-
-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add DCLOGIN
uri scheme
#48
Changes from 3 commits
c304e8f
4c630be
97b3416
b5309b7
a095a0e
7f23e56
77301ab
52a7a5e
2600109
42e6f10
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -96,6 +96,8 @@ see the [mailadm](https://github.com/deltachat/mailadm) project for more details | |
DCACCOUNT:https://example.org/new_email?t=1w_7wDjgjelxeX884x96v3 | ||
``` | ||
|
||
You may want to use [`DCLOGIN`](#DCLOGIN) instead, if you want a qr code containing login information for a single account. | ||
|
||
#### The http endpoint needs the following api: | ||
|
||
##### On Success | ||
|
@@ -124,6 +126,88 @@ HTTP Status code: NOT 2XX, idealy the 4XX if it's user error and 5XX if it's the | |
|
||
json object can have other properties too, but currently they are ignored by core. | ||
|
||
## **DCLOGIN** <a name="DCLOGIN"></a> | ||
|
||
| | | | ||
| ------------------------ | --------------------- | | ||
| Scheme | `DCLOGIN:` | | ||
| Used for | Account setup | | ||
| Related Terms\* | Account Login QR code | | ||
| Available on | draft | | ||
| Decoded by the core \*\* | draft | | ||
| Other apps using it | none, only DeltaChat | | ||
|
||
### Syntax | ||
|
||
``` | ||
dclogin://user:password@host/?options | ||
dclogin://user:password@host?options | ||
dclogin:user:password@host/?options | ||
# example: (email: me@example.com, password: securePassword) | ||
dclogin://me:securePassword@example.com?v=1 | ||
# example: (email: myself@example.com, password: 123456, insecure smtp at different server) | ||
dclogin://myself:123456@example.com?v=1&sh=mail.example.com&sc=3&ss=plain | ||
``` | ||
|
||
#### Options `?options` | ||
|
||
Format: URL Query parameters also known as GET variables (`varname=value` behind the question mark, chained/delimited by `&`) | ||
|
||
The query parameters contain advanced options and a version parameter. | ||
All advanced options are optional except for `v`, which is the only required option at this point. | ||
|
||
| short name | full name | description | example | | ||
| ---------- | ------------------------- | --------------------------------------------------- | --------------------- | | ||
| `v` | `version` | defines the format version, more explanation below | `v=1` | | ||
| ---------- | ------------------------- | --------------------------------------------------- | ---------------- | | ||
| `ih` | `imap_host` | IMAP host | `ih=imap.example.com` | | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. mmh ok so actually the host can be specified in options, then splitting the email address in local part and host kinda feels unnecessary 🤔 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it's because url spec has There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. following this "auth spec" seems not to be needed and does not really match anyway as we have to deal with potentially two different usernames and passwords. and if we follow: the part before the colon is the username, so that would be the full email address in many, but of course not all cases. so, trying to reconstruct the email address and username from different parts is doable, but would results in quite some "if" and unneeded complexity. it seems much easier to have a dedicated field for the email address: There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm not sure we need to "simplify" everything that much, maybe
and when reusing the existing imap password field (though that might be more annoying to explain than an extra property):
BTW: the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We also can have separate passwords for IMAP & SMTP, right? So what about recommending That would feel most intuitive for me, and kind of maps the login field with the advanced login settings. edit: I just saw that there are There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm not really willing to change everything at this stage again, r10s is right that it might be more complicated to do it in the userinfo part (because URI encoding and stuff like that, passwords tend to contain special characters) |
||
| `ip` | `imap_port` | IMAP port | `ip=993` | | ||
| `iu` | `imap_username` | IMAP username | | | ||
| `ipw` | `imap_password` | IMAP password | | | ||
| `is` | `imap_security` | IMAP security: "`ssl`" or "`default`" | `is=ssl` | | ||
| `ic` | `imap_certificate_checks` | IMAP certificate checks, see below for options | `ic=1` | | ||
| ---------- | ------------------------- | --------------------------------------------------- | ---------------- | | ||
| `sh` | `smtp_host` | SMTP host | `sh=mail.example.com` | | ||
| `sp` | `smtp_port` | SMTP port | `sp=465` | | ||
| `su` | `smtp_username` | SMTP username | | | ||
| `spw` | `smtp_password` | SMTP password | | | ||
| `ss` | `smtp_security` | SMTP security: "`ssl`", "`starttls`" or "`plain`" | `ss=plain` | | ||
| `sc` | `smtp_certificate_checks` | SMTP certificate checks, see below for options | `sc=3` | | ||
|
||
#### `minVersion` | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
Format version: | ||
Used for breaking new versions that add new **required** properties, basically deltachat checks for this and if it's newer than the version deltachat supports it prompts the user to update the app. | ||
|
||
The version number only increases on incompatible changes (changes to required properties). | ||
|
||
#### `CertificateChecks` | ||
|
||
| code | name & description | | ||
| ---- | ---------------------------------------------------------------------------------------------------------------- | | ||
| 0 | `Automatic`, same as `AcceptInvalidCertificates` unless overridden by `strict_tls` setting in provider database. | | ||
| 1 | `Strict` | | ||
| 3 | `AcceptInvalidCertificates` | | ||
|
||
#### Important information for using the `DCLOGIN:` scheme | ||
|
||
- There is a maximum length of how much data fits in side of a qr code (depending on the error correction level 1273 chars to 2953 chars) | ||
- make sure to use the short names for advanced properties | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- If working with long domains/password/usernames in advanced options, **consider creating a configuration file at the server instead** using either [Autoconfigure](https://web.archive.org/web/20210402044801/https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration) or [Autodiscover](<https://technet.microsoft.com/library/bb124251(v=exchg.150).aspx>) | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- **Every value** (username & password too) **needs to be URI encoded**: | ||
- [`encodeURIComponent()` in JS](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent) | ||
- note that email username and password are in different order, than email: `username:password@host` vs. `username@host` | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
#### Implementation hints | ||
|
||
implementations should be somewhat tolerant: | ||
|
||
- both `dclogin:` and `dclogin://` should work | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- both short names and full names should be parsed for properties (though short names are preferred) | ||
- have a test for usename+extention@host cases | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- if version is bigger than whats implemented tell the user to update | ||
Simon-Laux marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
|
||
## **DCWEBRTC** | ||
|
||
| | | | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure if it is a thing but IIRC some servers use only the local part of the email address as the username to log in, how would that be specified here? or this is only for servers that the login is with the email address and that the server address ends with
@host
and host is the right imap/smtp host? I guess it will have then to do the DC autoconfig to detect right host and portspersonally would have preferred something like
dclogin://addr:password?mail_server=...&send_server=...&(other dc config options here)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and then calling it
dcsetup:
would makes more sense since you could setup several config options for the user, would be more useful for admins setting up servers for easy onboarding, example if creating the DC account is triggered from inside another service /account and then you could preconfigure the same username that the user has in that other service