7ed55666b5
This can be reviewed commit by commit There are a few improvements over the experimental support: - authorisation of Synapse <-> MAS requests is simplified, with a single shared secret, removing the need for provisioning a client on the MAS side - the tests actually spawn a real server, allowing us to test the rust introspection layer - we now check that the device advertised in introspection actually exist, making it so that when a user logs out, the tokens are immediately invalidated, even if the cache doesn't expire - it doesn't rely on discovery anymore, rather on a static endpoint base. This means users don't have to override the introspection endpoint to avoid internet roundtrips - it doesn't depend on `authlib` anymore, as we simplified a lot the calls done from Synapse to MAS We still have to update the MAS documentation about the Synapse setup, but that can be done later. --------- Co-authored-by: reivilibre <oliverw@element.io>
2 lines
143 B
Gherkin
2 lines
143 B
Gherkin
Stable support for delegating authentication to [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service/).
|