Merge branch 'master' into SPEC-2

This commit is contained in:
Stanislav N. aka pztrn 2020-01-02 20:34:20 +05:00
commit d42d86eb8e
7 changed files with 227 additions and 61 deletions

View File

@ -1,14 +1,18 @@
# The Sections of a Cadmium Protocol Proposal (CPP) document
## Introduction
The introduction to a CPP document should contain description of the extension and example of problems which this extension can solve.
## Message type identifiers
In this section, specify the identifiers of the new types of protocol messages (which are introduced by the extension)
## Glossary
If your CE document uses terms that may not be familiar to the reader, please define them in this section.
## Use Cases
It is recommended that document authors structure their proposals according to the use cases that the proposal will address. We have found that use cases force authors to focus on functionality rather than "protocol for the sake of protocol". It is also helpful to sort use cases by actor. Include one subsection for each use case.
When writing use cases and the associated protocols, make sure to:
@ -17,7 +21,8 @@ When writing use cases and the associated protocols, make sure to:
* Describe the expected behavior of Cadmium clients, servers, and components when using this protocol.
* Include lots of protocol examples.
*Example 1. An Example from Shakespeare*
*Example 1. An Example from Shakespeare*:
```json
{
"id": "abcd",
@ -29,31 +34,41 @@ When writing use cases and the associated protocols, make sure to:
}
}
```
## Error Codes
If your proposal defines a number of error and status codes, it is a good idea to include a table of all the codes defined in your document.
## Errors
If your proposal defines a number of error and error identifiers, it is a good idea to include a table of all the identifiers defined in your document.
## Business Rules
You may want to include a section describing various business rules (essentially, a variety of MUSTs, SHOULDs, and MAYs regarding application behavior). This is not required but can be helpful to implementers.
You may want to include a section describing various business rules (essentially, a variety of MUSTs, SHOULDs, and MAYs regarding application behavior). This section is not required but can be helpful to implementers.
## Implementation Notes
You may want to include a section devoted to implementation notes. Again, this is not required but can be helpful to implementers.
## Internationalization Considerations
If there are any internationalization or localization issues related to your proposal, define them in this optional section.
## Security Considerations
Your proposal MUST include a section entitled "Security Considerations". Even if there are no security features or concerns related to your proposal, you MUST note that fact. For helpful guidelines, refer to RFC 3552.
## JSON Schema
An JSON Schema is required in order for protocols to be approved by the Cadmium Developers. The Cadmium Developers team can assist you in defining an JSON Schema for the protocol you are proposing. Also you can define your schema as TypeScript interfaces, this is also allowed.
## Acknowledgements (optional)
Most CE documents end with a section thanking non-authors who have made significant contributions or who have provided feedback regarding the specification.
# Cadmium Extension Styleguide
## Cadmium Extension Styleguide
CE document are written in English. It is not expected that you will be a fine prose writer, but try to write in a clear, easily-understood fashion.
## Code Examples
### Code Examples
To show the hierarchy of JSON objects, indent two spaces for every level.
If an element possesses a large number of attributes, include a line break before each attribute and indent them so that they are vertically aligned for readability.
@ -61,6 +76,7 @@ If an element possesses a large number of attributes, include a line break befor
If the JSON data of an element is long, include line breaks and indent by two spaces.
*Example*:
```json
{
"id": "abcd",
@ -76,14 +92,19 @@ If the JSON data of an element is long, include line breaks and indent by two sp
}
}
```
Some examples include strings that are the output of a hashing algorithm such as SHA-1 or SHA-256. An easy way to generate these is to use the OpenSSL "dgst" command to generate the hash. For example, the following command will generate the SHA-1 hash `a6cf4baabcefb63189a1a1c56158aa431990bba9`:
```
```bash
echo -n '@juliet@396277b7dcd0f1173f2007baa604de7593529cc3fbf335fb7924851cb25c1fdf' | openssl dgst -hex -sha1
```
Some examples include strings that are encoded using Base64. An easy way to generate these is to use the OpenSSL "enc" command to generate the base64-encoded equivalent. For example, the following command will generate the base64-encoded string `QGp1bGlldEAzOTYyNzdiN2RjZDBmMTE3M2YyMDA3YmFhNjA0ZGU3NTkzNTI5Y2MzZmJmMzM1ZmI3OTI0ODUxY2IyNWMxZmRm`:
```
```bash
echo -n '@juliet@396277b7dcd0f1173f2007baa604de7593529cc3fbf335fb7924851cb25c1fdf' | openssl enc -nopad -base64
```
## Conformance Terms
```
### Conformance Terms
Conformance terms (e.g,, "MUST" and "SHOULD") are specified in RFC 2119. Use them. When such terms are not in ALL CAPS, the special conformance sense does not apply (although it is preferable to use terms such as 'might' instead of 'may' and 'ought' instead of 'should').

View File

@ -1,16 +1,22 @@
# Account login by username
## Introduction
This extension is intended for logging into user account on a server by username
## Message type identifiers
- `profile:login`
## Error codes
- 0: limit exceed
- 1: user ID/password isn't valid
## Errors
- Ratelimit system: enabled
- `invalid_creds`: user ID/password isn't valid
## Use cases
*Request*:
- Request:
```json
{
"id": "abcd",
@ -23,7 +29,8 @@ This extension is intended for logging into user account on a server by username
}
```
*Response*:
- Response:
```json
{
"id": "abcd",
@ -37,7 +44,8 @@ This extension is intended for logging into user account on a server by username
}
```
*<b>Error</b> response*:
- Error response:
```json
{
"id": "abcd",
@ -45,43 +53,54 @@ This extension is intended for logging into user account on a server by username
"from": "cadmium.org",
"ok": false,
"payload": {
"errCode": 1,
"errCode": "invalid_creds",
"errText": "Username/password isn't valid"
}
}
```
## Business Rules
None.
## JSON Schema
**Payload**
### Payload
- Request:
```typescript
interface LoginRequestPayload {
/**
* The username of account which user wants to login
* The username of account which user wants to login (can be omit if we set thirdPID)
*/
username: string,
/**
* Third party ID which have user (can be omit if we set username)
*/
thirdPID: string,
/**
* Password of new account
*/
password: string
}
```
- Response:
```typescript
interface LoginResponsePayload {
/**
* Authentication token which required for various user actions (UUID)
* Authentication token which required for various user actions (static SHA256 hash string from 4096 random characters)
*/
authToken: string,
/**
* Identifier of new user device (created by this login action)
*/
deviceID: string
}
```
```

