Use matrix fallback auth when we support none of the login methods
Categories
(Chat Core :: Matrix, enhancement)
Tracking
(Not tracked)
People
(Reporter: freaktechnik, Assigned: freaktechnik)
Details
Attachments
(1 file)
The matrix spec plans for an interactive auth process if the client can handle none of the available methods. We do not currently support this fallback.
There are two fallback sections in the spec:
https://spec.matrix.org/unstable/client-server-api/#login-fallback
https://spec.matrix.org/unstable/client-server-api/#fallback
One is for if we don't support a specific flow, the other if we support none of the provided flows. That's at least my understanding.
The big difference to the SSO flow that we support is that these use JS to report success. We would thus have to support injecting a script into the interactive auth window and communicating with it.
Comment 1•4 years ago
|
||
(In reply to Martin Giger [:freaktechnik] from comment #0)
The matrix spec plans for an interactive auth process if the client can handle none of the available methods. We do not currently support this fallback.
There are two fallback sections in the spec:
https://spec.matrix.org/unstable/client-server-api/#login-fallback
https://spec.matrix.org/unstable/client-server-api/#fallbackOne is for if we don't support a specific flow, the other if we support none of the provided flows. That's at least my understanding.
This is incorrect. The first is for login, the second is for "user-interactive authentication", which is when you attempt to perform an action that needs you to re-auth (e.g. changing your password). I'm not sure if we allow for any actions that require this at the moment?
Assignee | ||
Comment 2•4 years ago
|
||
(In reply to Patrick Cloke [:clokep] from comment #1)
This is incorrect. The first is for login, the second is for "user-interactive authentication", which is when you attempt to perform an action that needs you to re-auth (e.g. changing your password). I'm not sure if we allow for any actions that require this at the moment?
Ah, that makes sense. Yeah, I don't think we currently support any of the account modifications that require re-auth.
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 3•3 years ago
|
||
Description
•