Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-02 19:44:53 -04:00
Code Issues Projects Releases Packages Wiki Activity

Return the proper 403 Forbidden error during errors with JWT logins. (#7844)

Browse source
This commit is contained in:
Patrick Cloke 2020-07-15 07:10:21 -04:00 committed by GitHub
parent 1d9dca02f9
commit 111e70d75c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 27 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

5
docs/jwt.md
View file

@ -31,10 +31,7 @@ The `token` field should include the JSON web token with the following claims:
Providing the audience claim when not configured will cause validation to fail.
In the case that the token is not valid, the homeserver must respond with
`401 Unauthorized` and an error code of `M_UNAUTHORIZED`.
(Note that this differs from the token based logins which return a
`403 Forbidden` and an error code of `M_FORBIDDEN` if an error occurs.)
`403 Forbidden` and an error code of `M_FORBIDDEN`.
As with other login types, there are additional fields (e.g. `device_id` and
`initial_device_display_name`) which can be included in the above request.