Skip to content

Support getting the device ID explicitly from MAS #18174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 4, 2025
Merged

Support getting the device ID explicitly from MAS #18174

merged 3 commits into from
Mar 4, 2025
+71 −17

Conversation

sandhose
Copy link
Member

@sandhose sandhose commented Feb 19, 2025
edited
Loading

The context for this is that the Matrix spec allows basically anything in the device ID. With MSC3861, we're restricting this to strings that can be represented as scopes.
Whilst this works well for next-gen auth sessions, compatibility/legacy sessions still can have characters that can't be encoded (mainly spaces) in them.

To work around that, we added in MAS a behaviour where the device_id is given as an explicit property of the token introspection response, and remove it from the scope.
Because we don't expect users to rollout new Synapse and MAS versions in sync, we needed a way to 'advertise' support for this behaviour: the easiest way to do that was through an extra header in the introspection response.

On the longer term, I expect MAS and Synapse to move away from the introspection endpoint, and instead define a specific API for Synapse -> MAS communication.

PR on the MAS side: element-hq/matrix-authentication-service#4067

@sandhose sandhose mentioned this pull request Feb 19, 2025
Merged
@sandhose sandhose marked this pull request as ready for review February 21, 2025 08:29
@sandhose sandhose requested a review from a team as a code owner February 21, 2025 08:29
@sandhose sandhose mentioned this pull request Feb 24, 2025
Closed
@reivilibre reivilibre merged commit 08c56c3 into develop Mar 4, 2025
39 checks passed
@reivilibre reivilibre deleted the quenting/mas/explicit-device-id branch March 4, 2025 13:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reivilibre reivilibre reivilibre approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sandhose @reivilibre