Federation requests must be for local users. (#1672)

This is already mentioned for /user/devices, but is not mentioned for /query/profile, /user/keys/claim, or /user/keys/query.

See GHSA-mp92-3jfm-3575 for an issue found with this in Synapse.

changelogs/server_server/newsfragments/1672.clarification

@@ -0,0 +1 @@
+Clarify that federation requests for non-local users are invalid.

data/api/server-server/query.yaml

@@ -121,7 +121,7 @@ paths:
       parameters:
         - in: query
           name: user_id
-          description: The user ID to query.
+          description: The user ID to query. Must be a user local to the receiving homeserver.
           required: true
           example: "@someone:example.org"
           schema:

data/api/server-server/user_keys.yaml

@@ -34,7 +34,8 @@ paths:
                   type: object
                   description: |-
                     The keys to be claimed. A map from user ID, to a map from
-                    device ID to algorithm name.
+                    device ID to algorithm name. Requested users must be local
+                    to the receiving homeserver.
                   additionalProperties:
                     type: object
                     additionalProperties:
@@ -121,7 +122,8 @@ paths:
                   description: |-
                     The keys to be downloaded. A map from user ID, to a list of
                     device IDs, or to an empty list to indicate all devices for the
-                    corresponding user.
+                    corresponding user.  Requested users must be local to the
+                    receiving homeserver.
                   additionalProperties:
                     type: array
                     items: