mirror of
https://github.com/matrix-org/matrix-spec
synced 2026-04-08 12:24:09 +02:00
Compare commits
35 commits
2d3f1710d3
...
b4cd4e9a56
| Author | SHA1 | Date | |
|---|---|---|---|
|
b4cd4e9a56 | ||
|
|
fca171427f | ||
|
|
6183f2410f | ||
|
|
dd4ea948b6 | ||
|
|
50eab3501e | ||
|
|
37b1362bc1 | ||
|
|
d8cc250d20 | ||
|
|
b5e2edf2e5 | ||
|
|
7ef1d9d0ec | ||
|
|
3a5e5555fa | ||
|
|
9889fe3584 | ||
|
|
013502b0c0 | ||
|
|
9859e20927 | ||
|
|
7a3b0c0804 | ||
|
|
0b0942d192 | ||
|
|
1cc93ec951 | ||
|
|
79af78022e | ||
|
|
17af55ddce | ||
|
|
79a1cded02 | ||
|
|
76b48e25d0 | ||
|
|
5d5b561140 | ||
|
|
9327793007 | ||
|
|
f3c269d951 | ||
|
|
3311b084bf | ||
|
|
992cf9dc35 | ||
|
|
4f8999be0a | ||
|
|
82adcec491 | ||
|
|
41c64c877b | ||
|
|
8e9874ad22 | ||
|
|
ee9b5ddcca | ||
|
|
59d2c62d2d | ||
|
|
b2e122f308 | ||
|
|
1fc01189f3 | ||
|
|
212377e393 | ||
|
|
fdc012ac01 |
1
changelogs/client_server/newsfragments/2071.feature
Normal file
1
changelogs/client_server/newsfragments/2071.feature
Normal file
|
|
@ -0,0 +1 @@
|
|||
Feature: Update profile endpoints to become generic to support [MSC4133](https://github.com/matrix-org/matrix-spec-proposals/pull/4133) extended fields. Extended profile fields are now supported via the new `m.profile_fields` capability, which deprecates the previous `m.set_avatar_url` and `m.set_displayname` capabilities. Stabilised keys are explicitly enumerated, and custom keys must conform to the Common Namespaced Identifier Grammar.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
Clarify the format of third-party invites, including the fact that identity
|
||||
server public keys can be encoded using standard or URL-safe base64.
|
||||
|
|
@ -0,0 +1 @@
|
|||
Clarify that public keys can be encoded using standard or URL-safe base64.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
Clarify the format of third-party invites, including the fact that identity
|
||||
server public keys can be encoded using standard or URL-safe base64.
|
||||
|
|
@ -63,7 +63,7 @@ for sending events:
|
|||
The following API endpoints are allowed to be accessed by guest accounts
|
||||
for their own account maintenance:
|
||||
|
||||
* [PUT /profile/{userId}/displayname](#put_matrixclientv3profileuseriddisplayname)
|
||||
* [PUT /profile/{userId}/{key_name}](#put_matrixclientv3profileuseridkeyname)
|
||||
* [GET /devices](#get_matrixclientv3devices)
|
||||
* [GET /devices/{deviceId}](#get_matrixclientv3devicesdeviceid)
|
||||
* [PUT /devices/{deviceId}](#put_matrixclientv3devicesdeviceid)
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ This module adds in support for inviting new members to a room where
|
|||
their Matrix user ID is not known, instead addressing them by a third-party
|
||||
identifier such as an email address. There are two flows here; one
|
||||
if a Matrix user ID is known for the third-party identifier, and one if
|
||||
not. Either way, the client calls [`/invite`](#post_matrixclientv3roomsroomidinvite) with the details of the
|
||||
third-party identifier.
|
||||
not. Either way, the client calls [`/invite`](#thirdparty_post_matrixclientv3roomsroomidinvite)
|
||||
with the details of the third-party identifier.
|
||||
|
||||
The homeserver asks the identity server whether a Matrix user ID is
|
||||
known for that identifier:
|
||||
|
|
@ -37,10 +37,12 @@ A client asks a server to invite a user by their third-party identifier.
|
|||
|
||||
#### Server behaviour
|
||||
|
||||
Upon receipt of an [`/invite`](#post_matrixclientv3roomsroomidinvite), the server is expected to look up the
|
||||
third-party identifier with the provided identity server. If the lookup
|
||||
yields a result for a Matrix User ID then the normal invite process can
|
||||
be initiated. This process ends up looking like this:
|
||||
Upon receipt of an [`/invite`](#thirdparty_post_matrixclientv3roomsroomidinvite),
|
||||
the server is expected to look up the third-party identifier with the provided
|
||||
identity server by making a call to [`/_matrix/identity/v2/lookup`](/identity-service-api/#post_matrixidentityv2lookup).
|
||||
If the lookup yields a result for a Matrix User ID then the normal [invite
|
||||
process](/server-server-api/#inviting-to-a-room) can be initiated. This process
|
||||
ends up looking like this:
|
||||
|
||||
```
|
||||
+---------+ +-------------+ +-----------------+
|
||||
|
|
@ -66,10 +68,11 @@ be initiated. This process ends up looking like this:
|
|||
| | |
|
||||
```
|
||||
|
||||
However, if the lookup does not yield a bound User ID, the homeserver
|
||||
must store the invite on the identity server and emit a valid
|
||||
`m.room.third_party_invite` event to the room. This process ends up
|
||||
looking like this:
|
||||
However, if the lookup does not yield a bound User ID, the homeserver must store
|
||||
the invite on the identity server with a call to
|
||||
[`/_matrix/identity/v2/store-invite`](/identity-service-api/#post_matrixidentityv2store-invite)
|
||||
and emit a valid [`m.room.third_party_invite`](#mroomthird_party_invite) event
|
||||
to the room. This process ends up looking like this:
|
||||
|
||||
```
|
||||
+---------+ +-------------+ +-----------------+
|
||||
|
|
@ -101,15 +104,18 @@ looking like this:
|
|||
| | |
|
||||
```
|
||||
|
||||
All homeservers MUST verify the signature in the event's
|
||||
`content.third_party_invite.signed` object.
|
||||
The third-party user will then need to verify their identity, which results in a
|
||||
request to [`/_matrix/federation/v1/3pid/onbind`](/server-server-api/#put_matrixfederationv13pidonbind)
|
||||
from the identity server to the homeserver that bound the third-party identifier
|
||||
to a user. The homeserver then exchanges the `m.room.third_party_invite` event
|
||||
in the room for a complete [`m.room.member`](#mroommember) event with
|
||||
`content.membership: invite` and a `content.third_party_invite` property for the
|
||||
user that has bound the third-party identifier. If the invitee is on a different
|
||||
homeserver than the inviting user, the invitee's homeserver makes a request to
|
||||
[`/_matrix/federation/v1/exchange_third_party_invite/{roomId}`](/server-server-api/#put_matrixfederationv1exchange_third_party_inviteroomid).
