archive
/
matrix-spec-proposals
mirror of https://github.com/matrix-org/matrix-spec-proposals
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update 3pid invite section to reflect signed property

Browse Source
pull/114/head
Daniel Wagner-Hall 9 years ago
parent 5881faeb83
commit 6161a920b6
3 changed files with 33 additions and 9 deletions
Show Stats Download Patch File Download Diff File

10
event-schemas/examples/v1/m.room.member
Unescape Escape View File

@ -8,7 +8,15 @@
"token": "pc98", "token": "pc98",
"public_key": "abc123", "public_key": "abc123",
"key_validity_url": "https://magic.forest/verifykey", "key_validity_url": "https://magic.forest/verifykey",
"signature": "q1w2e3", "signed": {
"mxid": "@alice:localhost",
"token": "pc98",
"signatures": {
"magic.forest": {
"ed25519:0": "poi098"
}
}
},
"sender": "@zun:zun.soft" "sender": "@zun:zun.soft"
} }
}, },

20
event-schemas/schema/v1/m.room.member
Unescape Escape View File

@ -38,9 +38,23 @@
"type": "string", "type": "string",
"description": "A base64-encoded ed25519 key with which token must be signed." "description": "A base64-encoded ed25519 key with which token must be signed."
}, },
"signature": { "signed": {
"type": "string", "type": "object",
"description": "A base64-encoded signature of token with public_key." "title": "signed_third_party_invite",
"properties": {
"mxid": {
"type": "string",
"description": "The invited matrix user ID. Must be equal to the user_id property of the event."
},
"token": {
"type": "string",
"description": "The token property of the containing third_party_invite object.",
},
"signatures": {
"type": "object",
"description": "A single signature from the verifying server, in the format specified by the Signing Events section."
}
}
}, },
"sender": { "sender": {
"type": "string", "type": "string",

12
specification/modules/third_party_invites.rst
Unescape Escape View File

@ -36,7 +36,8 @@ A client asks a server to invite a user by their third party identifier.
Server behaviour Server behaviour
---------------- ----------------
All homeservers MUST verify that sig(``token``, ``public_key``) = ``signature``. All homeservers MUST verify the signature in the ``signed`` property of the
``third_party_invite`` property in the ``content`` the event.
If a client of the current homeserver is joining by an If a client of the current homeserver is joining by an
``m.room.third_party_invite``, that homesever MUST validate that the public ``m.room.third_party_invite``, that homesever MUST validate that the public
@ -93,11 +94,12 @@ For example:
When the third party user validates their identity, they are told about the When the third party user validates their identity, they are told about the
invite, and ask their homeserver, H3, to join the room. invite, and ask their homeserver, H3, to join the room.
H3 validates that sign(``token``, ``public_key``) = ``signature``, and may check H3 validates that signature in the ``signed`` property of the
``key_validity_url``. ``third_party_invite`` property of the ``content`` property of the event,
and may check ``key_validity_url``.
H3 then asks H1 to join it to the room. H1 *must* validate that H3 then asks H1 to join it to the room. H1 *must* validate the ``signed``
sign(``token``, ``public_key``) = ``signature`` *and* check ``key_validity_url``. property *and* check ``key_validity_url``.
Having validated these things, H1 writes the join event to the room, and H3 Having validated these things, H1 writes the join event to the room, and H3
begins participating in the room. H2 *must* accept this event. begins participating in the room. H2 *must* accept this event.

Write Preview
Loading…
Cancel
Save