You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
180 lines
6.8 KiB
YAML
180 lines
6.8 KiB
YAML
6 years ago
|
# Copyright 2018 New Vector Ltd
|
||
|
#
|
||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
# you may not use this file except in compliance with the License.
|
||
|
# You may obtain a copy of the License at
|
||
|
#
|
||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||
|
#
|
||
|
# Unless required by applicable law or agreed to in writing, software
|
||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
# See the License for the specific language governing permissions and
|
||
|
# limitations under the License.
|
||
|
swagger: '2.0'
|
||
|
info:
|
||
6 years ago
|
title: "Matrix Identity Service Phone Number Associations API"
|
||
6 years ago
|
version: "1.0.0"
|
||
|
host: localhost:8090
|
||
|
schemes:
|
||
|
- https
|
||
|
basePath: /_matrix/identity/api/v1
|
||
6 years ago
|
consumes:
|
||
|
- application/json
|
||
6 years ago
|
produces:
|
||
|
- application/json
|
||
|
paths:
|
||
|
"/validate/msisdn/requestToken":
|
||
|
post:
|
||
|
summary: Request a token for validating a phone number.
|
||
|
description: |-
|
||
|
Create a session for validating a phone number.
|
||
|
|
||
6 years ago
|
The identity server will send an SMS message containing a token. If
|
||
|
that token is presented to the identity server in the future, it
|
||
6 years ago
|
indicates that that user was able to read the SMS for that phone
|
||
|
number, and so we validate ownership of the phone number.
|
||
|
|
||
6 years ago
|
Note that homeservers offer APIs that proxy this API, adding
|
||
6 years ago
|
additional behaviour on top, for example,
|
||
|
``/register/msisdn/requestToken`` is designed specifically for use when
|
||
|
registering an account and therefore will inform the user if the phone
|
||
|
number given is already registered on the server.
|
||
|
|
||
6 years ago
|
Note: for backwards compatibility with previous drafts of this
|
||
6 years ago
|
specification, the parameters may also be specified as
|
||
|
``application/x-form-www-urlencoded`` data. However, this usage is
|
||
|
deprecated.
|
||
|
operationId: msisdnRequestToken
|
||
5 years ago
|
deprecated: true
|
||
6 years ago
|
parameters:
|
||
|
- in: body
|
||
|
name: body
|
||
|
schema:
|
||
6 years ago
|
$ref: "definitions/request_msisdn_validation.yaml"
|
||
6 years ago
|
responses:
|
||
|
200:
|
||
6 years ago
|
description: Session created.
|
||
6 years ago
|
schema:
|
||
6 years ago
|
$ref: "definitions/sid.yaml"
|
||
6 years ago
|
400:
|
||
|
description: |
|
||
|
An error ocurred. Some possible errors are:
|
||
|
|
||
|
- ``M_INVALID_ADDRESS``: The phone number provided was invalid.
|
||
|
- ``M_SEND_ERROR``: The validation SMS could not be sent.
|
||
6 years ago
|
- ``M_DESTINATION_REJECTED``: The identity server cannot deliver an
|
||
6 years ago
|
SMS to the provided country or region.
|
||
6 years ago
|
examples:
|
||
|
application/json: {
|
||
|
"errcode": "M_INVALID_ADDRESS",
|
||
|
"error": "The phone number is not valid"
|
||
|
}
|
||
|
schema:
|
||
|
$ref: "../client-server/definitions/errors/error.yaml"
|
||
6 years ago
|
"/validate/msisdn/submitToken":
|
||
|
post:
|
||
|
summary: Validate ownership of a phone number.
|
||
|
description: |-
|
||
|
Validate ownership of a phone number.
|
||
|
|
||
|
If the three parameters are consistent with a set generated by a
|
||
|
``requestToken`` call, ownership of the phone number is considered to
|
||
|
have been validated. This does not publish any information publicly, or
|
||
|
associate the phone number address with any Matrix user
|
||
|
ID. Specifically, calls to ``/lookup`` will not show a binding.