|
||||
|
||||
The third-party user will then need to verify their identity, which
|
||||
results in a call from the identity server to the homeserver that bound
|
||||
the third-party identifier to a user. The homeserver then exchanges the
|
||||
`m.room.third_party_invite` event in the room for a complete
|
||||
`m.room.member` event for `membership: invite` for the user that has
|
||||
bound the third-party identifier.
|
||||
All homeservers MUST verify the signature in the `m.room.member` event's
|
||||
`content.third_party_invite.signed` object.
|
||||
|
||||
If a homeserver is joining a room for the first time because of an
|
||||
`m.room.third_party_invite`, the server which is already participating
|
||||
|
|
@ -193,8 +199,8 @@ at any time - the completion is not shown in the diagram.
|
|||
|
||||
H1 MUST verify the request from H3 to ensure the `signed` property is
|
||||
correct as well as the `key_validity_url` as still being valid. This is
|
||||
done by making a request to the [identity server
|
||||
/isvalid](/identity-service-api/#get_matrixidentityv2pubkeyisvalid)
|
||||
done by making a request to the identity server's
|
||||
[`/pubkey/isvalid`](/identity-service-api/#get_matrixidentityv2pubkeyisvalid)
|
||||
endpoint, using the provided URL rather than constructing a new one. The
|
||||
query string and response for the provided URL must match the Identity
|
||||
Service Specification.
|
||||
|
|
|
|||
|
|
@ -970,9 +970,8 @@ the event to other servers in the room.
|
|||
## Third-party invites
|
||||
|
||||
{{% boxes/note %}}
|
||||
More information about third-party invites is available in the
|
||||
[Client-Server API](/client-server-api) under
|
||||
the Third-party Invites module.
|
||||
More information about third-party invites is available in the Client-Server API
|
||||
under the [Third-party invites](/client-server-api/#third-party-invites) module.
|
||||
{{% /boxes/note %}}
|
||||
|
||||
When a user wants to invite another user in a room but doesn't know the
|
||||
|
|
@ -985,38 +984,41 @@ API](/identity-service-api).
|
|||
|
||||
### Cases where an association exists for a third-party identifier
|
||||
|
||||
If the third-party identifier is already bound to a Matrix ID, a lookup
|
||||
request on the identity server will return it. The invite is then
|
||||
processed by the inviting homeserver as a standard `m.room.member`
|
||||
invite event. This is the simplest case.
|
||||
If the third-party identifier is already bound to a Matrix ID, a [lookup
|
||||
request](/identity-service-api/#post_matrixidentityv2lookup) on the identity
|
||||
server will return it. The invite is then processed by the inviting homeserver
|
||||
as a [standard `m.room.member` invite event](#inviting-to-a-room). This is the
|
||||
simplest case.
|
||||
|
||||
### Cases where an association doesn't exist for a third-party identifier
|
||||
|
||||
If the third-party identifier isn't bound to any Matrix ID, the inviting
|
||||
homeserver will request the identity server to store an invite for this
|
||||
identifier and to deliver it to whoever binds it to its Matrix ID. It
|
||||
will also send an `m.room.third_party_invite` event in the room to
|
||||
specify a display name, a token and public keys the identity server
|
||||
provided as a response to the invite storage request.
|
||||
homeserver will request the identity server to [store an invite](/identity-service-api/#invitation-storage)
|
||||
for this identifier and to deliver it to whoever binds it to its Matrix ID. It
|
||||
will also send an [`m.room.third_party_invite`](/client-server-api/#mroomthird_party_invite)
|
||||
event in the room to specify a display name, a token and public keys the
|
||||
identity server provided as a response to the invite storage request.
|
||||
|
||||
When a third-party identifier with pending invites gets bound to a
|
||||
Matrix ID, the identity server will send a POST request to the ID's
|
||||
homeserver as described in the [Invitation
|
||||
Storage](/identity-service-api#invitation-storage)
|
||||
section of the Identity Service API.
|
||||
When a third-party identifier with pending invites gets bound to a Matrix ID,
|
||||
the identity server will send a request to the [`/3pid/onbind`](#put_matrixfederationv13pidonbind)
|
||||
endpoint of the the ID's homeserver as described in the [Invitation
|
||||
Storage](/identity-service-api#invitation-storage) section of the Identity
|
||||
Service API.
|
||||
|
||||
The following process applies for each invite sent by the identity
|
||||
server:
|
||||
|
||||
The invited homeserver will create an `m.room.member` invite event
|
||||
containing a special `third_party_invite` section containing the token
|
||||
and a signed object, both provided by the identity server.
|
||||
The invited homeserver will create an [`m.room.member`](/client-server-api/#mroommember)
|
||||
invite event containing a special `third_party_invite` section containing the
|
||||
token and a `signed` object, both provided by the identity server.
|
||||
|
||||
If the invited homeserver is in the room the invite came from, it can
|
||||
auth the event and send it.
|
||||
|
||||
However, if the invited homeserver isn't in the room the invite came
|
||||
from, it will need to request the room's homeserver to auth the event.
|
||||
from, it will need to request the inviting homeserver to auth the event
|
||||
at the [`/exchange_third_party_invite`](#put_matrixfederationv1exchange_third_party_inviteroomid)
|
||||
endpoint.
|
||||
|
||||
{{% http-api spec="server-server" api="third_party_invite" %}}
|
||||
|
||||
|
|
|
|||
|
|
@ -73,11 +73,17 @@ paths:
|
|||
- default
|
||||
- available
|
||||
m.set_displayname:
|
||||
deprecated: true
|
||||
$ref: '#/components/schemas/booleanCapability'
|
||||
description: Capability to indicate if the user can change their display name.
|
||||
description: |
|
||||
**Deprecated:** Capability to indicate if the user can change their display name.
|
||||
Please refer to `m.profile_fields` for extended profile management.
|
||||
m.set_avatar_url:
|
||||
deprecated: true
|
||||
$ref: '#/components/schemas/booleanCapability'
|
||||
description: Capability to indicate if the user can change their avatar.
|
||||
description: |
|
||||
**Deprecated:** Capability to indicate if the user can change their avatar.
|
||||
Please refer to `m.profile_fields` for extended profile management.
|
||||
m.3pid_changes:
|
||||
$ref: '#/components/schemas/booleanCapability'
|
||||
description: Capability to indicate if the user can change 3PID associations
|
||||
|
|
@ -86,6 +92,37 @@ paths:
|
|||
$ref: '#/components/schemas/booleanCapability'
|
||||
description: Capability to indicate if the user can generate tokens to log further
|
||||
clients into their account.
