghost commented Oct 24, 2022

This should also obsolete #2461

Quaternion will also (heuristically) use media auth, if the download gets rejected with auth needed by http it will use it, also the legacy paths.

@Fizzadar

This comment was marked as resolved.

@richvdh

This comment was marked as resolved.

@turt2live turt2live self-requested a review October 24, 2022 19:19
@xylonx
Copy link

xylonx commented Jan 8, 2023

As described in #2461, it's a nice idea to distinction public media content and private media content for better back compatibility and flexibility. For API design, I think the S3 API is a good reference. We can use HTTP header or query paramters as auth and set possible expire time for external share link.

@turt2live turt2live added the spec-pr-in-review A proposal which has been PR'd against the spec and is in review label Jun 11, 2024
@turt2live
Copy link
Member

Merged 🎉

@turt2live turt2live added merged A proposal whose PR has merged into the spec! and removed spec-pr-in-review A proposal which has been PR'd against the spec and is in review labels Jun 13, 2024
@Kladki Kladki mentioned this pull request Jun 15, 2024
53 tasks
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jun 18, 2024
# Synapse 1.109.0 (2024-06-18)

- Add the ability to auto-accept invites on the behalf of users. See
  the
  [`auto_accept_invites`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites)
  config option for
  details. ([\#17147](element-hq/synapse#17147))

- Add experimental
  [MSC3575](matrix-org/matrix-spec-proposals#3575)
  Sliding Sync `/sync/e2ee` endpoint for to-device messages and device
  encryption
  info. ([\#17167](element-hq/synapse#17167))

- Support
  [MSC3916](matrix-org/matrix-spec-proposals#3916)
  by adding unstable media endpoints to
  `/_matrix/client`. ([\#17213](element-hq/synapse#17213))

- Add logging to tasks managed by the task scheduler, showing CPU and
  database
  usage. ([\#17219](element-hq/synapse#17219))


# Synapse 1.108.0 (2024-05-28)

- Add a feature that allows clients to query the configured federation
  whitelist. Disabled by
  default. ([\#16848](element-hq/synapse#16848),
  [\#17199](element-hq/synapse#17199))

- Add the ability to allow numeric user IDs with a specific prefix
  when in the CAS flow. Contributed by Aurélien
  Grimpard. ([\#17098](element-hq/synapse#17098))


Synapse 1.107.0 (2024-05-14)

- Add preliminary support for [MSC3823: Account
  Suspension](matrix-org/matrix-spec-proposals#3823).
  ([\#17051](element-hq/synapse#17051))

- Declare support for [Matrix
  v1.10](https://matrix.org/blog/2024/03/22/matrix-v1.10-release/). Contributed
  by
  @clokep. ([\#17082](element-hq/synapse#17082))

- Add support for [MSC4115: membership metadata on
  events](matrix-org/matrix-spec-proposals#4115).
  ([\#17104](element-hq/synapse#17104),
  [\#17137](element-hq/synapse#17137))


# Synapse 1.106.0 (2024-04-30)

- Send an email if the address is already bound to an user
  account. ([\#16819](element-hq/synapse#16819))

- Implement the rendezvous mechanism described by
  [MSC4108](matrix-org/matrix-spec-proposals#4108).
  ([\#17056](element-hq/synapse#17056))

- Support delegating the rendezvous mechanism described
  [MSC4108](matrix-org/matrix-spec-proposals#4108)
  to an external
  implementation. ([\#17086](element-hq/synapse#17086))
yingziwu added a commit to yingziwu/synapse that referenced this pull request Jun 26, 2024
- Fix the building of binary wheels for macOS by switching to macOS 12 CI runners. ([\#17319](element-hq/synapse#17319))

- When rolling back to a previous Synapse version and then forwards again to this release, don't require server operators to manually run SQL. ([\#17305](element-hq/synapse#17305), [\#17309](element-hq/synapse#17309))

