Merge remote-tracking branch 'upstream/main' into conduwuit-changes

crates/ruma-client-api/CHANGELOG.md

@@ -11,6 +11,8 @@ Breaking changes:
   the `conditions` field is optional.
   - `MissingConditionsError` was removed.
 - The `ts` field in `Request` for `get_media_preview` is now `Option`.
+- The query parameter of `check_registration_token_validity` endpoint
+  has been renamed from `registration_token` to `token`
 
 Improvements:
 
@@ -29,6 +31,8 @@ Improvements:
   according to MSC4025.
 - Allow `discovery::get_supported_versions::v1` to optionally accept
   authentication, according to MSC4026.
+- Allow `account::register::v3` and `account::login::v3` to accept
+  authentication for appservices.
 
 # 0.17.4
 

crates/ruma-client-api/src/account/check_registration_token_validity.rs

@@ -27,7 +27,7 @@ pub mod v1 {
     pub struct Request {
         /// The registration token to check the validity of.
         #[ruma_api(query)]
-        pub registration_token: String,
+        pub token: String,
     }
 
     /// Response type for the `check_registration_token_validity` endpoint.
@@ -39,8 +39,8 @@ pub mod v1 {
 
     impl Request {
         /// Creates a new `Request` with the given registration token.
-        pub fn new(registration_token: String) -> Self {
+        pub fn new(token: String) -> Self {
-            Self { registration_token }
+            Self { token }
         }
     }
 

crates/ruma-client-api/src/account/register.rs

@@ -22,7 +22,7 @@ pub mod v3 {
     const METADATA: Metadata = metadata! {
         method: POST,
         rate_limited: true,
-        authentication: None,
+        authentication: AppserviceToken,
         history: {
             1.0 => "/_matrix/client/r0/register",
             1.1 => "/_matrix/client/v3/register",

crates/ruma-client-api/src/session/login.rs

@@ -26,7 +26,7 @@ pub mod v3 {
     const METADATA: Metadata = metadata! {
         method: POST,
         rate_limited: true,
-        authentication: None,
+        authentication: AppserviceToken,
         history: {
             1.0 => "/_matrix/client/r0/login",
             1.1 => "/_matrix/client/v3/login",

crates/ruma-common/CHANGELOG.md

@@ -10,6 +10,7 @@ Breaking changes:
   match the `.m.rule.invite_for_me` push rule because usually the `invite_state` doesn't include
   `m.room.power_levels`.
 - Add support for endpoints that take an optional authentication
+- Add support for endpoints that require authentication for appservices
 
 Improvements:
 

crates/ruma-common/src/api.rs

@@ -318,6 +318,10 @@ pub enum SendAccessToken<'a> {
     /// Always add the access token.
     Always(&'a str),
 
+    /// Add the given appservice token to the request only if the `METADATA` on the request
+    /// requires it.
+    Appservice(&'a str),
+
     /// Don't add an access token.
     ///
     /// This will lead to an error if the request endpoint requires authentication
@@ -329,7 +333,7 @@ impl<'a> SendAccessToken<'a> {
     ///
     /// Returns `Some(_)` if `self` contains an access token.
     pub fn get_required_for_endpoint(self) -> Option<&'a str> {
-        as_variant!(self, Self::IfRequired | Self::Always)
+        as_variant!(self, Self::IfRequired | Self::Appservice | Self::Always)
     }
 
     /// Get the access token for an endpoint that should not require one.
@@ -338,6 +342,14 @@ impl<'a> SendAccessToken<'a> {
     pub fn get_not_required_for_endpoint(self) -> Option<&'a str> {
         as_variant!(self, Self::Always)
     }
+
+    /// Gets the access token for an endpoint that requires one for appservices.
+    ///
+    /// Returns `Some(_)` if `self` is either `SendAccessToken::Appservice(_)`
+    /// or `SendAccessToken::Always(_)`
+    pub fn get_required_for_appservice(self) -> Option<&'a str> {
+        as_variant!(self, Self::Appservice | Self::Always)
+    }
 }
 
 /// A request type for a Matrix API endpoint, used for sending requests.
@@ -490,6 +502,12 @@ pub enum AuthScheme {
     /// It is recommended to use the header over the query parameter.
     AccessTokenOptional,
 
+    /// Authentication is only performed for appservices, by including an access token in the
+    /// `Authentication` http header, or an `access_token` query parameter.
+    ///
+    /// It is recommended to use the header over the query parameter.
+    AppserviceToken,
+
     /// Authentication is performed by including X-Matrix signatures in the request headers,
     /// as defined in the federation API.
     ServerSignatures,

crates/ruma-common/src/api/metadata.rs

@@ -79,6 +79,11 @@ impl Metadata {
                 None => None,
             },
 
+            AuthScheme::AppserviceToken => match access_token.get_required_for_appservice() {
+                Some(token) => Some((header::AUTHORIZATION, format!("Bearer {token}").try_into()?)),
+                None => None,
+            },
+
             AuthScheme::ServerSignatures => None,
         })
     }