|
||||
m.profile_fields:
|
||||
x-addedInMatrixVersion: "1.14"
|
||||
type: object
|
||||
title: ProfileFieldsCapability
|
||||
description: Capability to indicate if the user can set or modify extended profile fields.
|
||||
If absent, clients should assume custom profile fields are supported.
|
||||
properties:
|
||||
allowed:
|
||||
type: array
|
||||
description: List of allowed additional custom profile field keys. A `*` can be used as a
|
||||
wildcard to match any sequence of characters. This list takes precedence over the
|
||||
disallowed list if both are provided.
|
||||
items:
|
||||
type: string
|
||||
example:
|
||||
- "m.example_field"
|
||||
- "org.example/job_title"
|
||||
disallowed:
|
||||
type: array
|
||||
description: List of disallowed additional custom profile field keys. A `*` can be used as
|
||||
a wildcard to match any sequence of characters. Ignored if an allowed list is provided.
|
||||
items:
|
||||
type: string
|
||||
example:
|
||||
- "org.example.secret_field"
|
||||
enabled:
|
||||
type: boolean
|
||||
description: True if the user can set or modify any extended profile fields, false otherwise.
|
||||
example: true
|
||||
required:
|
||||
- enabled
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
|
|
|
|||
|
|
@ -16,48 +16,105 @@ info:
|
|||
title: Matrix Client-Server Profile API
|
||||
version: 1.0.0
|
||||
paths:
|
||||
"/profile/{userId}/displayname":
|
||||
"/profile/{userId}/{keyName}":
|
||||
put:
|
||||
summary: Set the user's display name.
|
||||
x-changedInMatrixVersion:
|
||||
"1.14": Endpoint now accepts variable `keyName` parameter.
|
||||
summary: Set a profile field for a user.
|
||||
description: |-
|
||||
This API sets the given user's display name. You must have permission to
|
||||
set this user's display name, e.g. you need to have their `access_token`.
|
||||
operationId: setDisplayName
|
||||
Set or update a profile field for a user. Must be authenticated with an
|
||||
access token authorised to make changes. Servers may impose size limits
|
||||
on individual fields, and the total profile must be under 64 KiB.
|
||||
|
||||
**Note**: Setting a field to `null` keeps the key but with a `null` value,
|
||||
which some servers may reject. To remove a field completely, use the
|
||||
`DELETE` endpoint instead.
|
||||
operationId: setProfileField
|
||||
security:
|
||||
- accessTokenQuery: []
|
||||
- accessTokenBearer: []
|
||||
parameters:
|
||||
- in: path
|
||||
name: userId
|
||||
description: The user whose display name to set.
|
||||
description: The user whose profile field to set.
|
||||
required: true
|
||||
example: "@alice:example.com"
|
||||
schema:
|
||||
type: string
|
||||
- in: path
|
||||
name: keyName
|
||||
description: The profile field key name to set. It must be either
|
||||
`avatar_url`, `displayname`, or a custom field following the
|
||||
[Common Namespaced Identifier Grammar](/appendices/#common-namespaced-identifier-grammar).
|
||||
required: true
|
||||
example: "displayname"
|
||||
schema:
|
||||
type: string
|
||||
pattern: '^(avatar_url|displayname|[a-z][a-z0-9_]*(\.[a-z][a-z0-9_]*)+)$'
|
||||
requestBody:
|
||||
description: A JSON object containing the property whose name matches
|
||||
the `keyName` specified in the URL. See `additionalProperties` for
|
||||
further details.
|
||||
required: true
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
example: {
|
||||
"displayname": "Alice Margatroid"
|
||||
}
|
||||
properties:
|
||||
displayname:
|
||||
type: string
|
||||
description: The new display name for this user.
|
||||
description: The new display name information.
|
||||
required: true
|
||||
minProperties: 1
|
||||
additionalProperties:
|
||||
description: The JSON object must include a property whose key
|
||||
matches the `keyName` specified in the URL. For `avatar_url`,
|
||||
the value must be an MXC URI string. For `displayname`, the value
|
||||
must be a string. For custom keys, any JSON type is allowed -
|
||||
servers may not validate these values, but clients should follow
|
||||
the format defined for that key.
|
||||
example: { "displayname": "Alice Wonderland" }
|
||||
responses:
|
||||
"200":
|
||||
description: The display name was set.
|
||||
description: The profile field was set.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object # empty json object
|
||||
type: object # empty JSON object
|
||||
examples:
|
||||
response:
|
||||
value: {}
|
||||
"400":
|
||||
description: The request is malformed, contains invalid JSON, missing
|
||||
a required parameter, specifies an invalid key, or exceeds allowed
|
||||
size limits.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
bad_json:
|
||||
value:
|
||||
{
|
||||
"errcode": "M_BAD_JSON",
|
||||
"error": "Malformed JSON payload.",
|
||||
}
|
||||
invalid_key:
|
||||
value:
|
||||
{
|
||||
"errcode": "M_INVALID_PARAM",
|
||||
"error": "Invalid profile key.",
|
||||
}
|
||||
"403":
|
||||
description: The server is unwilling to perform the operation, either
|
||||
due to insufficient permissions or because profile modifications
|
||||
are disabled.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
forbidden:
|
||||
value:
|
||||
{
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile modification is not permitted.",
|
||||
}
|
||||
"429":
|
||||
description: This request was rate-limited.
|
||||
content:
|
||||
|
|
@ -67,98 +124,133 @@ paths:
|
|||
tags:
|
||||
- User data
|
||||
get:
|
||||
summary: Get the user's display name.
|
||||
description: |-
|
||||
Get the user's display name. This API may be used to fetch the user's
|
||||
own displayname or to query the name of other users; either locally or
|
||||
on remote homeservers.
|
||||
operationId: getDisplayName
|
||||
x-changedInMatrixVersion:
|
||||
"1.14": Endpoint now accepts variable `keyName` parameter.
|
||||
summary: Get a profile field for a user.
|
||||
description: Get the value of a profile field for a user. Any individual
|
||||
field must be within the total profile limit of 64 KiB.
|
||||
operationId: getProfileField
|
||||
parameters:
|
||||
- in: path
|
||||
name: userId
|
||||
description: The user whose display name to get.
|
||||
description: The user whose profile field to get.
|
||||
required: true
|
||||
example: "@alice:example.com"
|
||||
schema:
|
||||
type: string
|
||||
- in: path
|
||||
name: keyName
|
||||
description: The profile field key name to retrieve. It must be either
|
||||
`avatar_url`, `displayname`, or a custom field following the
|
||||
[Common Namespaced Identifier Grammar](/appendices/#common-namespaced-identifier-grammar).
