Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow configuration for disabling v1 bindings #267

Merged
merged 3 commits into from
Feb 7, 2020
Merged

Allow configuration for disabling v1 bindings #267

merged 3 commits into from
Feb 7, 2020

Conversation

babolivier
Copy link
Contributor

Add the 'enable_v1_associations' configuration flag to determine whether to enable or disable the creation of associations via v1 endpoints.

@babolivier
Allow configuration for disabling v1 bindings
ca1a7a8 
Add the 'enable_v1_associations' configuration flag to determine whether to enable or disable the creation of associations via v1 endpoints.
@babolivier
Fix parsing of boolean config flags
8695673
@babolivier
Also don't register token-related endpoints
c7ca58f
@babolivier babolivier requested a review from a team February 6, 2020 18:17
@anoadragon453
Copy link
Member

Any reason why we're only deprecating the associations-related endpoints instead of all of v1?

@babolivier
Copy link
Contributor Author

@anoadragon453:

Any reason why we're only deprecating the associations-related endpoints instead of all of v1?

Because logs show that some projects (namely mxisd) still do v1 lookups on our identity servers, and some old Riots still do status checks on the v1 endpoint (so cutting it off might break them entirely).

It sure would be nice to cut all of the deprecated v1 endpoints off, but we'd need to be loud about that and allow a grace period for people to update before shutting them down entirely.

anoadragon453
anoadragon453 approved these changes Feb 7, 2020
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cool, lgtm

@babolivier
Copy link
Contributor Author

babolivier commented Feb 7, 2020
edited
Loading

There's no test because the current infrastructure doesn't allow to test that kind of things, but I did some manual testing on a local Sydent.

Without enable_v1_associations (or with it set to true), the resources are registered:

# POST /requestToken
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/requestToken
{"errcode": "M_MISSING_PARAMS", "error": "Missing parameters: email,client_secret,send_attempt"}
# POST /submitToken
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/submitToken
{"errcode": "M_MISSING_PARAMS", "error": "Missing parameters: token,sid,client_secret"}
# GET /submitToken
$ curl http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/submitToken
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<p>Verification failed: you may need to request another verification email</p>
</body>
</html>
# POST /bind
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/3pid/bind
{"errcode": "M_MISSING_PARAMS", "error": "Missing parameters: sid,client_secret,mxid"}
$

With it set to false, the resources aren't registered:

# POST /requestToken
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/requestToken

<html>
  <head><title>404 - No Such Resource</title></head>
  <body>
    <h1>No Such Resource</h1>
    <p>No such child resource.</p>
  </body>
</html>
# POST /submitToken
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/submitToken

<html>
  <head><title>404 - No Such Resource</title></head>
  <body>
    <h1>No Such Resource</h1>
    <p>No such child resource.</p>
  </body>
</html>
# GET /submitToken
$ curl http://127.0.0.1:8090/_matrix/identity/api/v1/validate/email/submitToken

<html>
  <head><title>404 - No Such Resource</title></head>
  <body>
    <h1>No Such Resource</h1>
    <p>No such child resource.</p>
  </body>
</html>
# POST /bind
$ curl -d '{}' http://127.0.0.1:8090/_matrix/identity/api/v1/3pid/bind

<html>
  <head><title>404 - No Such Resource</title></head>
  <body>
    <h1>No Such Resource</h1>
    <p>No such child resource.</p>
  </body>
</html>
$

@babolivier babolivier merged commit 4c6378d into master Feb 7, 2020
@babolivier babolivier deleted the babolivier/disable-v1-registration branch September 8, 2021 16:08
@H-Shay H-Shay mentioned this pull request Jun 3, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anoadragon453 anoadragon453 anoadragon453 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@babolivier @anoadragon453