Add registration token UIA type (#3616)

* Add registration token UIA type MSC: https://github.com/matrix-org/matrix-doc/pull/3231 **Note**: This introduces the endpoint as v1 rather than r0 given the global versioning changes landed between the acceptance of the MSC and now. * Fix swagger * Changelogs * Update data/api/client-server/registration_tokens.yaml Co-authored-by: Hubert Chathi <hubert@uhoreg.ca> Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
2022-01-04 20:27:58 -07:00 · 2022-01-04 20:27:58 -07:00 · e4057072bd
commit e4057072bd
parent 20bd445602
4 changed files with 126 additions and 0 deletions
--- a/data/api/client-server/registration_tokens.yaml
+++ b/data/api/client-server/registration_tokens.yaml
@ -0,0 +1,80 @@
+# Copyright 2022 The Matrix.org Foundation C.I.C.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+swagger: '2.0'
+info:
+  title: "Matrix Client-Server Registration Token API"
+  version: "1.0.0"
+host: localhost:8008
+schemes:
+  - https
+  - http
+basePath: /_matrix/client/v1
+consumes:
+  - application/json
+produces:
+  - application/json
+paths:
+  "/register/m.login.registration_token/validity":
+    get:
+      x-addedInMatrixVersion: "1.2"
+      summary: Query if a given registration token is still valid.
+      description: |-
+        Queries the server to determine if a given registration token is still
+        valid at the time of request. This is a point-in-time check where the
+        token might still expire by the time it is used.
+
+        Servers should be sure to rate limit this endpoint to avoid brute force
+        attacks.
+      operationId: registrationTokenValidity
+      parameters:
+        - in: query
+          name: token
+          type: string
+          x-example: "fBVFdqVE"
+          required: true
+          description: The token to check validity of.
+      responses:
+        200:
+          description: The check has a result.
+          examples:
+            application/json: {
+              "valid": true
+            }
+          schema:
+            type: object
+            properties:
+              valid:
+                type: boolean
+                description: |-
+                  True if the token is still valid, false otherwise. This should
+                  additionally be false if the token is not a recognised token by
+                  the server.
+            required: ['valid']
+        403:
+          description: |-
+            The homeserver does not permit registration and thus all tokens are
+            considered invalid.
+          examples:
+            application/json: {
+                  "errcode": "M_FORBIDDEN",
+                  "error": "Registration is not enabled on this homeserver."
+              }
+          schema:
+            "$ref": "definitions/errors/error.yaml"
+        429:
+          description: This request was rate-limited.
+          schema:
+            "$ref": "definitions/errors/rate_limited.yaml"
+      tags:
+        - Account management