|
||||
required: true
|
||||
example: "displayname"
|
||||
schema:
|
||||
type: string
|
||||
pattern: '^(avatar_url|displayname|[a-z][a-z0-9_]*(\.[a-z][a-z0-9_]*)+)$'
|
||||
responses:
|
||||
"200":
|
||||
description: The display name for this user.
|
||||
description: The profile field value was retrieved.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
displayname:
|
||||
type: string
|
||||
description: The user's display name if they have set one, otherwise not
|
||||
present.
|
||||
minProperties: 1
|
||||
additionalProperties:
|
||||
description: The JSON response includes a property whose key
|
||||
matches the `keyName` specified in the URL. For `avatar_url`,
|
||||
the value will be an MXC URI string. For `displayname`, the
|
||||
value will be a string. For custom keys, any JSON type is
|
||||
possible - clients should expect the format defined for that key.
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"displayname": "Alice Margatroid"
|
||||
}
|
||||
value: { "displayname": "Alice" }
|
||||
"403":
|
||||
x-addedInMatrixVersion: "1.12"
|
||||
description: The server is unwilling to disclose whether the user exists and/or
|
||||
has a display name.
|
||||
description: The server is unwilling to disclose whether the user
|
||||
exists and/or has the specified profile field.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile lookup is disabled on this homeserver"
|
||||
}
|
||||
value:
|
||||
{
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile lookup is disabled on this homeserver",
|
||||
}
|
||||
"404":
|
||||
description: There is no display name for this user or this user does not exist.
|
||||
description: There is no profile field with this key for this user, or
|
||||
the user does not exist.
|
||||
tags:
|
||||
- User data
|
||||
"/profile/{userId}/avatar_url":
|
||||
put:
|
||||
summary: Set the user's avatar URL.
|
||||
description: |-
|
||||
This API sets the given user's avatar URL. You must have permission to
|
||||
set this user's avatar URL, e.g. you need to have their `access_token`.
|
||||
operationId: setAvatarUrl
|
||||
delete:
|
||||
x-addedInMatrixVersion: "1.14"
|
||||
summary: Remove a profile field from a user.
|
||||
description: Remove a specific field from a user's profile.
|
||||
operationId: deleteProfileField
|
||||
security:
|
||||
- accessTokenQuery: []
|
||||
- accessTokenBearer: []
|
||||
parameters:
|
||||
- in: path
|
||||
name: userId
|
||||
description: The user whose avatar URL to set.
|
||||
description: The user whose profile field to delete.
|
||||
required: true
|
||||
example: "@alice:example.com"
|
||||
schema:
|
||||
type: string
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
example: {
|
||||
"avatar_url": "mxc://matrix.org/wefh34uihSDRGhw34"
|
||||
}
|
||||
properties:
|
||||
avatar_url:
|
||||
type: string
|
||||
format: uri
|
||||
description: The new avatar URL for this user.
|
||||
description: The new avatar information.
|
||||
required: true
|
||||
- in: path
|
||||
name: keyName
|
||||
description: The profile field key name to delete. It must be either
|
||||
`avatar_url`, `displayname`, or a custom field following the
|
||||
[Common Namespaced Identifier Grammar](/appendices/#common-namespaced-identifier-grammar).
|
||||
required: true
|
||||
example: "displayname"
|
||||
schema:
|
||||
type: string
|
||||
pattern: '^(avatar_url|displayname|[a-z][a-z0-9_]*(\.[a-z][a-z0-9_]*)+)$'
|
||||
responses:
|
||||
"200":
|
||||
description: The avatar URL was set.
|
||||
description: The profile field was deleted.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object # empty json object
|
||||
type: object
|
||||
examples:
|
||||
response:
|
||||
value: {}
|
||||
"400":
|
||||
description: The request is malformed, contains invalid JSON, or
|
||||
specifies an invalid key.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
bad_json:
|
||||
value:
|
||||
{ "errcode": "M_BAD_JSON", "error": "Malformed request." }
|
||||
invalid_key:
|
||||
value:
|
||||
{
|
||||
"errcode": "M_INVALID_PARAM",
|
||||
"error": "Invalid profile key.",
|
||||
}
|
||||
"403":
|
||||
description: The user is not authorised to delete this profile field.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
forbidden:
|
||||
value:
|
||||
{
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile deletion is not permitted.",
|
||||
}
|
||||
"429":
|
||||
description: This request was rate-limited.
|
||||
content:
|
||||
|
|
@ -167,63 +259,15 @@ paths:
|
|||
$ref: definitions/errors/rate_limited.yaml
|
||||
tags:
|
||||
- User data
|
||||
get:
|
||||
summary: Get the user's avatar URL.
|
||||
description: |-
|
||||
Get the user's avatar URL. This API may be used to fetch the user's
|
||||
own avatar URL or to query the URL of other users; either locally or
|
||||
on remote homeservers.
|
||||
operationId: getAvatarUrl
|
||||
parameters:
|
||||
- in: path
|
||||
name: userId
|
||||
description: The user whose avatar URL to get.
|
||||
required: true
|
||||
example: "@alice:example.com"
|
||||
schema:
|
||||
type: string
|
||||
responses:
|
||||
"200":
|
||||
description: The avatar URL for this user.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
avatar_url:
|
||||
type: string
|
||||
format: uri
|
||||
description: The user's avatar URL if they have set one, otherwise not present.
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"avatar_url": "mxc://matrix.org/SDGdghriugerRg"
|
||||
}
|
||||
"403":
|
||||
x-addedInMatrixVersion: "1.12"
|
||||
description: The server is unwilling to disclose whether the user exists and/or
|
||||
has an avatar URL.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile lookup is disabled on this homeserver"
|
||||
}
|
||||
"404":
|
||||
description: There is no avatar URL for this user or this user does not exist.
|
||||
tags:
|
||||
- User data
|
||||
"/profile/{userId}":
|
||||
get:
|
||||
summary: Get this user's profile information.
|
||||
summary: Get all profile information for a user.
|
||||
description: |-
|
||||
Get the combined profile information for this user. This API may be used
|
||||
to fetch the user's own profile information or other users; either
|
||||
locally or on remote homeservers.
|
||||
Get the complete profile for a user. The response includes `avatar_url`
|
||||
and `displayname` (unless set to `null`, as they can only be strings)
|
||||
plus any custom profile fields.
|
||||
|
||||
**Note**: The complete profile must be under 64 KiB.
|
||||
operationId: getUserProfile
|
||||
parameters:
|
||||
- in: path
|
||||
|
|
@ -243,45 +287,49 @@ paths:
|
|||
properties:
|
||||
avatar_url:
|
||||
type: string
|
||||
format: uri
|
||||
description: The user's avatar URL if they have set one, otherwise not present.
|
||||
format: mx-mxc-uri
|
||||
description: "Avatar URL value (MXC URI format)."
|
||||
displayname:
|
||||
type: string
|
||||
description: The user's display name if they have set one, otherwise not
|
||||
present.
|
||||
additionalProperties:
|
||||
x-addedInMatrixVersion: "1.14"
|
||||
description: Any additional profile field value; may be any
|
||||
valid JSON type, with keys following the
|
||||
[Common Namespaced Identifier Grammar](/appendices/#common-namespaced-identifier-grammar).
