Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-04-03 01:34:10 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #1999 from matrix-org/dbkr/dummy_auth_for_disambiguation

Browse source 
Words on using m.login.dummy for disambiguation
This commit is contained in:
David Baker 2019-05-15 21:32:18 +01:00 committed by GitHub
parent ba18a6e9fa c38581fb86
commit cae07d9e56
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
specification/client_server_api.rst
View file

@ -789,7 +789,14 @@ Dummy Auth
:Description: :Description:
Dummy authentication always succeeds and requires no extra parameters. Its Dummy authentication always succeeds and requires no extra parameters. Its
purpose is to allow servers to not require any form of User-Interactive purpose is to allow servers to not require any form of User-Interactive
Authentication to perform a request. Authentication to perform a request. It can also be used to differentiate
flows where otherwise one flow would be a subset of another flow. eg. if
a server offers flows ``m.login.recaptcha`` and ``m.login.recaptcha,
m.login.email.identity`` and the client completes the recaptcha stage first,
the auth would succeed with the former flow, even if the client was intending
to then complete the email auth stage. A server can instead send flows
``m.login.recaptcha, m.login.dummy`` and ``m.login.recaptcha,
m.login.email.identity`` to fix the ambiguity.
To use this authentication type, clients should submit an auth dict with just To use this authentication type, clients should submit an auth dict with just
the type and session, if provided: the type and session, if provided: