From df36c096b1d2be59ec4541304eb40c912610b0ae Mon Sep 17 00:00:00 2001 From: Georg Lukas Date: Mon, 30 Dec 2019 19:14:52 +0100 Subject: [PATCH] XEP-0401: split out pre-authenticated IBR --- xep-0401.xml | 109 ++++++++++----------------------------------------- 1 file changed, 21 insertions(+), 88 deletions(-) diff --git a/xep-0401.xml b/xep-0401.xml index 5b321b4b..304b26ea 100644 --- a/xep-0401.xml +++ b/xep-0401.xml @@ -6,7 +6,7 @@
- Easy User Onboarding + Ad-hoc Account Invitation Generation This document defines a protocol and URI scheme for user invitation in order to allow a third party to register on a server. The goal of this is to make onboarding for XMPP IM newcomers as easy as possible. &LEGALNOTICE; 0401 @@ -30,6 +30,10 @@ Marc Schink + + Georg + Lukas + 0.4.0 2020-01-08 @@ -90,8 +94,8 @@ out-of-band link (URI) which allows Juliet to:

  1. Download an XMPP client (if needed).
    2. -
  2. Register an account on Romeo's server with a user name defined by - Romeo and a password not known to Romeo.
    3. +
  3. Register an account on Romeo's server (with a user name pre-defined + by Romeo or chosen by Juliet, and a password not known to Romeo).
  4. Establish a mutual presence subscription between Romeo and Juliet.
@@ -111,6 +115,8 @@ Furthermore, Romeo's server SHOULD provide a HTTPS service hosting the landing page.

+

Romeo's server MUST support at least one Pre-Authenticated In-Band + Registration mechanism.

Romeo can query his server for the availability of "User Invitation" and @@ -135,9 +141,6 @@ ]]> -

When performing the account creation, Juliet's client needs to ensure - that the server supports the extended IBR protocol with a <preauth> - token: TODO

OPTIONAL.

@@ -335,88 +338,18 @@

In order to allow invited users to register on a server, the - registration processs as defined in &xep0077; needs to be extended. The - invited user's client MUST add a <preauth> element in the 'TODO' - namespace to the 'jabber:iq:register' query in order to inform the - server that it wants to perform Pre-Authenticated IBR:

- - - - - -]]> -

If the server supports and is ready to perform Pre-Authenticated IBR, - it MUST add a <token> element to the response (TODO: 'token' or - 'preauth'?):

- - - - - urn:xmpp:invite:1 - - - - - - - - - - - - - -]]> - - - - - urn:xmpp:invite:1 - - - juliet - - - m1cro$oft - - - BADTOKEN - - - - - - - - -]]> - - - - - urn:xmpp:invite:1 - - - juliet - - - m1cro$oft - - - OLDTOKEN - - - - - - - - -]]> + server must support pre-authenticated in-band registration based on one + of the following specifications: +

+
    +
  • Pre-Authenticated In-Band Registration
    • +
  • TODO: define a mechanism based on &xep0389;
    • +
+

+ The invited user's client needs to connect to the server, check which of + the above mechanisms are supported, and continue as specified in the + respective document. +

After the invitee has successfully registered on the inviter's server and roster subscription is enabled for account creation, the server MUST use roster pushes as defined in &rfc6121; ยง2.1.6 in order to inform the