Modernize appservice paths and authentication (#3316)

This brings Dendrite's appservice spec support up to v1.4, from the previous level of pre-release-spec support only (even r0.1.0 wasn't supported for pushing transactions 🙃). There are config options to revert to the old behavior, but the default is v1.4+ only. [Synapse also does that](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#use_appservice_legacy_authorization) mautrix bridges will drop support for legacy paths and authentication soon (and possibly also require matrix v1.4 to be advertised, but I might add some workaround to not require that for dendrite) Signed-off-by: Tulir Asokan <tulir@maunium.net>
2024-02-03 18:56:13 +01:00 · 2024-02-03 18:56:13 +01:00 · 0f6b81f456
commit 0f6b81f456
parent a3a18fbcce
5 changed files with 95 additions and 39 deletions
--- a/dendrite-sample.yaml
+++ b/dendrite-sample.yaml
@ -154,6 +154,13 @@ app_service_api:
  # to be sent to an insecure endpoint.
  disable_tls_validation: false

+  # Send the access_token query parameter with appservice requests in addition
+  # to the Authorization header. This can cause hs_tokens to be saved to logs,
+  # so it should not be enabled unless absolutely necessary.
+  legacy_auth: false
+  # Use the legacy unprefixed paths for appservice requests.
+  legacy_paths: false
+
  # Appservice configuration files to load into this homeserver.
  config_files:
  #  - /path/to/appservice_registration.yaml