Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Start implementation for media repo auth (MSC701) #103

Closed
turt2live opened this issue Jun 15, 2018 · 3 comments · Fixed by #509 · May be fixed by #465
Closed

Start implementation for media repo auth (MSC701) #103

turt2live opened this issue Jun 15, 2018 · 3 comments · Fixed by #509 · May be fixed by #465

Comments

@turt2live
Copy link
Member

turt2live commented Jun 15, 2018

More information: https://github.com/matrix-org/matrix-doc/issues/701

Currently the content_token format is undecided, however we can still start implementing this as a proof of concept.

  • Implement the ?public=true flag (default true)
  • Generate content tokens ([a-zA-Z0-9]) and return them as part of uploads. Only applies for public=false.
  • Accept a ?content_token= param when downloading media for now. This will likely change in the future.
  • Get rid of the current "requires auth" config flag
  • With the exception of the requires auth config flag, don't do any of this without an explicit environment variable being set. Actually, these changes are backwards compatible (mostly), so we don't need a flag at all.
@turt2live turt2live self-assigned this Jun 15, 2018
@turt2live turt2live added this to the v1.0.0 milestone Jun 15, 2018
@turt2live
Copy link
Member Author

Something to consider is how we'll ensure that the visibility rules are checked. Applies to thumbnails too.

turt2live added a commit that referenced this issue Jun 15, 2018
This currently doesn't build due to some functions not getting the content token treatment. Upon reflection, it may be best to just work on this after rewriting the middle layer.

Part of #103
@turt2live turt2live changed the title Start implementation for media repo auth Start implementation for media repo auth (MSC701) Jun 17, 2018
turt2live added a commit that referenced this issue Jun 17, 2018
This is part of #103.

There's a couple concepts introduced in this setup. It was found that storing hashes in the database can't be done because then we'll have no string to use to decrypt the user's access token. 

This also doesn't work on federation at all and instead has a short circuit which may need to be expanded upon. The token isn't sent over federation at all, however it might need to be done in plain text. The problem with an encrypted access token for the user is that we won't know what the content token is for remote media, and therefore can't decrypt the user's access token. We equally don't want to send the user's access token over federation, so we may have to settle for throwing the content token around.

More thought is needed.
@turt2live
Copy link
Member Author

This is effectively blocked on https://docs.google.com/document/d/1ERHpmthZyspnZtE3tQzxKTkcxar6JANeyNXgz2_djhA/edit?disco=AAAAB_jYtTw due to the concern of sending access tokens over federation. A remote server in the proposal currently has no way of verifying a request is valid for a given user, and a requesting server has no reasonable way to provide authorization information to the remote repository.

@turt2live
Copy link
Member Author

For clarity, MMR has decided it will use MSC3916 instead.

@turt2live turt2live moved this to In Progress in v1.3 feature cycle Jan 23, 2024
@github-project-automation github-project-automation bot moved this from In Progress to Done in v1.3 feature cycle Jul 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment