libQuotient
A Qt library for building matrix clients
login_token.h
Go to the documentation of this file.
1 // THIS FILE IS GENERATED - ANY EDITS WILL BE OVERWRITTEN
2 
3 #pragma once
4 
5 #include <Quotient/csapi/definitions/auth_data.h>
6 
7 #include <Quotient/jobs/basejob.h>
8 
9 namespace Quotient {
10 
11 //! \brief Optional endpoint to generate a single-use, time-limited, `m.login.token` token.
12 //!
13 //! Optional endpoint - the server is not required to implement this endpoint if it does not
14 //! intend to use or support this functionality.
15 //!
16 //! This API endpoint uses the [User-Interactive Authentication
17 //! API](/client-server-api/#user-interactive-authentication-api).
18 //!
19 //! An already-authenticated client can call this endpoint to generate a single-use, time-limited,
20 //! token for an unauthenticated client to log in with, becoming logged in as the same user which
21 //! called this endpoint. The unauthenticated client uses the generated token in a `m.login.token`
22 //! login flow with the homeserver.
23 //!
24 //! Clients, both authenticated and unauthenticated, might wish to hide user interface which exposes
25 //! this feature if the server is not offering it. Authenticated clients can check for support on
26 //! a per-user basis with the [`m.get_login_token`](/client-server-api/#mget_login_token-capability)
27 //! capability, while unauthenticated clients can detect server support by looking for an
28 //! `m.login.token` login flow with `get_login_token: true` on [`GET
29 //! /login`](/client-server-api/#post_matrixclientv3login).
30 //!
31 //! In v1.7 of the specification, transmission of the generated token to an unauthenticated client
32 //! is left as an implementation detail. Future MSCs such as
33 //! [MSC3906](https://github.com/matrix-org/matrix-spec-proposals/pull/3906) might standardise a way
34 //! to transmit the token between clients.
35 //!
36 //! The generated token MUST only be valid for a single login, enforced by the server. Clients which
37 //! intend to log in multiple devices must generate a token for each.
38 //!
39 //! With other User-Interactive Authentication (UIA)-supporting endpoints, servers sometimes do not
40 //! re-prompt for verification if the session recently passed UIA. For this endpoint, servers MUST
41 //! always re-prompt the user for verification to ensure explicit consent is gained for each
42 //! additional client.
43 //!
44 //! Servers are encouraged to apply stricter than normal rate limiting to this endpoint, such as
45 //! maximum of 1 request per minute.
46 class QUOTIENT_API GenerateLoginTokenJob : public BaseJob {
47 public:
48  //! \param auth
49  //! Additional authentication information for the user-interactive authentication API.
50  explicit GenerateLoginTokenJob(const std::optional<AuthenticationData>& auth = std::nullopt);
51 
52  // Result properties
53 
54  //! The login token for the `m.login.token` login flow.
55  QString loginToken() const { return loadFromJson<QString>("login_token"_L1); }
56 
57  //! The time remaining in milliseconds until the homeserver will no longer accept the token.
58  //! `120000` (2 minutes) is recommended as a default.
59  int expiresInMs() const { return loadFromJson<int>("expires_in_ms"_L1); }
60 
61  struct Response {
62  //! The login token for the `m.login.token` login flow.
63  QString loginToken{};
64 
65  //! The time remaining in milliseconds until the homeserver will no longer accept the token.
66  //! `120000` (2 minutes) is recommended as a default.
67  int expiresInMs{};
68  };
69 };
70 
71 template <std::derived_from<GenerateLoginTokenJob> JobT>
72 constexpr inline auto doCollectResponse<JobT> = [](JobT* j) -> GenerateLoginTokenJob::Response {
73  return { j->loginToken(), j->expiresInMs() };
74 };
75 
76 } // namespace Quotient