MSC4183: Additional Error Codes for submitToken endpoint #4183
Conversation
turt2live
added
client-server
|
I don't feel as though implementation is required for this MSC. @mscbot fcp merge |
|
Team member @mscbot has proposed to merge this. The next step is review by the rest of the tagged people: Concerns:
Once at least 75% of reviewers approve (and there are no outstanding concerns), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for information about what commands tagged team members can give me. |
turt2live
removed
the
needs-implementation
mscbot
added
proposed-final-comment-period
turt2live
removed
the
needs-implementation
Co-authored-by: Johannes Marbach <[email protected]>
dbkr
changed the title
Spelling / grammar fixes Co-authored-by: Andrew Morgan <[email protected]>
|
@mscbot concern lack of clarity about changes to requestToken |
mscbot
added
the
unresolved-concerns
| Also change the corresponding submitYoken-like API given in the C/S API's definition of [`POST | ||
| /_matrix/client/v3/account/3pid/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidemailrequesttoken) | ||
| to specify that both request and response parameters / error codes are the same as the I/S API version, rather than just parameters, apart from needing an I/S API token. |
There was a problem hiding this comment.
| Also change the corresponding submitYoken-like API given in the C/S API's definition of [`POST | |
| /_matrix/client/v3/account/3pid/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidemailrequesttoken) | |
| to specify that both request and response parameters / error codes are the same as the I/S API version, rather than just parameters, apart from needing an I/S API token. | |
| Also change the `submit_url` field in the response to [`POST | |
| /_matrix/client/v3/account/3pid/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidemailrequesttoken), | |
| to specify that response parameters and error codes are the same as the I/S API version, as well as request parameters. |
There was a problem hiding this comment.
Are you sure about this, by the way? AFAICT synapse currently returns a bit of HTML here.
There was a problem hiding this comment.
I don't think the sample impl (element-hq/synapse#17625) actually changes the email submit-token endpoint.
There was a problem hiding this comment.
So the deal here is that the POST endpoint isn't proxied by Synapse: it doesn't need to be as Sydent's email can just link straight to its own version of the GET endpoint. I've tried to clarify this in 63dcbe0 (it's different for phone numbers because Sydent sends a code for the user to enter rather than a link).
Co-authored-by: Richard van der Hoff <[email protected]>
and how it isn't really a thing in practice
| endpoint in the C/S API also specifies a `submit_url` response parameter, defining its parameters to be the same as the | ||
| Identity API's `submitToken` endpoints. Everything this MSC specifies applies to this endpoint in the same way. | ||
|
|
||
| Note that the email `submitToken` endpoint ([`POST |
There was a problem hiding this comment.
it's a bit confusing that we jump from talking about an endpoint in the C-S API to one in the IS API without mentioning that.
Also, if you're talking specifically about the POST variant, you better say that, rather than saying that the entire endpoint is unused.
There was a problem hiding this comment.
Yes - sort of, I don't think there is a POST variant for email on the C/S API. Hopefully clearer in af1dc86.
There was a problem hiding this comment.
This is still confusing: we still jump from talking about an endpoint in the C-S API to one in the IS API without mentioning that.
| Also change the `submit_url` field in the response to [`POST | ||
| /_matrix/client/v3/account/3pid/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidemailrequesttoken), | ||
| to specify that response parameters and error codes are the same as the I/S API version, as well as request parameters. |
There was a problem hiding this comment.
why does this only apply to POST /_matrix/client/v3/account/3pid/email/requestToken, and not also:
POST /_matrix/client/v3/account/password/email/requestTokenPOST /_matrix/client/v3/account/password/msisdn/requestTokenPOST /_matrix/client/v3/register/email/requestTokenPOST /_matrix/client/v3/register/msisdn/requestTokenPOST /_matrix/client/v3/account/3pid/msisdn/requestToken
?
There was a problem hiding this comment.
Mmm, yeah - I'd done it as only editing what I needed to, but you're right, they should be consistent. Changed in 0f43a51.
...from the other requestToken enpoints Also try to further clarify the note about the largely unused POST email submitToken
|
|
||
| ## Proposal | ||
|
|
||
| Add the following specific error code as a code that can be returned by the two endpoints given above: |
There was a problem hiding this comment.
not least because there are now at least three different endpoints given above, I think you should restate which endpoints are changing here.
| * [`POST /_matrix/client/v3/register/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3registeremailrequesttoken) | ||
| * [`POST /_matrix/client/v3/register/msisdn/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3registerrequesttoken) | ||
| * [`POST /_matrix/client/v3/account/3pid/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidemailrequesttoken) | ||
| * [`POST /_matrix/client/v3/account/3pid/msisdn/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3account3pidmsisdnrequesttoken) | ||
| * [`POST /_matrix/client/v3/account/password/email/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3accountpasswordemailrequesttoken) | ||
| * [`POST /_matrix/client/v3/account/password/msisdn/requestToken`](https://spec.matrix.org/v1.11/client-server-api/#post_matrixclientv3accountpasswordmsisdnrequesttoken) |
There was a problem hiding this comment.
haven't checked this morning, but I'm pretty sure your synapse implementation PR doesn't change all of these.
(I don't think synapse returns a submit_url from the email/requestToken endpoints, but it does from the msisdn/requestToken endpoints, and you haven't updated all the implementations of those submit_url endpoints.)
There was a problem hiding this comment.
It actually does (so it's just as well we included the other endpoints): the various different rest classes use that function in the handler to do the request to the ID server and then the error code is in the exception that it throws.
Co-authored-by: Richard van der Hoff <[email protected]>
Rendered
Impls:
Sydent: matrix-org/sydent#592
Synapse: element-hq/synapse#17625
Element Web/Desktop: matrix-org/matrix-react-sdk#12936
FCP tickyboxes