Skip to content
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.

Implementation of MSC2918 refresh tokens makes transaction ID scoping in violation of spec #15141

Closed
@hughns

Description

@hughns

MSC2918 proposed the introduction of refresh tokens to Matrix. The proposal was accepted and incorporated into v1.3 of the spec.

The non-compliance can now be demonstrated by means of a Complement test.

#13064 already exists to propose changing the implementation of transaction ID scoping in Synapse to be based on device ID not access token. However, this is also in violation of the spec.

I have created this issue so that it can be a placeholder for making Synapse spec compliant when refresh tokens are used.

However, I don't believe this is a priority right now as refresh tokens are not known to be widely used.

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-Spec-Complianceplaces where synapse does not conform to the specO-UncommonMost users are unlikely to come across this or unexpected workflowS-TolerableMinor significance, cosmetic issues, low or no impact to users.T-DefectBugs, crashes, hangs, security vulnerabilities, or other reported issues.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions