Open Bug 1701207 Opened 3 years ago Updated 2 years ago

Use matrix fallback auth when we support none of the login methods

Categories

(Chat Core :: Matrix, enhancement)

Product:
Chat Core
Component:
Matrix
Type:
enhancement

Tracking

(Not tracked)

Status:
ASSIGNED

People

(Reporter: freaktechnik, Assigned: freaktechnik)

Details

Attachments

(1 file)

WIP: Bug 1701207 - Support Matrix fallback auth. r=clokep
48 bytes, text/x-phabricator-request
Details | Review

The matrix spec plans for an interactive auth process if the client can handle none of the available methods. We do not currently support this fallback.
There are two fallback sections in the spec:
https://spec.matrix.org/unstable/client-server-api/#login-fallback
https://spec.matrix.org/unstable/client-server-api/#fallback

One is for if we don't support a specific flow, the other if we support none of the provided flows. That's at least my understanding.

The big difference to the SSO flow that we support is that these use JS to report success. We would thus have to support injecting a script into the interactive auth window and communicating with it.

(In reply to Martin Giger [:freaktechnik] from comment #0)

The matrix spec plans for an interactive auth process if the client can handle none of the available methods. We do not currently support this fallback.
There are two fallback sections in the spec:
https://spec.matrix.org/unstable/client-server-api/#login-fallback
https://spec.matrix.org/unstable/client-server-api/#fallback

One is for if we don't support a specific flow, the other if we support none of the provided flows. That's at least my understanding.

This is incorrect. The first is for login, the second is for "user-interactive authentication", which is when you attempt to perform an action that needs you to re-auth (e.g. changing your password). I'm not sure if we allow for any actions that require this at the moment?

(In reply to Patrick Cloke [:clokep] from comment #1)

This is incorrect. The first is for login, the second is for "user-interactive authentication", which is when you attempt to perform an action that needs you to re-auth (e.g. changing your password). I'm not sure if we allow for any actions that require this at the moment?

Ah, that makes sense. Yeah, I don't think we currently support any of the account modifications that require re-auth.

Blocks: 1712710
Assignee: nobody → martin
Status: NEW → ASSIGNED
No longer blocks: 1712710
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: