From c21b9144040c76842e5b39df9eae89dd2fd91785 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Commaille?= <zecakeh@tedomum.fr>
Date: Sat, 22 Feb 2025 17:13:03 +0100
Subject: [PATCH] Clarify that public keys in m.room.third_party_event is
 encoded using standard or URL-safe base64.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Sydent has been using both alphabets.

Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---
 .../schema/m.room.third_party_invite.yaml      | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/data/event-schemas/schema/m.room.third_party_invite.yaml b/data/event-schemas/schema/m.room.third_party_invite.yaml
index b190270f..7739fdf6 100644
--- a/data/event-schemas/schema/m.room.third_party_invite.yaml
+++ b/data/event-schemas/schema/m.room.third_party_invite.yaml
@@ -22,11 +22,16 @@ properties:
           validate whether the key has been revoked. The URL must return a JSON
           object containing a boolean property named 'valid'.
         type: string
+        format: uri
       public_key:
         description: |-
-          A base64-encoded ed25519 key with which token must be signed (though a
-          signature from any entry in public_keys is also sufficient). This
-          exists for backwards compatibility.
+          A base64-encoded ed25519 key with which the token must be signed
+          (though a signature from any entry in public_keys is also sufficient).
+
+          The key is encoded using unpadded standard or URL-safe base64
+          encoding.
+
+          This exists for backwards compatibility.
         type: string
       public_keys:
         description: Keys with which the token may be signed.
@@ -35,14 +40,17 @@ properties:
             key_validity_url:
               description: |-
                 An optional URL which can be fetched, with querystring
-                public_key=public_key, to validate whether the key has been
+                `public_key=<public_key>`, to validate whether the key has been
                 revoked. The URL must return a JSON object containing a boolean
-                property named 'valid'. If this URL is absent, the key must be
+                property named `valid`. If this URL is absent, the key must be
                 considered valid indefinitely.
               type: string
             public_key:
               description: |-
                 A base-64 encoded ed25519 key with which token may be signed.
+
+                The key is encoded using unpadded standard or URL-safe base64
+                encoding.
               type: string
           required:
             - public_key