- Use the release branch for sytest in release-branch PRs. ([\#17306](element-hq/synapse#17306))

- Fix bug where one-time-keys were not always included in `/sync` response when using workers. Introduced in v1.109.0rc1. ([\#17275](element-hq/synapse#17275))
- Fix bug where `/sync` could get stuck due to edge case in device lists handling. Introduced in v1.109.0rc1. ([\#17292](element-hq/synapse#17292))

- Add the ability to auto-accept invites on the behalf of users. See the [`auto_accept_invites`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites) config option for details. ([\#17147](element-hq/synapse#17147))
- Add experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync/e2ee` endpoint for to-device messages and device encryption info. ([\#17167](element-hq/synapse#17167))
- Support [MSC3916](matrix-org/matrix-spec-proposals#3916) by adding unstable media endpoints to `/_matrix/client`. ([\#17213](element-hq/synapse#17213))
- Add logging to tasks managed by the task scheduler, showing CPU and database usage. ([\#17219](element-hq/synapse#17219))

- Fix deduplicating of membership events to not create unused state groups. ([\#17164](element-hq/synapse#17164))
- Fix bug where duplicate events could be sent down sync when using workers that are overloaded. ([\#17215](element-hq/synapse#17215))
- Ignore attempts to send to-device messages to bad users, to avoid log spam when we try to connect to the bad server. ([\#17240](element-hq/synapse#17240))
- Fix handling of duplicate concurrent uploading of device one-time-keys. ([\#17241](element-hq/synapse#17241))
- Fix reporting of default tags to Sentry, such as worker name. Broke in v1.108.0. ([\#17251](element-hq/synapse#17251))
- Fix bug where typing updates would not be sent when using workers after a restart. ([\#17252](element-hq/synapse#17252))

- Update the LemonLDAP documentation to say that claims should be explicitly included in the returned `id_token`, as Synapse won't request them. ([\#17204](element-hq/synapse#17204))

- Improve DB usage when fetching related events. ([\#17083](element-hq/synapse#17083))
- Log exceptions when failing to auto-join new user according to the `auto_join_rooms` option. ([\#17176](element-hq/synapse#17176))
- Reduce work of calculating outbound device lists updates. ([\#17211](element-hq/synapse#17211))
- Improve performance of calculating device lists changes in `/sync`. ([\#17216](element-hq/synapse#17216))
- Move towards using `MultiWriterIdGenerator` everywhere. ([\#17226](element-hq/synapse#17226))
- Replaces all usages of `StreamIdGenerator` with `MultiWriterIdGenerator`. ([\#17229](element-hq/synapse#17229))
- Change the `allow_unsafe_locale` config option to also apply when setting up new databases. ([\#17238](element-hq/synapse#17238))
- Fix errors in logs about closing incorrect logging contexts when media gets rejected by a module. ([\#17239](element-hq/synapse#17239), [\#17246](element-hq/synapse#17246))
- Clean out invalid destinations from `device_federation_outbox` table. ([\#17242](element-hq/synapse#17242))
- Stop logging errors when receiving invalid User IDs in key querys requests. ([\#17250](element-hq/synapse#17250))

* Bump anyhow from 1.0.83 to 1.0.86. ([\#17220](element-hq/synapse#17220))
* Bump bcrypt from 4.1.2 to 4.1.3. ([\#17224](element-hq/synapse#17224))
* Bump lxml from 5.2.1 to 5.2.2. ([\#17261](element-hq/synapse#17261))
* Bump mypy-zope from 1.0.3 to 1.0.4. ([\#17262](element-hq/synapse#17262))
* Bump phonenumbers from 8.13.35 to 8.13.37. ([\#17235](element-hq/synapse#17235))
* Bump prometheus-client from 0.19.0 to 0.20.0. ([\#17233](element-hq/synapse#17233))
* Bump pyasn1 from 0.5.1 to 0.6.0. ([\#17223](element-hq/synapse#17223))
* Bump pyicu from 2.13 to 2.13.1. ([\#17236](element-hq/synapse#17236))
* Bump pyopenssl from 24.0.0 to 24.1.0. ([\#17234](element-hq/synapse#17234))
* Bump serde from 1.0.201 to 1.0.202. ([\#17221](element-hq/synapse#17221))
* Bump serde from 1.0.202 to 1.0.203. ([\#17232](element-hq/synapse#17232))
* Bump twine from 5.0.0 to 5.1.0. ([\#17225](element-hq/synapse#17225))
* Bump types-psycopg2 from 2.9.21.20240311 to 2.9.21.20240417. ([\#17222](element-hq/synapse#17222))
* Bump types-pyopenssl from 24.0.0.20240311 to 24.1.0.20240425. ([\#17260](element-hq/synapse#17260))
reivilibre pushed a commit to element-hq/synapse that referenced this pull request Jul 8, 2024
…ticated `_matrix/client/v1/media/thumbnail` endpoint (#17388)

[MSC3916](matrix-org/matrix-spec-proposals#3916)
added the endpoints `_matrix/federation/v1/media/thumbnail` and the
authenticated `_matrix/client/v1/media/thumbnail`.

This PR implements those endpoints, along with stabilizing
`_matrix/client/v1/media/config` and
`_matrix/client/v1/media/preview_url`.

Complement tests are at
matrix-org/complement#728
spantaleev added a commit to spantaleev/matrix-docker-ansible-deploy that referenced this pull request Jul 11, 2024
…ix-media-repo

Related to:

- #3409
- https://github.com/t2bot/matrix-media-repo/releases/tag/v1.3.5
- matrix-org/matrix-spec-proposals#3916

Support for authenticated media routes is enabled by default, but
variables are in place to disable it if necessary.

This change has not been tested.
venimus pushed a commit to superhero-com/matrix-docker-ansible-deploy that referenced this pull request Jul 19, 2024
…ix-media-repo

Related to:

- spantaleev#3409
- https://github.com/t2bot/matrix-media-repo/releases/tag/v1.3.5
- matrix-org/matrix-spec-proposals#3916

Support for authenticated media routes is enabled by default, but
variables are in place to disable it if necessary.

This change has not been tested.
@dzaima
Copy link

dzaima commented Sep 5, 2024

This seems like a significant degradation in fallback behavior. Some things I'm encountering:

  • A client that doesn't bundle inline video display (or images for even simpler clients) is required to download the video (messing with temporary vs non-temporary downloads), instead of a web browser nicely handling everything non-trivial. Possible, but annoying, and worse UX.
  • It's impossible to link to uploads mid-message; I've been utilizing <a href="https://matrix.org/_matrix/media/..."></a>, which is impossible to do now (<a href="mxc://...">hello</a> might be an option, but doesn't work at least currently on Element, and even if it were standardized ).

@turt2live
Copy link
Member

The first may be possible for clients to avoid, though would still require effort from the client developer to make happen. For example, using a service worker and custom path to intercept the download and present it. It's a bit unfortunate, but should be acknowledged in the MSC as a potential issue.

The second is deliberate feature breakage, in preparation for MSC3911.

@dzaima
Copy link

dzaima commented Sep 5, 2024

For the first I meant the situation where the client just simply doesn't have video/audio/image decoding or presentation possibility (i.e. isn't a browser-based thing; terminal clients, and generally anything that tries to not be unnecessarily bloated).

Thanks for the MSC3911 link; don't see any mention of <a> there though. And regardless I'm still just out of luck for years until that's completed & supported in the vast majority of clients (especially important here as there is no potential for fallback) :/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
client-server Client-Server API hacktoberfest-accepted kind:core MSC which is critical to the protocol's success merged A proposal whose PR has merged into the spec! proposal A matrix spec change proposal s2s Server-to-Server API (federation)
Projects
Status: Done to some definition
Status: Done for now
Development

Successfully merging this pull request may close these issues.