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"avatar_url": "mxc://matrix.org/SDGdghriugerRg",
|
||||
"displayname": "Alice Margatroid"
|
||||
}
|
||||
value:
|
||||
{
|
||||
"avatar_url": "mxc://matrix.org/SDGdghriugerRg",
|
||||
"displayname": "Alice Margatroid",
|
||||
"m.example_field": "custom_value",
|
||||
}
|
||||
"403":
|
||||
x-addedInMatrixVersion: "1.2"
|
||||
description: The server is unwilling to disclose whether the user exists and/or
|
||||
has profile information.
|
||||
description: The server is unwilling to disclose whether the user
|
||||
exists and/or has profile information.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile lookup is disabled on this homeserver"
|
||||
}
|
||||
value:
|
||||
{
|
||||
"errcode": "M_FORBIDDEN",
|
||||
"error": "Profile lookup is disabled on this homeserver",
|
||||
}
|
||||
"404":
|
||||
description: There is no profile information for this user or this user does not
|
||||
exist.
|
||||
description: There is no profile information for this user or this
|
||||
user does not exist.
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: definitions/errors/error.yaml
|
||||
examples:
|
||||
response:
|
||||
value: {
|
||||
"errcode": "M_NOT_FOUND",
|
||||
"error": "Profile not found"
|
||||
}
|
||||
value:
|
||||
{ "errcode": "M_NOT_FOUND", "error": "Profile not found" }
|
||||
tags:
|
||||
- User data
|
||||
servers:
|
||||
|
|
|
|||
|
|
@ -57,9 +57,6 @@ paths:
|
|||
- A signature of the token, signed with the identity server's private key
|
||||
|
||||
- The matrix user ID who invited them to the room
|
||||
|
||||
If a token is requested from the identity server, the homeserver will
|
||||
append a `m.room.third_party_invite` event to the room.
|
||||
operationId: inviteBy3PID
|
||||
security:
|
||||
- accessTokenQuery: []
|
||||
|
|
@ -72,6 +69,8 @@ paths:
|
|||
example: "!d41d8cd:matrix.org"
|
||||
schema:
|
||||
type: string
|
||||
format: mx-room-id
|
||||
pattern: "^!"
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
|
|
@ -90,7 +89,9 @@ paths:
|
|||
value: {}
|
||||
"403":
|
||||
description: |-
|
||||
You do not have permission to invite the user to the room. A meaningful `errcode` and description error text will be returned. Example reasons for rejections are:
|
||||
You do not have permission to invite the user to the room. A
|
||||
meaningful `errcode` and description error text will be returned.
|
||||
Example reasons for rejections are:
|
||||
|
||||
- The invitee has been banned from the room.
|
||||
- The invitee is already a member of the room.
|
||||
|
|
|
|||
|
|
@ -43,7 +43,8 @@ paths:
|
|||
properties:
|
||||
public_key:
|
||||
type: string
|
||||
description: Unpadded Base64 encoded public key.
|
||||
description: |-
|
||||
[Unpadded Base64](/appendices/#unpadded-base64)-encoded public key.
|
||||
required:
|
||||
- public_key
|
||||
examples:
|
||||
|
|
@ -74,7 +75,8 @@ paths:
|
|||
- in: query
|
||||
name: public_key
|
||||
required: true
|
||||
description: The unpadded base64-encoded public key to check.
|
||||
description: |-
|
||||
The [unpadded Base64](/appendices/#unpadded-base64)-encoded public key to check.
|
||||
example: VXuGitF39UH5iRfvbIknlvlAVKgD1BsLDMvBf0pmp7c
|
||||
schema:
|
||||
type: string
|
||||
|
|
@ -105,7 +107,14 @@ paths:
|
|||
- in: query
|
||||
name: public_key
|
||||
required: true
|
||||
description: The unpadded base64-encoded public key to check.
|
||||
description: |-
|
||||
The [unpadded Base64](/appendices/#unpadded-base64)-encoded public
|
||||
key to check.
|
||||
|
||||
This MUST be the exact same encoded string returned in the response
|
||||
of the [`/store-invite`](/identity-service-api/#post_matrixidentityv2store-invite)
|
||||
endpoint, or found in the corresponding [`m.room.third_party_invite`](/client-server-api/#mroomthird_party_invite)
|
||||
event, so it may use the standard or URL-safe alphabets.
|
||||
example: VXuGitF39UH5iRfvbIknlvlAVKgD1BsLDMvBf0pmp7c
|
||||
schema:
|
||||
type: string
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ paths:
|
|||
(if present) from the request here.
|
||||
|
||||
Also, the generated ephemeral public key will be listed as valid on
|
||||
requests to `/_matrix/identity/v2/pubkey/ephemeral/isvalid`.
|
||||
requests to [`/_matrix/identity/v2/pubkey/ephemeral/isvalid`](/identity-service-api/#get_matrixidentityv2pubkeyephemeralisvalid).
|
||||
|
||||
Currently, invites may only be issued for 3pids of the `email` medium.
|
||||
|
||||
|
|
@ -70,10 +70,14 @@ paths:
|
|||
room_id:
|
||||
type: string
|
||||
description: The Matrix room ID to which the user is invited
|
||||
format: mx-room-id
|
||||
pattern: "^!"
|
||||
example: "!something:example.org"
|
||||
sender:
|
||||
type: string
|
||||
description: The Matrix user ID of the inviting user
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@bob:example.com"
|
||||
room_alias:
|
||||
type: string
|
||||
|
|
@ -81,12 +85,16 @@ paths:
|
|||
The Matrix room alias for the room to which the user is
|
||||
invited. This should be retrieved from the `m.room.canonical_alias`
|
||||
state event.
|
||||
format: mx-room-alias
|
||||
pattern: "^#"
|
||||
example: "#somewhere:example.org"
|
||||
room_avatar_url:
|
||||
type: string
|
||||
description: |-
|
||||
The Content URI for the room to which the user is invited. This should
|
||||
be retrieved from the `m.room.avatar` state event.
