fixup! Introduce compat login policy

2025-11-26 12:30:21 +00:00
parent f450d0449c
commit d2ac79d4c8
2 changed files with 29 additions and 22 deletions
--- a/crates/handlers/src/test_utils.rs
+++ b/crates/handlers/src/test_utils.rs
@@ -82,6 +82,7 @@ pub(crate) async fn policy_factory(
        register: "register/violation".to_owned(),
        client_registration: "client_registration/violation".to_owned(),
        authorization_grant: "authorization_grant/violation".to_owned(),
+        compat_login: "compat_login/violation".to_owned(),
        email: "email/violation".to_owned(),
    };

--- a/policies/schema/compat_login_input.json
+++ b/policies/schema/compat_login_input.json
@@ -3,14 +3,6 @@
  "title": "CompatLoginInput",
  "description": "Input for the compatibility login policy.",
  "type": "object",
-  "required": [
-    "is_interactive",
-    "login_type",
-    "requester",
-    "session_counts",
-    "session_replaced",
-    "user"
-  ],
  "properties": {
    "user": {
      "type": "object",
@@ -29,7 +21,7 @@
      "type": "boolean"
    },
    "is_interactive": {
-      "description": "Whether the user is currently in an interactive context. For `m.login.password`: false For `m.login.sso`: - true when asking for consent, - false when actually performing the login (at which point we create the compat session, but it's too late to show a web page)",
+      "description": "Whether the user is currently in an interactive context.\n For `m.login.password`: false\n For `m.login.sso`:\n - true when asking for consent,\n - false when actually performing the login (at which point we create the\n   compat session, but it's too late to show a web page)",
      "type": "boolean"
    },
    "login_type": {
@@ -39,38 +31,46 @@
      "$ref": "#/definitions/Requester"
    }
  },
+  "required": [
+    "user",
+    "session_counts",
+    "session_replaced",
+    "is_interactive",
+    "login_type",
+    "requester"
+  ],
  "definitions": {
    "SessionCounts": {
      "description": "Information about how many sessions the user has",
      "type": "object",
-      "required": [
-        "compat",
-        "oauth2",
-        "personal",
-        "total"
-      ],
      "properties": {
        "total": {
          "type": "integer",
          "format": "uint64",
-          "minimum": 0.0
+          "minimum": 0
        },
        "oauth2": {
          "type": "integer",
          "format": "uint64",
-          "minimum": 0.0
+          "minimum": 0
        },
        "compat": {
          "type": "integer",
          "format": "uint64",
-          "minimum": 0.0
+          "minimum": 0
        },
        "personal": {
          "type": "integer",
          "format": "uint64",
-          "minimum": 0.0
+          "minimum": 0
        }
-      }
+      },
+      "required": [
+        "total",
+        "oauth2",
+        "compat",
+        "personal"
+      ]
    },
    "CompatLoginType": {
      "type": "string",
@@ -85,12 +85,18 @@
      "properties": {
        "ip_address": {
          "description": "IP address of the entity making the request",
-          "type": "string",
+          "type": [
+            "string",
+            "null"
+          ],
          "format": "ip"
        },
        "user_agent": {
          "description": "User agent of the entity making the request",
-          "type": "string"
+          "type": [
+            "string",
+            "null"
+          ]
        }
      }
    }