Update appservice tests to check for access token in header vs query params

matrix-org / sytest

Black-box integration testing for Matrix homeservers

Apache License 2.0

71 stars 55 forks source link

Update appservice tests to check for access token in header vs query params #1362

Closed H-Shay closed 1 year ago

H-Shay commented 1 year ago

Synapse v1.81.0 deprecated application service authorization via query parameters - authorization should now be sent via Authorization header. This PR (I hope, Perl is not my native language) changes two appservice tests to stop checking the query params for the access token and to check for them instead in the Authorization header.

H-Shay commented 1 year ago

Seems that the Dendrite failures are not related?

DMRobertson commented 1 year ago

Sanity check: the spec says

The access_token should be supplied through the Authorization header where possible to prevent the token appearing in HTTP request logs by accident.

DMRobertson commented 1 year ago

Seems that the Dendrite failures are not related?

I concur, looks like Dendrite is failing on the main branch with the same set of tests.

H-Shay commented 1 year ago

Merged #1362 into develop, thanks for the review!