|
||||
format: mx-mxc-uri
|
||||
pattern: "^mxc:\\/\\/"
|
||||
example: mxc://example.org/s0meM3dia
|
||||
room_join_rules:
|
||||
type: string
|
||||
|
|
@ -108,6 +116,8 @@ paths:
|
|||
type: string
|
||||
description: The Content URI for the avatar of the user ID initiating the
|
||||
invite.
|
||||
format: mx-mxc-uri
|
||||
pattern: "^mxc:\\/\\/"
|
||||
example: mxc://example.org/an0th3rM3dia
|
||||
room_type:
|
||||
type: string
|
||||
|
|
@ -146,7 +156,7 @@ paths:
|
|||
public_key:
|
||||
type: string
|
||||
description: |
|
||||
The public key, encoded using [unpadded Base64](/appendices/#unpadded-base64).
|
||||
The public key, encoded using standard or URL-safe [unpadded Base64](/appendices/#unpadded-base64).
|
||||
key_validity_url:
|
||||
type: string
|
||||
description: |
|
||||
|
|
|
|||
|
|
@ -35,6 +35,8 @@ paths:
|
|||
example: "!abc123:matrix.org"
|
||||
schema:
|
||||
type: string
|
||||
format: mx-room-id
|
||||
pattern: "^!"
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
|
|
@ -50,16 +52,22 @@ paths:
|
|||
description: |-
|
||||
The room ID the event is for. Must match the ID given in
|
||||
the path.
|
||||
format: mx-room-id
|
||||
pattern: "^!"
|
||||
example: "!abc123:matrix.org"
|
||||
sender:
|
||||
type: string
|
||||
description: |-
|
||||
The user ID of the user who sent the original `m.room.third_party_invite`
|
||||
event.
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@joe:matrix.org"
|
||||
state_key:
|
||||
type: string
|
||||
description: The user ID of the invited user
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@someone:example.org"
|
||||
content:
|
||||
type: object
|
||||
|
|
@ -82,45 +90,7 @@ paths:
|
|||
third-party identifier.
|
||||
example: alice
|
||||
signed:
|
||||
type: object
|
||||
description: |-
|
||||
A block of content which has been signed, which servers can use to
|
||||
verify the event.
|
||||
title: Invite Signatures
|
||||
properties:
|
||||
signatures:
|
||||
type: object
|
||||
title: Signatures
|
||||
additionalProperties:
|
||||
type: object
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: |-
|
||||
The server signatures for this event.
|
||||
|
||||
The signature is calculated using the process
|
||||
described at [Signing JSON](/appendices/#signing-json).
|
||||
example:
|
||||
magic.forest:
|
||||
ed25519:3: fQpGIW1Snz+pwLZu6sTy2aHy/DYWWTspTJRPyNp0PKkymfIsNffysMl6ObMMFdIJhk6g6pwlIqZ54rxo8SLmAg
|
||||
mxid:
|
||||
type: string
|
||||
description: The invited matrix user ID
|
||||
example: "@alice:localhost"
|
||||
token:
|
||||
type: string
|
||||
description: The token used to verify the event
|
||||
example: abc123
|
||||
required:
|
||||
- signatures
|
||||
- mxid
|
||||
- token
|
||||
example:
|
||||
mxid: "@alice:localhost"
|
||||
token: abc123
|
||||
signatures:
|
||||
magic.forest:
|
||||
ed25519:3: fQpGIW1Snz+pwLZu6sTy2aHy/DYWWTspTJRPyNp0PKkymfIsNffysMl6ObMMFdIJhk6g6pwlIqZ54rxo8SLmAg
|
||||
$ref: ../../event-schemas/schema/components/signed_third_party_invite.yaml
|
||||
required:
|
||||
- display_name
|
||||
- signed
|
||||
|
|
@ -215,6 +185,8 @@ paths:
|
|||
mxid:
|
||||
type: string
|
||||
description: The user that is now bound to the third-party identifier.
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@alice:matrix.org"
|
||||
invites:
|
||||
type: array
|
||||
|
|
@ -237,59 +209,23 @@ paths:
|
|||
mxid:
|
||||
type: string
|
||||
description: The now-bound user ID that received the invite.
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@alice:matrix.org"
|
||||
room_id:
|
||||
type: string
|
||||
description: The room ID the invite is valid for.
|
||||
format: mx-room-id
|
||||
pattern: "^!"
|
||||
example: "!somewhere:example.org"
|
||||
sender:
|
||||
type: string
|
||||
description: The user ID that sent the invite.
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@bob:matrix.org"
|
||||
# TODO (TravisR): Make this reusable when doing IS spec changes
|
||||
# also make sure it isn't lying about anything, like the key version
|
||||
signed:
|
||||
type: object
|
||||
title: Identity Server Signatures
|
||||
description: |-
|
||||
Signature from the identity server using a long-term private
|
||||
key.
|
||||
properties:
|
||||
mxid:
|
||||
type: string
|
||||
description: |-
|
||||
The user ID that has been bound to the third-party
|
||||
identifier.
|
||||
example: "@alice:matrix.org"
|
||||
token:
|
||||
type: string
|
||||
# TODO: What is this actually?
|
||||
description: A token.
|
||||
example: Hello World
|
||||
signatures:
|
||||
type: object
|
||||
title: Identity Server Signature
|
||||
description: |-
|
||||
The signature from the identity server. The `string` key
|
||||
is the identity server's domain name, such as vector.im
|
||||
additionalProperties:
|
||||
type: object
|
||||
title: Identity Server Domain Signature
|
||||
description: The signature for the identity server.
|
||||
properties:
|
||||
ed25519:0:
|
||||
type: string
|
||||
description: The signature.
|
||||
example: SomeSignatureGoesHere
|
||||
required:
|
||||
- ed25519:0
|
||||
example:
|
||||
vector.im:
|
||||
ed25519:0: SomeSignatureGoesHere
|
||||
required:
|
||||
- mxid
|
||||
- token
|
||||
- signatures
|
||||
$ref: ../../event-schemas/schema/components/signed_third_party_invite.yaml
|
||||
required:
|
||||
- medium
|
||||
- address
|
||||
|
|
|
|||
|
|
@ -0,0 +1,45 @@
|
|||
title: SignedThirdPartyInvite
|
||||
description: |-
|
||||
A block of content which has been signed by the identity server, which
|
||||
homeservers can use to verify the event. Clients should ignore this.
|
||||
type: object
|
||||
properties:
|
||||
mxid:
|
||||
description: |-
|
||||
The user ID that has been bound to the third-party identifier.
