Add TODO markers for tursted ID server check

2025-12-11 17:03:10 -06:00 · 2017-08-31 18:17:35 +01:00 · 2017-08-31 18:17:35 +01:00 · e35b7fc869
parent 512c3dc787
commit e35b7fc869
1 changed files with 4 additions and 0 deletions
--- a/src/github.com/matrix-org/dendrite/clientapi/threepid/threepid.go
+++ b/src/github.com/matrix-org/dendrite/clientapi/threepid/threepid.go
@ -50,6 +50,8 @@ type Credentials struct {
 // Returns an error if there was a problem sending the request or decoding the
 // response, or if the identity server responded with a non-OK status.
 func CreateSession(req EmailAssociationRequest) (string, error) {
+	// TODO: Check if the ID server is trusted
+
 	// Create a session on the ID server
 	postURL := fmt.Sprintf("https://%s/_matrix/identity/api/v1/validate/email/requestToken", req.IDServer)

@ -92,6 +94,7 @@ func CreateSession(req EmailAssociationRequest) (string, error) {
 // Returns an error if there was a problem sending the request or decoding the
 // response, or if the identity server responded with a non-OK status.
 func CheckAssociation(creds Credentials) (bool, string, string, error) {
+	// TODO: Check if the ID server is trusted
 	url := fmt.Sprintf("https://%s/_matrix/identity/api/v1/3pid/getValidated3pid?sid=%s&client_secret=%s", creds.IDServer, creds.SID, creds.Secret)
 	resp, err := http.Get(url)
 	if err != nil {
@ -124,6 +127,7 @@ func CheckAssociation(creds Credentials) (bool, string, string, error) {
 // Returns an error if there was a problem sending the request or decoding the
 // response, or if the identity server responded with a non-OK status.
 func PublishAssociation(creds Credentials, userID string) error {
+	// TODO: Check if the ID server is trusted
 	postURL := fmt.Sprintf("https://%s/_matrix/identity/api/v1/3pid/bind", creds.IDServer)

 	data := url.Values{}