|
||
|
|
||
6 years ago
|
The identity server is free to match the token case-insensitively, or
|
||
6 years ago
|
carry out other mapping operations such as unicode
|
||
|
normalisation. Whether to do so is an implementation detail for the
|
||
6 years ago
|
identity server. Clients must always pass on the token without
|
||
6 years ago
|
modification.
|
||
|
|
||
6 years ago
|
Note: for backwards compatibility with previous drafts of this
|
||
6 years ago
|
specification, the parameters may also be specified as
|
||
|
``application/x-form-www-urlencoded`` data. However, this usage is
|
||
|
deprecated.
|
||
|
operationId: msisdnSubmitTokenPost
|
||
5 years ago
|
deprecated: true
|
||
6 years ago
|
parameters:
|
||
|
- in: body
|
||
|
name: body
|
||
|
schema:
|
||
|
type: object
|
||
|
example: {
|
||
6 years ago
|
"sid": "1234",
|
||
|
"client_secret": "monkeys_are_GREAT",
|
||
|
"token": "atoken"
|
||
|
}
|
||
6 years ago
|
properties:
|
||
|
sid:
|
||
|
type: string
|
||
|
description: The session ID, generated by the ``requestToken`` call.
|
||
|
client_secret:
|
||
|
type: string
|
||
|
description: The client secret that was supplied to the ``requestToken`` call.
|
||
|
token:
|
||
|
type: string
|
||
|
description: The token generated by the ``requestToken`` call and sent to the user.
|
||
|
required: ["sid", "client_secret", "token"]
|
||
|
responses:
|
||
|
200:
|
||
|
description:
|
||
|
The success of the validation.
|
||
|
examples:
|
||
|
application/json: {
|
||
6 years ago
|
"success": true
|
||
|
}
|
||
6 years ago
|
schema:
|
||
|
type: object
|
||
|
properties:
|
||
|
success:
|
||
|
type: boolean
|
||
|
description: Whether the validation was successful or not.
|
||
6 years ago
|
required: ['success']
|
||
6 years ago
|
get:
|
||
|
summary: Validate ownership of a phone number.
|
||
|
description: |-
|
||
|
Validate ownership of a phone number.
|
||
|
|
||
|
If the three parameters are consistent with a set generated by a
|
||
|
``requestToken`` call, ownership of the phone number address is
|
||
|
considered to have been validated. This does not publish any
|
||
|
information publicly, or associate the phone number with any Matrix
|
||
|
user ID. Specifically, calls to ``/lookup`` will not show a binding.
|
||
|
|
||
|
Note that, in contrast with the POST version, this endpoint will be
|
||
|
used by end-users, and so the response should be human-readable.
|
||
|
operationId: msisdnSubmitTokenGet
|
||
5 years ago
|
deprecated: true
|
||
6 years ago
|
parameters:
|
||
|
- in: query
|
||
|
type: string
|
||
|
name: sid
|
||
|
required: true
|
||
|
description: The session ID, generated by the ``requestToken`` call.
|
||
|
x-example: 1234
|
||
|
- in: query
|
||
|
type: string
|
||
|
name: client_secret
|
||
|
required: true
|
||
|
description: The client secret that was supplied to the ``requestToken`` call.
|
||
|
x-example: monkeys_are_GREAT
|
||
|
- in: query
|
||
|
type: string
|
||
|
name: token
|
||
|
required: true
|
||
|
description: The token generated by the ``requestToken`` call and sent to the user.
|
||
|
x-example: atoken
|
||
|
responses:
|
||
5 years ago
|
200:
|
||
6 years ago
|
description: Phone number is validated.
|
||
|
"3xx":
|
||
|
description: |-
|
||
|
Phone number address is validated, and the ``next_link`` parameter
|
||
|
was provided to the ``requestToken`` call. The user must be
|
||
|
redirected to the URL provided by the ``next_link`` parameter.
|
||
|
"4xx":
|
||
|
description:
|
||
|
Validation failed.
|