From ab0c1bc054247f732e66dd2b424d8c3a12a5e492 Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Mon, 10 Jun 2019 08:41:35 +0100
Subject: [PATCH] Add changelog, update imperative check, rename sid.yaml

---
 api/client-server/administrative_contact.yaml | 14 +++++----
 .../{sid.yaml => request_token_response.yaml} |  0
 api/client-server/registration.yaml           | 30 +++++++++----------
 .../client_server/newsfragments/2101.breaking |  1 +
 4 files changed, 25 insertions(+), 20 deletions(-)
 rename api/client-server/definitions/{sid.yaml => request_token_response.yaml} (100%)
 create mode 100644 changelogs/client_server/newsfragments/2101.breaking

diff --git a/api/client-server/administrative_contact.yaml b/api/client-server/administrative_contact.yaml
index 4c1ea2e73..4438b643b 100644
--- a/api/client-server/administrative_contact.yaml
+++ b/api/client-server/administrative_contact.yaml
@@ -135,7 +135,7 @@ paths:
           description: The addition was successful.
           examples:
             application/json: {
-                "submit_url": "https://example.org/path/to/submitToken"
+              "submit_url": "https://example.org/path/to/submitToken"
             }
             schema:
               type: object
@@ -235,7 +235,9 @@ paths:
         the |/register/email/requestToken|_ endpoint. The homeserver has the
         choice of validating the email address itself, or proxying the request
         to the ``/validate/email/requestToken`` Identity Service API as
-        identified by ``id_server``.
+        identified by ``id_server``. It is imperative that the
+        homeserver keep a list of trusted Identity Servers and only proxies to
+        those that it trusts.
       operationId: requestTokenTo3PIDEmail
       parameters:
         - in: body
@@ -260,7 +262,7 @@ paths:
             email containing the validation token or it may be informing the
             user of an error.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: |-
             The homeserver does not allow the third party identifier as a
@@ -294,7 +296,9 @@ paths:
         the |/register/msisdn/requestToken|_ endpoint. The homeserver has the
         choice of validating the phone number itself, or proxying the request
         to the ``/validate/msisdn/requestToken`` Identity Service API as
-        identified by ``id_server``.
+        identified by ``id_server``. It is imperative that the
+        homeserver keep a list of trusted Identity Servers and only proxies to
+        those that it trusts.
       operationId: requestTokenTo3PIDMSISDN
       parameters:
         - in: body
@@ -316,7 +320,7 @@ paths:
         200:
           description: An SMS message was sent to the given phone number.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: |-
             The homeserver does not allow the third party identifier as a
diff --git a/api/client-server/definitions/sid.yaml b/api/client-server/definitions/request_token_response.yaml
similarity index 100%
rename from api/client-server/definitions/sid.yaml
rename to api/client-server/definitions/request_token_response.yaml
diff --git a/api/client-server/registration.yaml b/api/client-server/registration.yaml
index 003344342..5ec657e0e 100644
--- a/api/client-server/registration.yaml
+++ b/api/client-server/registration.yaml
@@ -241,7 +241,7 @@ paths:
             may be an email containing the validation token or it may be
             informing the user of an error.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: The homeserver does not permit the address to be bound.
           schema:
@@ -304,7 +304,7 @@ paths:
             that this may be an SMS message containing the validation token or
             it may be informing the user of an error.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: The homeserver does not permit the address to be bound.
           schema:
@@ -402,11 +402,11 @@ paths:
         ``M_THREEPID_IN_USE`` may not be returned.
         
         The homeserver has the choice of validating the email address itself,
-        or proxying the request to the ``/validate/email/requestToken`` Identity
-        Server API. The request should be proxied to the domain that is sent by
-        the client in the ``id_server``. It is imperative that the homeserver
-        keep a list of trusted Identity Servers and only proxies to those it
-        trusts.
+        or proxying the request to the ``/validate/email/requestToken``
+        Identity Service API. The request should be proxied to the domain that
+        is sent by the client in the ``id_server``. It is imperative that the
+        homeserver keep a list of trusted Identity Servers and only proxies to
+        those that it trusts.
 
 
         .. |/register/email/requestToken| replace:: ``/register/email/requestToken``
@@ -433,7 +433,7 @@ paths:
         200:
           description: An email was sent to the given address.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: |-
             The homeserver does not allow the third party identifier as a
@@ -472,12 +472,12 @@ paths:
         to the given phone number prompting the user to create an account.
         ``M_THREEPID_IN_USE`` may not be returned.
         
-        The homeserver has the choice of validating the phone number itself,
-        or proxying the request to the ``/validate/msisdn/requestToken`` Identity
-        Server API. The request should be proxied to the domain that is sent by
-        the client in the ``id_server``. It is imperative that the homeserver
-        keep a list of trusted Identity Servers and only proxies to those it
-        trusts.
+        The homeserver has the choice of validating the phone number itself, or
+        proxying the request to the ``/validate/msisdn/requestToken`` Identity
+        Service API. The request should be proxied to the domain that is sent
+        by the client in the ``id_server``. It is imperative that the
+        homeserver keep a list of trusted Identity Servers and only proxies to
+        those that it trusts.
 
         .. |/register/msisdn/requestToken| replace:: ``/register/msisdn/requestToken``
 
@@ -503,7 +503,7 @@ paths:
         200:
           description: An SMS message was sent to the given phone number.
           schema:
-            $ref: "definitions/sid.yaml"
+            $ref: "definitions/request_token_response.yaml"
         403:
           description: |-
             The homeserver does not allow the third party identifier as a
diff --git a/changelogs/client_server/newsfragments/2101.breaking b/changelogs/client_server/newsfragments/2101.breaking
new file mode 100644
index 000000000..84c645ab6
--- /dev/null
+++ b/changelogs/client_server/newsfragments/2101.breaking
@@ -0,0 +1 @@
+Add a new ``submit_url`` field to the response of various `.../requestToken` endpoints.