Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow logging in with an access token #155

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

gabrc52
Copy link

@gabrc52 gabrc52 commented Feb 14, 2024

For instance, in homeservers which only support single-sign-on, logging in with an access token is useful

@gabrc52 gabrc52 changed the title Allow login in with an access token Allow logging in with an access token Feb 14, 2024
@HarHarLinks HarHarLinks added the enhancement New feature or request label Feb 14, 2024
Copy link
Collaborator

@HarHarLinks HarHarLinks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this contribution. It looks like a good addition, though I've yet to try it out.

Please add some documentation about how to obtain an access token.

I foresee one possible issue, namely that certain access tokens need to get refreshed. We need to communicate that those are not supported, how to check if a token will need to get refreshed, and document how to obtain one that does not need refreshing. https://spec.matrix.org/latest/client-server-api/#refreshing-access-tokens

# The public URL at which the homeserver's Client-Server API can be accessed
homeserver_url: https://example.com
# The device ID that is a **non pre-existing** device
# If this device ID already exists, messages will be dropped silently in
# encrypted rooms
# (if using token login type, request the token with this device_id)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above. the wording should be adjusted accordingly, like "only used with password; ignored in favor of existing device id with token login". also the existing description only really fits the password login, so i think we need to reword the whole thing.

logger.fatal("your access_token is likely wrong")
return False

assert whoami_response.device_id == CONFIG.device_id
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this fail hard? What happens if the "wrong" device_id would be passed to AsyncClient? What do you think about setting

CONFIG.device_id = whoami_response.device_id

instead and printing a warning?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants