Skip to content

matrix-sdk 0.11.0

Latest
Latest
Compare
Choose a tag to compare
@Hywan Hywan released this 11 Apr 09:32
· 107 commits to main since this release
matrix-sdk-0.11.0
This tag was signed with the committer’s verified signature.
Hywan Ivan Enderlin
SSH Key Fingerprint: OJUPrekqzQbLIBxmrpBBSRWo/6HBD9Qst+2IBVxlZDQ
Verified
Learn about vigilant mode.
1e938df
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

Features

  • Room::load_or_fetch_event() is a new method that will find an event in the event cache (if
    enabled), or using network like Room::event() does.
    (#4837)

  • [breaking]: The element call widget URL configuration struct
    (VirtualElementCallWidgetOptions) and URL generation have changed.

    • It supports the new fields: hide_screensharing, posthog_api_host, posthog_api_key,
      rageshake_submit_url, sentry_dsn, sentry_environment.
    • The widget URL will no longer automatically add /room to the base domain. For backward compatibility
      the app itself would need to add /room to the element_call_url.
    • And replaced:
      • analytics_id -> posthog_user_id (The widget URL query parameters will
        include analytics_id & posthog_user_id for backward compatibility)
      • skip_lobby -> intent (Intent.StartCall, Intent.JoinExisting.
        The widget URL query parameters will include skip_lobby if intent is
        Intent.StartCall for backward compatibility)
    • VirtualElementCallWidgetOptions now implements Default.
      (#4822)

  • [breaking]: The RoomPagination::run_backwards method has been removed and replaced by two
    simpler methods:

    • RoomPagination::run_backwards_until(), which will retrigger back-paginations until a certain
      number of events have been received (and retry if the timeline has been reset in the background).
    • RoomPagination::run_backwards_once(), which will run a single back-pagination (and retry if
      the timeline has been reset in the background).
      (#4689)

  • [breaking]: The OAuth::account_management_url method now caches the
    result of a call, subsequent calls to the method will not contact the server
    for a while, instead the cached URI will be returned. If caching of this URI
    is not desirable, the OAuth::fetch_account_management_url method can be used.
    (#4663)

  • The MediaRetentionPolicy can now trigger regular cleanups with its new
    cleanup_frequency setting.
    (#4603)

  • [breaking] The HTTP client only allows TLS 1.2 or newer, as recommended by
    BCP 195.
    (#4647)

  • Add Room::report_room api. (#4713)

  • Client::notification_client will create a copy of the existing Client,
    but now it'll make sure it doesn't handle any verification events to
    avoid an issue with these events being received and processed twice if
    NotificationProcessSetup was SingleSetup.

  • [breaking] Room::is_encrypted is replaced by
    Room::latest_encryption_state which returns a value of the new
    EncryptionState enum; another Room::encryption_state non-async and
    infallible method is added to get the EncryptionState without calling
    Room::request_encryption_state. This latter method is also now public.
    (#4777). One can
    safely replace:

    room.is_encrypted().await?

    by

    room.latest_encryption_state().await?.is_encrypted()

  • LocalServerBuilder, behind the local-server feature, can be used to spawn
    a server when the end-user needs to be redirected to an address on localhost.
    It was used for SsoLoginBuilder and can now be used in other cases, like for
    login with the OAuth 2.0 API.
    (#4804)

  • The OAuth api is no longer gated behind the experimental-oidc cargo
    feature.
    (#4830)

  • Re-export SqliteStoreConfig and add
    ClientBuilder::sqlite_store_with_config_and_cache_path to configure the
    SQLite store with the new SqliteStoreConfig structure
    (#4870)

  • Add Client::logout() that allows to log out regardless of the AuthApi that
    is used for the session.
    (#4886)

Bug Fixes

  • Ensure all known secrets are removed from secret storage when invoking the
    Recovery::disable() method. While the server is not guaranteed to delete
    these secrets, making an attempt to remove them is considered good practice.
    Note that all secrets are uploaded to the server in an encrypted form.
    (#4629)
  • Most of the features in the OAuth API should now work under WASM
    (#4830)

Refactor

  • [breaking] Switched from the unmaintained backoff crate to the backon
    crate. As part of this change, the RequestConfig::retry_limit method was
    renamed to RequestConfig::max_retry_time and the parameter for the method was
    updated from a u64 to a usize.
    (#4916)
  • [breaking] We now require Rust 1.85 as the minimum supported Rust version to compile.
    Yay for async closures!
    (#4745)
  • [breaking] The server_url and server_response methods of
    SsoLoginBuilder are replaced by server_builder(), which allows more
    fine-grained settings for the server.
    (#4804
  • [breaking]: OidcSessionTokens and MatrixSessionTokens have been merged
    into SessionTokens. Methods to get and watch session tokens are now
    available directly on Client.
    (MatrixAuth/Oidc)::session_tokens_stream(), can be replaced by
    Client::subscribe_to_session_changes() and then calling
    Client::session_tokens() on a SessionChange::TokenRefreshed.
    (#4772)
  • [breaking] Oidc::url_for_oidc() doesn't take the VerifiedClientMetadata
    to register as an argument, the one in OidcRegistrations is used instead.
    However it now takes the redirect URI to use, instead of always using the
    first one in the client metadata.
    (#4771)
  • [breaking] The server_url and server_response methods of
    SsoLoginBuilder are replaced by server_builder(), which allows more
    fine-grained settings for the server.
  • [breaking]: Rename the Oidc API to OAuth, since it's using almost
    exclusively OAuth 2.0 rather than OpenID Connect.
    (#4805)
    • The oidc module was renamed to oauth.
    • Client::oidc() was renamed to Client::oauth() and the AuthApi::Oidc
      variant was renamed to AuthApi::OAuth.
    • OidcSession was renamed to OAuthSession and the AuthSession::Oidc
      variant was renamed to AuthSession::OAuth.
    • OidcAuthCodeUrlBuilder and OidcAuthorizationData were renamed to
      OAuthAuthCodeUrlBuilder and OAuthAuthorizationData.
    • OidcError was renamed to OAuthError and the RefreshTokenError::Oidc
      variant was renamed to RefreshTokenError::OAuth.
    • Oidc::provider_metadata() was renamed to OAuth::server_metadata().
  • [breaking]: OAuth::finish_login() must always be called, instead of OAuth::finish_authorization()
    (#4817)
    • OAuth::abort_authorization() was renamed to OAuth::abort_login().
    • OAuth::finish_login() can be called several times for the same session,
      but it will return an error if it is called with a new session.
    • OAuthError::MissingDeviceId was removed, it cannot occur anymore.
  • [breaking] OidcRegistrations was renamed to OAuthRegistrationStore.
    (#4814)
    • OidcRegistrationsError was renamed to OAuthRegistrationStoreError.
    • The registrations module was renamed and is now private.
      OAuthRegistrationStore and ClientId are exported from oauth, and
      OAuthRegistrationStoreError is exported from oauth::error.
    • All the methods of OAuthRegistrationStore are now async and return a
      Result: errors when reading the file are no longer ignored, and blocking
      I/O is performed in a separate thread.
    • OAuthRegistrationStore::new() takes a PathBuf instead of a Path.
    • OAuthRegistrationStore::new() no longer takes a static_registrations
      parameter. It should be provided if needed with
      OAuthRegistrationStore::with_static_registrations().
  • [breaking] Allow to use any registration method with OAuth::login() and
    OAuth::login_with_qr_code().
    (#4827)
    • OAuth::login takes an optional ClientRegistrationData to be able to
      register and login with a single function call.
    • OAuth::url_for_oidc() was removed, it can be replaced by a call to
      OAuth::login().
    • OAuth::login_with_qr_code() takes an optional ClientRegistrationData
      instead of the client metadata.
    • OAuth::finish_login takes a UrlOrQuery instead of an
      AuthorizationCode. The deserialization of the query string will occur
      inside the method and eventual errors will be handled.
    • OAuth::login_with_oidc_callback() was removed, it can be replaced by a
      call to OAuth::finish_login().
    • AuthorizationResponse, AuthorizationCode and AuthorizationError are
      now private.
  • [breaking] - OAuth::account_management_url() and
    OAuth::fetch_account_management_url() don't take an action anymore but
    return an AccountManagementUrlBuilder. The final URL can be obtained with
    AccountManagementUrlBuilder::build().
    (#4831)
  • [breaking] Client::store is renamed state_store
    (#4851)
  • [breaking] The parameters event_id and enforce_thread on [Room::make_reply_event()]
    have been wrapped in a reply struct parameter.
    (#4880)
  • [breaking]: The Oidc API was updated to match the latest version of the
    next-gen auth MSCs. The most notable change is that these MSCs are now based
    on OAuth 2.0 rather then OpenID Connect. To reflect that, most types have been
    renamed, with the Oidc prefix changed to OAuth. The API has also been
    cleaned up, it is now simpler and has fewer methods while keeping most of the
    available features. Here is a detailed list of changes:
    • Rename the Oidc API to OAuth, since it's using almost exclusively OAuth
      2.0 rather than OpenID Connect.
      (#4805)
      • The oidc module was renamed to oauth.
      • Client::oidc() was renamed to Client::oauth() and the AuthApi::Oidc
        variant was renamed to AuthApi::OAuth.
      • OidcSession was renamed to OAuthSession and the AuthSession::Oidc
        variant was renamed to AuthSession::OAuth.
      • OidcAuthCodeUrlBuilder and OidcAuthorizationData were renamed to
        OAuthAuthCodeUrlBuilder and OAuthAuthorizationData.
      • OidcError was renamed to OAuthError and the RefreshTokenError::Oidc
        variant was renamed to RefreshTokenError::OAuth.
      • Oidc::provider_metadata() was renamed to OAuth::server_metadata().
    • The authentication::qrcode module was moved inside authentication::oauth,
      because it is only available through the OAuth API.
      (#4687)
    • The OAuth API only supports public clients, i.e. clients
      without a secret.
      (#4634)
      • OAuth::restore_registered_client() takes a ClientId instead of
        ClientCredentials
      • OAuth::restore_registered_client() must NOT be called after
        OAuth::register_client() anymore.
    • Oidc::authorize_scope() was removed because it has no use
      case anymore, according to the latest version of
      MSC2967.
      (#4664)
    • The OAuth API uses the GET /auth_metadata endpoint from the
      latest version of MSC2965
      by default. The previous GET /auth_issuer endpoint is still supported as a
      fallback for now.
      (#4673)
      • It is not possible to provide a custom issuer anymore:
        Oidc::given_provider_metadata() was removed, and the parameter was
        removed from OAuth::register_client().
      • Oidc::fetch_authentication_issuer() was removed. To check if the
        homeserver supports OAuth 2.0, use OAuth::server_metadata().
      • OAuth::server_metadata() returns an OAuthDiscoveryError. It has a
        NotSupported variant and an is_not_supported() method to check if the
        error is due to the server not supporting OAuth 2.0.
      • OAuthError::MissingAuthenticationIssuer was removed.
    • The behavior of OAuth::logout() is now aligned with
      MSC4254
      (#4674)
      • Support for RP-Initiated Logout
        was removed, so it doesn't return an OidcEndSessionUrlBuilder anymore.
      • Only one request is made to revoke the access token, since the server is
        supposed to revoke both the access token and the associated refresh token
        when the request is made.
    • Remove most of the parameter methods of OAuthAuthCodeUrlBuilder, since
      they were parameters defined in OpenID Connect. Only the prompt and
      user_id_hint parameters are still supported.
      (#4699)
    • Remove support for ID tokens in the OAuth API.
      (#4726)
      • OAuth::restore_registered_client() doesn't take a
        VerifiedClientMetadata anymore.
      • Oidc::latest_id_token() and Oidc::client_metadata() were removed.
    • The OAuth API makes use of the oauth2 and ruma crates rather than
      mas-oidc-client.
      (#4761)
      (#4789)
      • ClientId is a different type reexported from the oauth2 crate.
      • The error types that were in the oauth module have been moved to the
        oauth::error module.
      • The device_id parameter of OAuth::login is now an
        Option<OwnedDeviceId>.
      • The state field of OAuthAuthorizationData and the parameter of the
        same name in OAuth::abort_login() now use CsrfToken.
      • The types and requests modules are gone and the necessary types are
        exported from the oauth module or available from ruma.
      • AccountManagementUrlFull now takes an OwnedDeviceId when a device ID
        is required.
      • (Verified)ProviderMetadata was replaced by AuthorizationServerMetadata.
      • OAuth::register_client() doesn't accept a software statement anymore.
      • (Verified)ClientMetadata was replaced by Raw<ClientMetadata>.
        ClientMetadata is an opinionated type that only supports the fields
        required for the OAuth API, however any type can be used to construct
        the metadata by serializing it to JSON and converting it.
    • OAuth::finish_login() must always be called, instead of
      OAuth::finish_authorization()
      (#4817)
      • OAuth::abort_authorization() was renamed to OAuth::abort_login().
      • OAuth::finish_login() can be called several times for the same session,
        but it will return an error if it is called with a new session.
      • OAuthError::MissingDeviceId was removed, it cannot occur anymore.
    • Allow to use any registration method with OAuth::login() and
      OAuth::login_with_qr_code().
      (#4827)
      • OAuth::login takes an optional ClientRegistrationData to be able to
        register and login with a single function call.
      • OAuth::url_for_oidc() was removed, it can be replaced by a call to
        OAuth::login().
      • OAuth::login_with_qr_code() takes an optional ClientRegistrationData
        instead of the client metadata.
      • OAuth::finish_login takes a UrlOrQuery instead of an
        AuthorizationCode. The deserialization of the query string will occur
        inside the method and eventual errors will be handled.
      • OAuth::login_with_oidc_callback() was removed, it can be replaced by a
        call to OAuth::finish_login().
      • AuthorizationResponse, AuthorizationCode and AuthorizationError are
        now private.
    • OAuth::account_management_url() and
      OAuth::fetch_account_management_url() don't take an action anymore but
      return an AccountManagementUrlBuilder. The final URL can be obtained with
      AccountManagementUrlBuilder::build().
      (#4831)
    • OidcRegistrations was removed. Clients are supposed to re-register with
      the homeserver for every login.
      (#4879)
    • OAuth::restore_registered_client() doesn't take an issuer anymore.
      (#4879)
      • Oidc::issuer() was removed.
      • The issuer field of UserSession was removed.
  • SendHandle::media_handles was generalized into a vector
    (#4898)
Assets 2
Loading