From d7f60633258110a054b74e0bda1f1f1f13307863 Mon Sep 17 00:00:00 2001 From: Edward Shen Date: Tue, 20 Aug 2019 20:04:13 -0400 Subject: [PATCH] only allow auth token to be sent through header --- src/api/client.rs | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/src/api/client.rs b/src/api/client.rs index ac52e26..2a6dfc9 100644 --- a/src/api/client.rs +++ b/src/api/client.rs @@ -54,7 +54,6 @@ pub struct Client { access_token: Option, mxid: Option, default_492_wait_ms: u64, - use_auth_header: bool, reqwest_client: reqwest_client, } @@ -64,7 +63,6 @@ impl Client { access_token: Option, mxid: Option, default_492_wait_ms: Option, - use_auth_header: Option, ) -> Result { let url = Url::parse(homeserver_url)?; if url.scheme().is_empty() { @@ -76,7 +74,6 @@ impl Client { access_token, mxid, default_492_wait_ms: default_492_wait_ms.unwrap_or_else(|| 5000), - use_auth_header: use_auth_header.unwrap_or_else(|| true), reqwest_client: reqwest_client::new(), }) } @@ -86,7 +83,7 @@ impl Client { /// /// The header will automatically be populated with a user agent and have /// the content type set to `application/json`. If a token was provided, it - /// will be used as a bearer auth header or as a query. + /// will be used for the Authorization header. /// /// This is a blocking, synchronous send. If the response from the /// homeserver indicates that too many requests were sent, it will attempt @@ -123,11 +120,7 @@ impl Client { } if let Some(token) = &self.access_token { - if self.use_auth_header { - request = request.bearer_auth(token); - } else { - query_params.insert("access_token".to_string(), token.to_string()); - } + request = request.bearer_auth(token); } if let Some(id) = &self.mxid { @@ -168,6 +161,7 @@ impl Client { } } + /// Helper method for sending query-based requests. fn send_query( &self, method: MatrixHTTPMethod,