Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2025-12-24 01:58:36 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Hopefully improve words around M_EXCLUSIVE

Browse source
This commit is contained in:
Will Hunt 2021-05-05 23:10:00 +01:00 committed by GitHub
parent b8ab3d0c87
commit c8e0ed6062
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
proposals/2778-appservice-login.md
View file

@ -17,9 +17,7 @@ case of software where maintaining password(s) in the configuration is undesirab
## Proposal
A new `type` is to be added to `POST /login`.
`m.login.application_service`
A new `type` is to be added to `POST /login`: `m.login.application_service`
The `/login` endpoint may now take an `access_token` in the same way that other
authenticated endpoints do. No additional parameters should be specified in the request body.
@ -43,15 +41,16 @@ new flows.
The response body should be unchanged from the existing `/login` specification.
If:
If one of the following conditions are true:
- The access token is not provided
- The access token does not correspond to a appservice
- Or the user has not previously been registered
Then the servers should reject with HTTP 403, with an `errcode` of `"M_FORBIDDEN"`.
Then the servers MUST reject with HTTP 403, with an `errcode` of `"M_FORBIDDEN"`.
If the access token does not correspond to a appservice that manages this user, then the `errcode` should be `"M_EXCLUSIVE"`.
If the access token DOES correspond to a appservice but the user is not inside it's namespace,
then the `errcode` should be `"M_EXCLUSIVE"`.
Homeservers should ignore the `access_token` parameter if a type other than
`m.login.application_service` has been provided.