Open Thatoo opened 1 year ago
Right. The simplest way is just to copy-paste it from an existing client.
However, this has the downside of tying these sessions together: if logging out of that client, both the puppet and the client will be logged out. I suggest opening https://app.element.io in a private browsing session and logging in there to obtain a fresh access token, then giving that to the bridge, and closing the private browsing session.
There are other possibilities, including logging in with curl
on the command line, but it's probably easier to use a Matrix client, which is likely to support the authentication flow (Password, Single-Sign-On, 2FA, etc) requested by your Matrix server.
Mautrix doc (note that it's possible to automatically generate tokens for the local matrix server users, we should probably add support for this somewhere after #24 ): https://docs.mau.fi/bridges/general/double-puppeting.html?highlight=token#manually
The Matrix specification regarding this lives there: https://www.matrix.org/docs/guides/client-server-api#login
I should probably make a wiki entry or something, or at least link to this answer from the Readme, you are right.
Thank you for these explanation and I guess it is indeed a good start to make a link to this answer in the Readme. Reading the link you gave, I reach to https://docs.mau.fi/bridges/general/double-puppeting.html#automatically and I wonder if it would not be a good idea to make a yunohost matrix-synapse-shared-secret-auth app ? This app could then be used by all different bridges that allow double puppeting.
When I tried with the access token of my Element desktop, the bot told me :
The given access token is for a device that has encryption keys set up. Please provide a fresh token, don't reuse one from another client.
I'll try with https://app.element.io/
Ah, good catch, I didn't think of this. I'm not sure it will work with element.io, then :/
The shared app is indeed a good idea, but that's one more thing admins will need to take care of.
I tried on app.element.io and I got the same answer from the bot....
I suceeded with this command by ssh in my server :
curl -XPOST -d '{"type":"m.login.password","identifier":{"type": "m.id.user", "user": "MYYUNOHOSTUSERNAME"},"password":"MYYUNOHOSTPASSWORD","initial_device_display_name":"signal bridge"}' https://MYYUNOHOSTSYNAPSESERVERADDRESS/_matrix/client/v3/login
Actually, would it not be possible to modify the signalbot command matrix-login
in a way that,if the user don't add any
It would require changing both the client (Element) and the bot, agree to a protocol, and this might open a whole new can of worms.
Unfortunately, password login may be disabled on some servers, making the CURL method impossible to use. Not to mention not user-friendly. We could use a modified version of Element or another dummy web app, that does not set up encryption, and host it.
In the Readme, it is written :
Would it be possible to explain how a user can get this ?