|
||||
type: string
|
||||
format: mx-user-id
|
||||
pattern: "^@"
|
||||
example: "@alice:example.org"
|
||||
signatures:
|
||||
title: IdentityServerSignatures
|
||||
description: |-
|
||||
The identity server signatures for this block. This is a map of identity
|
||||
server name to signing key identifier to base64-encoded signature.
|
||||
|
||||
The signatures are calculated using the process described at
|
||||
[Signing JSON](/appendices/#signing-json).
|
||||
type: object
|
||||
additionalProperties:
|
||||
type: object
|
||||
additionalProperties:
|
||||
type: string
|
||||
example: {
|
||||
"magic.forest": {
|
||||
"ed25519:3": "fQpGIW1Snz+pwLZu6sTy2aHy/DYWWTspTJRPyNp0PKkymfIsNffysMl6ObMMFdIJhk6g6pwlIqZ54rxo8SLmAg"
|
||||
}
|
||||
}
|
||||
token:
|
||||
description: |-
|
||||
The token generated by the identity server at the
|
||||
[`/store_invite`](/identity-service-api/#post_matrixidentityv2store-invite)
|
||||
endpoint.
|
||||
|
||||
It matches the `state_key` of the corresponding [`m.room.third_party_invite`](/client-server-api/#mroomthird_party_invite)
|
||||
event.
|
||||
type: string
|
||||
example: "abc123"
|
||||
required:
|
||||
- mxid
|
||||
- signatures
|
||||
- token
|
||||
|
|
@ -2,17 +2,27 @@
|
|||
allOf:
|
||||
- $ref: core-event-schema/state_event.yaml
|
||||
description: |-
|
||||
Adjusts the membership state for a user in a room. It is preferable to use the membership APIs (`/rooms/<room id>/invite` etc) when performing membership actions rather than adjusting the state directly as there are a restricted set of valid transformations. For example, user A cannot force user B to join a room, and trying to force this state change directly will fail.
|
||||
Adjusts the membership state for a user in a room. It is preferable to use the membership APIs
|
||||
(`/rooms/<room id>/invite` etc) when performing membership actions rather than adjusting the
|
||||
state directly as there are a restricted set of valid transformations. For example, user A cannot
|
||||
force user B to join a room, and trying to force this state change directly will fail.
|
||||
|
||||
The following membership states are specified:
|
||||
|
||||
- `invite` - The user has been invited to join a room, but has not yet joined it. They may not participate in the room until they join.
|
||||
- `join` - The user has joined the room (possibly after accepting an invite), and may participate in it.
|
||||
- `leave` - The user was once joined to the room, but has since left (possibly by choice, or possibly by being kicked).
|
||||
- `ban` - The user has been banned from the room, and is no longer allowed to join it until they are un-banned from the room (by having their membership state set to a value other than `ban`).
|
||||
- `knock` - The user has knocked on the room, requesting permission to participate. They may not participate in the room until they join.
|
||||
- `invite` - The user has been invited to join a room, but has not yet joined it. They may not
|
||||
participate in the room until they join.
|
||||
- `join` - The user has joined the room (possibly after accepting an invite), and may participate
|
||||
in it.
|
||||
- `leave` - The user was once joined to the room, but has since left (possibly by choice, or
|
||||
possibly by being kicked).
|
||||
- `ban` - The user has been banned from the room, and is no longer allowed to join it until they
|
||||
are un-banned from the room (by having their membership state set to a value other than `ban`).
|
||||
- `knock` - The user has knocked on the room, requesting permission to participate. They may not
|
||||
participate in the room until they join.
|
||||
|
||||
The `third_party_invite` property will be set if this invite is an `invite` event and is the successor of an `m.room.third_party_invite` event, and absent otherwise.
|
||||
The `third_party_invite` property will be set if this invite is an `invite` event and is the
|
||||
successor of an [`m.room.third_party_invite`](/client-server-api/#mroomthird_party_invite) event,
|
||||
and absent otherwise.
|
||||
|
||||
This event may also include an `invite_room_state` key inside the event's `unsigned` data.
|
||||
If present, this contains an array of [stripped state events](/client-server-api/#stripped-state)
|
||||
|
|
@ -57,63 +67,54 @@ properties:
|
|||
- ban
|
||||
type: string
|
||||
is_direct:
|
||||
description: Flag indicating if the room containing this event was created with the intention of being a direct chat. See [Direct Messaging](/client-server-api/#direct-messaging).
|
||||
description: |-
|
||||
Flag indicating if the room containing this event was created with the intention of being
|
||||
a direct chat. See [Direct Messaging](/client-server-api/#direct-messaging).
|
||||
type: boolean
|
||||
join_authorised_via_users_server:
|
||||
x-addedInMatrixVersion: "1.2"
|
||||
type: string
|
||||
description: |-
|
||||
Usually found on `join` events, this field is used to denote which homeserver (through representation of a user with sufficient power level)
|
||||
authorised the user's join. More information about this field can be found in the [Restricted Rooms Specification](/client-server-api/#restricted-rooms).
|
||||
Usually found on `join` events, this field is used to denote which homeserver (through
|
||||
representation of a user with sufficient power level) authorised the user's join. More
|
||||
information about this field can be found in the [Restricted Rooms Specification](/client-server-api/#restricted-rooms).
|
||||
|
||||
Client and server implementations should be aware of the [signing implications](/rooms/v8/#authorization-rules) of including this
|
||||
field in further events: in particular, the event must be signed by the server which
|
||||
owns the user ID in the field. When copying the membership event's `content`
|
||||
(for profile updates and similar) it is therefore encouraged to exclude this
|
||||
field in the copy, as otherwise the event might fail event authorization.
|
||||
Client and server implementations should be aware of the [signing implications](/rooms/v8/#authorization-rules)
|
||||
of including this field in further events: in particular, the event must be signed by the
|
||||
server which owns the user ID in the field. When copying the membership event's `content`
|
||||
(for profile updates and similar) it is therefore encouraged to exclude this field in the
|
||||
copy, as otherwise the event might fail event authorization.
|
||||
reason:
|
||||
x-addedInMatrixVersion: "1.1"
|
||||
type: string
|
||||
description: |-
|
||||
Optional user-supplied text for why their membership has changed. For kicks and bans, this is typically the reason for the kick or ban.
|
||||
For other membership changes, this is a way for the user to communicate their intent without having to send a message to the room, such
|
||||
as in a case where Bob rejects an invite from Alice about an upcoming concert, but can't make it that day.
|
||||
Optional user-supplied text for why their membership has changed. For kicks and bans,
|
||||
this is typically the reason for the kick or ban. For other membership changes, this is a
|
||||
way for the user to communicate their intent without having to send a message to the
|
||||
room, such as in a case where Bob rejects an invite from Alice about an upcoming concert,
|
||||
but can't make it that day.
|
||||
|
||||
Clients are not recommended to show this reason to users when receiving an invite due to the potential for spam and abuse. Hiding the
|
||||
reason behind a button or other component is recommended.
|
||||
Clients are not recommended to show this reason to users when receiving an invite due to
|
||||
the potential for spam and abuse. Hiding the reason behind a button or other component is
|
||||
recommended.
|
||||
third_party_invite:
|
||||
title: ThirdPartyInvite
|
||||
description: |-
|
||||
A third-party invite, if this `m.room.member` is the successor to an
|
||||
[`m.room.third_party_invite`](/client-server-api/#mroomthird_party_invite)
|
||||
event.
|
||||
type: object
|
||||
properties:
|
||||
display_name:
|
||||
description: A name which can be displayed to represent the user instead of their third-party identifier
|
||||
description: |-
|
||||
A name which can be displayed to represent the user instead of their
|
||||
third-party identifier
|
||||
type: string
|
||||
signed:
|
||||
description: 'A block of content which has been signed, which servers can use to verify the event. Clients should ignore this.'
|
||||
properties:
|
||||
mxid:
|
||||
description: The invited matrix user ID. Must be equal to the user_id property of the event.
|
||||
type: string
|
||||
signatures:
|
||||
description: 'A single signature from the verifying server, in the format specified by the Signing Events section of the server-server API.'
|
||||
title: Signatures
|
||||
type: object
|
||||
additionalProperties:
|
||||
type: object
|
||||
additionalProperties:
|
||||
type: string
|
||||
token:
|
||||
description: The token property of the containing third_party_invite object.
|
||||
type: string
|
||||
required:
|
||||
- mxid
|
||||
- signatures
|
||||
- token
|
||||
title: signed
|
||||
type: object
|
||||
$ref: components/signed_third_party_invite.yaml
|
||||
required:
|
||||
- display_name
|
||||
- signed
|
||||
title: Invite
|
||||
type: object
|
||||
required:
|
||||
- membership
|
||||
title: EventContent
|
||||
|
|
|
|||
|
|
@ -1,28 +1,56 @@
|
|||
---
|
||||
allOf:
|
||||
- $ref: core-event-schema/state_event.yaml
|
||||
description: "Acts as an `m.room.member` invite event, where there isn't a target user_id to invite. This event contains a token and a public key whose private key must be used to sign the token. Any user who can present that signature may use this invitation to join the target room."
|
||||
description: |-
|
||||
Acts as an `m.room.member` invite event, where there isn't a target user_id to
|
||||
invite. This event contains a token and a public key whose private key must be
|
||||
used to sign the token. Any user who can present that signature may use this
|
||||
invitation to join the target room.
|
||||
properties:
|
||||
content:
|
||||
properties:
|
||||
display_name:
|
||||
description: "A user-readable string which represents the user who has been invited. This should not contain the user's third-party ID, as otherwise when the invite is accepted it would leak the association between the matrix ID and the third-party ID."
|
||||
description: |-
|
||||
A user-readable string which represents the user who has been invited.
|
||||
This should not contain the user's third-party ID, as otherwise when
|
||||
the invite is accepted it would leak the association between the
|
||||
matrix ID and the third-party ID.
|
||||
type: string
|
||||
key_validity_url:
|
||||
description: "A URL which can be fetched, with querystring public_key=public_key, to validate whether the key has been revoked. The URL must return a JSON object containing a boolean property named 'valid'."
|
||||
description: |-
|
||||
A URL which can be fetched, with querystring public_key=public_key, to
|
||||
validate whether the key has been revoked. The URL must return a JSON
|
||||
object containing a boolean property named 'valid'.
|
||||
type: string
|
||||
format: uri
|
||||
public_key:
|
||||
description: A base64-encoded ed25519 key with which token must be signed (though a signature from any entry in public_keys is also sufficient). This exists for backwards compatibility.
|
||||
description: |-
|
||||
An Ed25519 key with which the token must be signed (though a signature
|
||||
from any entry in `public_keys` is also sufficient).
|
||||
|
||||
The key is encoded using [Unpadded Base64](/appendices/#unpadded-base64),
|
||||
using the standard or URL-safe alphabets.
|
||||
|
||||
This exists for backwards compatibility.
|
||||
type: string
|
||||
public_keys:
|
||||
description: Keys with which the token may be signed.
|
||||
items:
|
||||
properties:
|
||||
key_validity_url:
|
||||
description: "An optional URL which can be fetched, with querystring public_key=public_key, to validate whether the key has been revoked. The URL must return a JSON object containing a boolean property named 'valid'. If this URL is absent, the key must be considered valid indefinitely."
|
||||
description: |-
|
||||
An optional URL which can be fetched, with querystring
|
||||
`public_key=<public_key>`, to validate whether the key has been
|
||||
revoked. The URL must return a JSON object containing a boolean
|
||||
property named `valid`. If this URL is absent, the key must be
|
||||
considered valid indefinitely.
|
||||
type: string
|
||||
public_key:
|
||||
description: A base-64 encoded ed25519 key with which token may be signed.
|
||||
description: |-
|
||||
An Ed25519 key with which the token may be signed.
|
||||
|
||||
The key is encoded using [Unpadded Base64](/appendices/#unpadded-base64),
|
||||
using the standard or URL-safe alphabets.
|
||||
type: string
|
||||
required:
|
||||
- public_key
|
||||
|
|
@ -35,11 +63,15 @@ properties:
|
|||
- public_key
|
||||
type: object
|
||||
state_key:
|
||||
description: 'The token, of which a signature must be produced in order to join the room.'
|
||||
description: |-
|
||||
The token, of which a signature must be produced in order to join the
|
||||
room.
|
||||
type: string
|
||||
type:
|
||||
enum:
|
||||
- m.room.third_party_invite
|
||||
type: string
|
||||
title: 'An invitation to a room issued to a third-party identifier, rather than a matrix user ID.'
|
||||
title: |-
|
||||
An invitation to a room issued to a third-party identifier, rather than a
|
||||
matrix user ID.
|
||||
type: object
|
||||
|
|
|
|||
|
|
@ -51,6 +51,11 @@ mx-room-id:
|
|||
url: appendices#room-ids
|
||||
# regex: "^!"
|
||||
|
||||
mx-room-alias:
|
||||
title: Room Alias
|
||||
url: appendices#room-aliases
|
||||
# regex: "^#"
|
||||
|
||||
mx-server-name:
|
||||
title: Server Name
|
||||
url: appendices#server-name
|
||||
|
|
|
|||
Loading…
Reference in a new issue