View File

@ -1,17 +1,27 @@
# Account registration
## Introduction
This extension is intended for creating user accounts on a server
## Message type identifiers
- `profile:register`
## Error codes
- 0: limit exceed
- 1: username/third party ID already taken
- 2: registration isn't allowed on a server
- `profile:register`
## Errors
- Ratelimit system: enabled
- `id_exists`: username/third party ID already taken
- `reg_disabled`: registration isn't allowed on a server
## Use cases
- Request:
### Basic registration flow
`// TODO: introduce email/msisdn confirmation which prevents spam attacks`
- Client:
```json
{
"id": "abcd",
@ -23,12 +33,14 @@ This extension is intended for creating user accounts on a server
{"type":"email", "value":"juliet@capulett.com"},
{"type":"msisdn", "value":"+1234567890"},
],
"password": "romeo1"
"password": "romeo1",
"loginOnSuccess": false
}
}
```
- Response:
- Server:
```json
{
"id": "abcd",
@ -41,7 +53,8 @@ This extension is intended for creating user accounts on a server
}
```
*<b>Error</b> response*:
- Error response:
```json
{
"id": "abcd",
@ -49,25 +62,28 @@ This extension is intended for creating user accounts on a server
"from": "cadmium.org",
"ok": false,
"payload": {
"errCode": 1,
"errText": "{Username/email/msisdn} already taken"
"errCode": "id_exists",
"errText": "Username/email/msisdn already taken"
}
}
```
## Business Rules
None.
## JSON Schema
**Payload**
### Payload
- Request:
```typescript
interface RegistrationRequestPayload {
/**
* The username that the user wants to register
*/
username: string,
username?: string,
/**
* Array of user third party IDs (email and/or MSISDN)
@ -77,7 +93,12 @@ interface RegistrationRequestPayload {
/**
* Password of new account
*/
password: string
password: string,
/**
* Login to freshly created user account when registration will be completed
*/
loginOnSuccess: boolean
}
interface ThirdPartyID {
@ -92,12 +113,19 @@ interface ThirdPartyID {
value: string
}
```
- Response:
```typescript
interface RegistrationResponsePayload {
/**
* ID of user (Username in priority. If we haven't username, then we put to this field one of user's third party IDs)
*/
userID: EntityID
userID: EntityID,
/**
* Property with login payload (can be omit if property loginOnSuccess wasn't indicated true in RegistrationRequestPayload)
*/
loginPayload?: LoginResponsePayload
}
```
```

View File

@ -0,0 +1,68 @@
# Basic request ratelimit system
## Introduction
This extension is intended to limit the number of requests from clients per unit of time. It is based on Protocol Errors extension.
## Message type identifiers
None.
## Use cases
- Client:
```json
{
"id": "abcd",
"type": "profile:register",
"to": "cadmium.org",
"payload": {
"username": "spam_spam_spam",
"thirdPIDs": [],
"password": "spam"
}
}
```
- Server:
```json
{
"id": "abcd",
"type": "profile:register",
"from": "cadmium.org",
"ok": false,
"payload": {
"errCode": "ratelimit_exceed",
"errText": "Request ratelimit exceed! Please, try again later!",
"errPayload": {
"retryAfter": 2
}
}
}
```
## Errors
### Global errors
- `ratelimit_exceed`
## Business Rules
- Server MUST count number of requests per unit of time and drop new requests after specified number of made requests with Protocol Error message.
- Number of requests and used unit of time SHOULD be configurable on server
## JSON Schema
### Error payload
```typescript
interface RatelimitExceedErrorPayload {
/**
* How long after the client can retry the request (in seconds)
*/
retryAfter: number
}
```

View File

@ -3,35 +3,46 @@
- [Protocol Core](#protocol-core)
- [Transport](#transport)
- [Entity ID](#entity-id)
- [Server-part](#server-part)
- [Username/Room alias/RoomID](#usernameroom-aliasroomid)
- [Special business rules](#special-business-rules)
- [BaseMessage](#basemessage)
## Transport
For starting we simply use JSON + Websockets.
## Entity ID
* Room alias: `#<roomAlias>@<serverpart>`
