only allow auth token to be sent through header

src/api/client.rs

@@ -54,7 +54,6 @@ pub struct Client {
     access_token: Option<String>,
     mxid: Option<String>,
     default_492_wait_ms: u64,
-    use_auth_header: bool,
     reqwest_client: reqwest_client,
 }
 
@@ -64,7 +63,6 @@ impl Client {
         access_token: Option<String>,
         mxid: Option<String>,
         default_492_wait_ms: Option<u64>,
-        use_auth_header: Option<bool>,
     ) -> Result<Self, MatrixParseError> {
         let url = Url::parse(homeserver_url)?;
         if url.scheme().is_empty() {
@@ -76,7 +74,6 @@ impl Client {
             access_token,
             mxid,
             default_492_wait_ms: default_492_wait_ms.unwrap_or_else(|| 5000),
-            use_auth_header: use_auth_header.unwrap_or_else(|| true),
             reqwest_client: reqwest_client::new(),
         })
     }
@@ -86,7 +83,7 @@ impl Client {
     ///
     /// The header will automatically be populated with a user agent and have
     /// the content type set to `application/json`. If a token was provided, it
-    /// will be used as a bearer auth header or as a query.
+    /// will be used for the Authorization header.
     ///
     /// This is a blocking, synchronous send. If the response from the
     /// homeserver indicates that too many requests were sent, it will attempt
@@ -123,11 +120,7 @@ impl Client {
         }
 
         if let Some(token) = &self.access_token {
-            if self.use_auth_header {
-                request = request.bearer_auth(token);
-            } else {
-                query_params.insert("access_token".to_string(), token.to_string());
-            }
+            request = request.bearer_auth(token);
         }
 
         if let Some(id) = &self.mxid {
@@ -168,6 +161,7 @@ impl Client {
         }
     }
 
+    /// Helper method for sending query-based requests.
     fn send_query(
         &self,
         method: MatrixHTTPMethod,