mirror of https://github.com/moparisthebest/xeps
Merge branch 'feature/xep-0401'
This commit is contained in:
commit
b837b325d7
133
xep-0401.xml
133
xep-0401.xml
|
@ -30,6 +30,12 @@
|
||||||
<firstname>Marc</firstname>
|
<firstname>Marc</firstname>
|
||||||
<surname>Schink</surname>
|
<surname>Schink</surname>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.3.0</version>
|
||||||
|
<date>2020-01-02</date>
|
||||||
|
<initials>gl</initials>
|
||||||
|
<remark>Use pre-auth-IQ instead of re-using IBR as per council feedback.</remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.2.0</version>
|
<version>0.2.0</version>
|
||||||
<date>2018-02-11</date>
|
<date>2018-02-11</date>
|
||||||
|
@ -78,8 +84,8 @@
|
||||||
out-of-band link (URI) which allows Juliet to:</p>
|
out-of-band link (URI) which allows Juliet to:</p>
|
||||||
<ol>
|
<ol>
|
||||||
<li>Download an XMPP client (if needed).</li>
|
<li>Download an XMPP client (if needed).</li>
|
||||||
<li>Register an account on Romeo's server with a user name defined by
|
<li>Register an account on Romeo's server (with a user name pre-defined
|
||||||
Romeo and a password not known to Romeo.</li>
|
by Romeo or chosen by Juliet, and a password not known to Romeo).</li>
|
||||||
<li>Establish a mutual presence subscription between Romeo and Juliet.</li>
|
<li>Establish a mutual presence subscription between Romeo and Juliet.</li>
|
||||||
</ol>
|
</ol>
|
||||||
</section2>
|
</section2>
|
||||||
|
@ -124,8 +130,21 @@
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
<p>When performing the account creation, Juliet's client needs to ensure
|
<p>When performing the account creation, Juliet's client needs to ensure
|
||||||
that the server supports the extended IBR protocol with a <preauth>
|
that the server supports the extended IBR protocol, as denoted by the
|
||||||
token: TODO</p>
|
<strong><register xmlns='urn:xmpp:invite'></strong>
|
||||||
|
stream feature:</p>
|
||||||
|
<example caption="Stream features of a server that accepts invitations"><![CDATA[
|
||||||
|
<stream:features>
|
||||||
|
<mechanisms xmlns='urn:xmpp:sasl:0'>
|
||||||
|
<mechanism>EXTERNAL</mechanism>
|
||||||
|
<mechanism>SCRAM-SHA-1-PLUS</mechanism>
|
||||||
|
<mechanism>SCRAM-SHA-1</mechanism>
|
||||||
|
<mechanism>PLAIN</mechanism>
|
||||||
|
</mechanisms>
|
||||||
|
<register xmlns='urn:xmpp:invite'/>
|
||||||
|
<register xmlns='http://jabber.org/features/iq-register'/>
|
||||||
|
</stream:features>
|
||||||
|
]]></example>
|
||||||
</section1>
|
</section1>
|
||||||
<section1 topic='Glossary' anchor='glossary'>
|
<section1 topic='Glossary' anchor='glossary'>
|
||||||
<p>OPTIONAL.</p>
|
<p>OPTIONAL.</p>
|
||||||
|
@ -324,87 +343,45 @@
|
||||||
<section2 topic='Pre-Authenticated In-Band Registration' anchor='preauth-ibr'>
|
<section2 topic='Pre-Authenticated In-Band Registration' anchor='preauth-ibr'>
|
||||||
<p>In order to allow invited users to register on a server, the
|
<p>In order to allow invited users to register on a server, the
|
||||||
registration processs as defined in &xep0077; needs to be extended. The
|
registration processs as defined in &xep0077; needs to be extended. The
|
||||||
invited user's client MUST add a <preauth> element in the 'TODO'
|
invited user's client needs to connect to the server and check that the
|
||||||
namespace to the 'jabber:iq:register' query in order to inform the
|
invitation stream feature
|
||||||
server that it wants to perform Pre-Authenticated IBR:</p>
|
(<strong><register xmlns='urn:xmpp:invite'></strong>) is present.
|
||||||
<example caption="Retrieving registration fields"><![CDATA[
|
After that, the client initiates the registration flow by sending the
|
||||||
<iq type='get' id='reg1' to='example.com'>
|
preauth token to the server:</p>
|
||||||
<query xmlns='jabber:iq:register'>
|
<example caption="Client initiates pre-authenticated IBR"><![CDATA[
|
||||||
<preauth xmlns='urn:xmpp:invite:1'/>
|
<iq type='set' to='example.com' id='pa1'>
|
||||||
</query>
|
<preauth xmlns='urn:xmpp:pars:0' token='TOKEN' />
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
<p>If the server supports and is ready to perform Pre-Authenticated IBR,
|
<p>Upon receiving the preauth request, the server must validate that the
|
||||||
it MUST add a <token> element to the response (TODO: 'token' or
|
token is acceptable for account registration. However, single-use tokens
|
||||||
'preauth'?):</p>
|
MUST NOT be considered used until the actual registration has succeeded.
|
||||||
<example caption="Receiving registration form"><![CDATA[
|
</p>
|
||||||
<iq type='result' to='romeo@example.com' from='example.com' id='reg1'>
|
<p>In addition, if the token has an expiration time, it MUST only be
|
||||||
<query xmlns='jabber:iq:register'>
|
checked at this point. Subsequent actions performed by the client during
|
||||||
<x xmlns='jabber:x:data' type='form'>
|
the current session that require a valid token MUST NOT be rejected due
|
||||||
<field type='hidden' var='FORM_TYPE'>
|
to token expiry.
|
||||||
<value>urn:xmpp:invite:1</value>
|
</p>
|
||||||
</field>
|
<p>If the token is acceptable, the server responds with success, and
|
||||||
<field type='text-single' label='Username' var='username'>
|
indicates the client may now proceed with account registration:
|
||||||
<required/>
|
</p>
|
||||||
</field>
|
<example caption="Server accepts invitation token"><![CDATA[
|
||||||
<field type='text-private' label='Password' var='password'>
|
<iq type='result' from='example.com' id='pa1' />
|
||||||
<required/>
|
|
||||||
</field>
|
|
||||||
<field type='text-single' label='Invite token' var='token'>
|
|
||||||
<required/>
|
|
||||||
</field>
|
|
||||||
</x>
|
|
||||||
</query>
|
|
||||||
</iq>
|
|
||||||
]]></example>
|
]]></example>
|
||||||
<example caption='Receiving registration form with error (invalid token)'><![CDATA[
|
<p>If the token provided by the client was unknown, invalid or expired, the
|
||||||
<iq type='error' from='example.com' id='reg1'>
|
server should return an appropriate error to the client:</p>
|
||||||
<query xmlns='jabber:iq:register'>
|
<example caption="Server rejects invitation token"><![CDATA[
|
||||||
<x xmlns='jabber:x:data' type='form'>
|
<iq type="error" from="example.com" id="pa1">
|
||||||
<field type='hidden' var='FORM_TYPE'>
|
|
||||||
<value>urn:xmpp:invite:1</value>
|
|
||||||
</field>
|
|
||||||
<field type='text-single' var='username'>
|
|
||||||
<value>juliet<value/>
|
|
||||||
</field>
|
|
||||||
<field type='text-private' var='password'>
|
|
||||||
<value>m1cro$oft<value/>
|
|
||||||
</field>
|
|
||||||
<field type='text-single' var='token'>
|
|
||||||
<value>BADTOKEN<value/>
|
|
||||||
</field>
|
|
||||||
</x>
|
|
||||||
</query>
|
|
||||||
<error type='modify'>
|
|
||||||
<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
|
||||||
<invalid-token xmlns='urn:xmpp:invite:1'/>
|
|
||||||
</error>
|
|
||||||
</iq>
|
|
||||||
]]></example>
|
|
||||||
<example caption='Receiving registration form with error (token expired)'><![CDATA[
|
|
||||||
<iq type='error' from='example.com' id='reg1'>
|
|
||||||
<query xmlns='jabber:iq:register'>
|
|
||||||
<x xmlns='jabber:x:data' type='form'>
|
|
||||||
<field type='hidden' var='FORM_TYPE'>
|
|
||||||
<value>urn:xmpp:invite:1</value>
|
|
||||||
</field>
|
|
||||||
<field type='text-single' var='username'>
|
|
||||||
<value>juliet<value/>
|
|
||||||
</field>
|
|
||||||
<field type='text-private' var='password'>
|
|
||||||
<value>m1cro$oft<value/>
|
|
||||||
</field>
|
|
||||||
<field type='text-single' var='token'>
|
|
||||||
<value>OLDTOKEN<value/>
|
|
||||||
</field>
|
|
||||||
</x>
|
|
||||||
</query>
|
|
||||||
<error type='cancel'>
|
<error type='cancel'>
|
||||||
<not-allowed xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
<item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
||||||
<token-expired xmlns='urn:xmpp:invite:1'/>
|
<text>The provided token is invalid or expired</text>
|
||||||
</error>
|
</error>
|
||||||
</iq>
|
</iq>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
<p>In the success case, the client proceeds with registration as defined in
|
||||||
|
&xep0077;. If the token is rejected by the server, the client still MAY
|
||||||
|
attempt to perform IBR if the server allows that.</p>
|
||||||
|
|
||||||
<p>After the invitee has successfully registered on the inviter's server
|
<p>After the invitee has successfully registered on the inviter's server
|
||||||
and roster subscription is enabled for account creation, the server MUST
|
and roster subscription is enabled for account creation, the server MUST
|
||||||
use roster pushes as defined in &rfc6121; §2.1.6 in order to inform the
|
use roster pushes as defined in &rfc6121; §2.1.6 in order to inform the
|
||||||
|
|
Loading…
Reference in New Issue