* Username: `@<username>@<serverpart>`
* User ID with any 3PID: `%<type>:<data>@<serverpart>`
* Currently supported only following types: `email` and `msisdn`.
* Raw User ID: `@<UUID>@<serverpart>`
* Message ID: `&<uuid>@<serverpart (from which server the message was sent)>`
* Room ID: `!<roomID>@<serverpart>`
* Single server-part: `<serverpart>`
**Server-part**:
- Room alias: `#<roomAlias>@<serverpart>`
- Username: `@<username>@<serverpart>`
- User ID with any 3PID: `%<type>:<data>@<serverpart>`
- Currently supported only following types: `email` and `msisdn`.
- Raw User ID: `@<UUID>@<serverpart>`
- Message ID: `&<uuid>@<serverpart (of source server)>`
- Room ID: `!<roomID>@<serverpart>`
- Single server-part: `<serverpart>`
### Server-part
- hostname: `IPv4 / [IPv6] / dns-domain:<port (1-65535)>` (for end-users use)
- server ID: static SHA256 hash string from 4096 characters (for internal protocol use)
- server ID: static SHA256 hash string from 4096 characters (for internal protocol use)
**Username/Room alias/RoomID** - MUST NOT be empty, and MUST contain only the characters `a-z`, `0-9`, `.`, `_`, `=`, `-`, and `/`.
### Username/Room alias/RoomID
MUST NOT be empty, and MUST contain only the characters `a-z`, `0-9`, `.`, `_`, `=`, `-`, and `/`.
### Special business rules
**Special business rules**:
- RoomID SHOULD be UUID identifier.
- Servers MUST use server ID in internal purposes instead of normal server-part with hostname. Only end-users MUST use normal server-part with hostname. This is done for easy multi-domain serving.
## BaseMessage
BaseMessage is a basic message model, basis of the whole protocol. It is used for a very easy protocol extension process.
BaseMessage scheme:
```typescript
interface BaseMessage {
/**
@ -54,13 +65,18 @@ interface BaseMessage {
to: EntityID,
/**
* Operation success indicator (used to determine if the error happened while processing request)
* Operation success indicator (used to determine if the error happened while processing request) - MUST be only in response from server
*/
ok: boolean,
/**
* Authentication token string (can be omit if the action does not require user authentication) - MUST be only in request messages from client
*/
authToken?: string,
/**
* Message payload (used to store extra information in message, list of permissible fields in the payload depends on "type" field)
*/
payload: Map<K,V>
}
```
```

View File

@ -62,6 +62,12 @@
"type": "object",
"title": "payload",
"description": "Message payload (used to store extra information in message, list of permissible fields in the payload depends on \"type\" field)"
},
"ok": {
"$id": "#/properties/ok",
"type": "boolean",
"title": "ok",
"description": "Indicating whether request have an error"
}
}
}

View File

@ -1,13 +1,18 @@
# Protocol Errors
## Introduction
Mechanism of error processing included into protocol.
Adds into any type ID `:error` postfix.
Adds into any response message `ok` variable. If `ok` is true - we have no errors, if `ok` is false - we have an error.
## Message type identifiers
- `*:error`
None.
## Use cases
*Request*:
```json
{
"id": "abcd",
@ -21,12 +26,14 @@ Adds into any type ID `:error` postfix.
```
*Response*:
```json
{
"id": "abcd",
"type": "incorrectMessageType:error",
"type": "incorrectMessageType",
"from": "cadmium.im",
"to": "@juliet@cadmium.im",
"ok": false,
"payload": {
"errCode": 0,
"errText": "Incorrect type of message (type isn't implemented in the server)",
@ -36,14 +43,15 @@ Adds into any type ID `:error` postfix.
```
## JSON Schema
**Payload**
### Payload
```typescript
interface ErrorPayload {
/**
* Error code (defined in extensions, may be same per extensions)
* Error identifier (defined in extensions, maybe same per extensions)
*/
errCode: number,
errId: string,
/**
* Explanation of error in human-readable view
@ -55,4 +63,4 @@ interface ErrorPayload {
*/
errPayload: Map<K,V>
}
```
```