From ba4c4992f66dea00d190196d2ac4b2c3b6e61a79 Mon Sep 17 00:00:00 2001
From: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
Date: Tue, 18 Jun 2024 15:16:21 +0200
Subject: [PATCH] Add support for getting authenticated federation media

---
 fclient/federationclient.go | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/fclient/federationclient.go b/fclient/federationclient.go
index c4fa2cc6..bec7a0c3 100644
--- a/fclient/federationclient.go
+++ b/fclient/federationclient.go
@@ -64,6 +64,8 @@ type FederationClient interface {
 		ctx context.Context, origin, s spec.ServerName, userID string, field string,
 	) (res RespProfile, err error)
 
+	DownloadMedia(ctx context.Context, origin, destination spec.ServerName, mediaID string) (res *http.Response, err error)
+
 	P2PSendTransactionToRelay(ctx context.Context, u spec.UserID, t gomatrixserverlib.Transaction, forwardingServer spec.ServerName) (res EmptyResp, err error)
 	P2PGetTransactionFromRelay(ctx context.Context, u spec.UserID, prev RelayEntry, relayServer spec.ServerName) (res RespGetRelayTransaction, err error)
 }
@@ -736,3 +738,31 @@ func (ac *federationClient) RoomHierarchy(
 	}
 	return
 }
+
+func (ac *federationClient) DownloadMedia(
+	ctx context.Context, origin, destination spec.ServerName, mediaID string,
+) (res *http.Response, err error) {
+	var identity *SigningIdentity
+	for _, id := range ac.identities {
+		if id.ServerName == origin {
+			identity = id
+			break
+		}
+	}
+	if identity == nil {
+		return nil, fmt.Errorf("no signing identity for server name %q", origin)
+	}
+
+	path := federationPathPrefixV1 + "/media/download/" + url.PathEscape(mediaID)
+	req := NewFederationRequest("GET", origin, destination, path)
+
+	if err := req.Sign(identity.ServerName, identity.KeyID, identity.PrivateKey); err != nil {
+		return nil, err
+	}
+
+	httpReq, err := req.HTTPRequest()
+	if err != nil {
+		return nil, err
+	}
+	return ac.DoHTTPRequest(ctx, httpReq)
+}