diff --git a/src/main/groovy/io/kamax/mxisd/threepid/notification/email/EmailNotificationGenerator.java b/src/main/groovy/io/kamax/mxisd/threepid/notification/email/EmailNotificationGenerator.java index 57977a2..78100e3 100644 --- a/src/main/groovy/io/kamax/mxisd/threepid/notification/email/EmailNotificationGenerator.java +++ b/src/main/groovy/io/kamax/mxisd/threepid/notification/email/EmailNotificationGenerator.java @@ -137,15 +137,18 @@ public class EmailNotificationGenerator implements IEmailNotificationGenerator { @Override public String getForRemoteValidation(IThreePidSession session) { - log.info("Generating notification content for 3PID Session validation"); - String templateBody = getTemplateAndPopulate(templateCfg.getSession().getValidation().getLocal(), session.getThreePid()); + log.info("Generating notification content for remote-only 3PID session"); + String templateBody = getTemplateAndPopulate(templateCfg.getSession().getValidation().getRemote(), session.getThreePid()); // FIXME should have a global link builder, specific to mxisd String nextStepLink = srvCfg.getPublicUrl() + RemoteIdentityAPIv1.BASE + - "/validate/requestToken?sid=" + session.getId() + "&client_secret=" + session.getSecret(); + "/validate/requestToken?sid=" + session.getId() + + "&client_secret=" + session.getSecret() + + "&token=" + session.getToken(); templateBody = templateBody.replace("%SESSION_ID%", session.getId()); templateBody = templateBody.replace("%SESSION_SECRET%", session.getSecret()); + templateBody = templateBody.replace("%SESSION_TOKEN%", session.getToken()); templateBody = templateBody.replace("%NEXT_STEP_LINK%", nextStepLink); return templateBody; diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index d717262..18656d2 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -93,7 +93,7 @@ session.policy.validation: toRemote: true forRemote: enabled: true - toLocal: true + toLocal: false toRemote: true storage: diff --git a/src/main/resources/email/validate-local-template.eml b/src/main/resources/email/validate-local-template.eml index 08b4f60..78df56e 100644 --- a/src/main/resources/email/validate-local-template.eml +++ b/src/main/resources/email/validate-local-template.eml @@ -18,8 +18,6 @@ complete the verification of your email address: If you didn't make this request, you can safely disregard this email. -Thanks! - %DOMAIN_PRETTY% Admins --7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ @@ -77,8 +75,6 @@ pre, code {

If you didn't make this request, you can safely disregard this email.

-

Thanks!

-

%DOMAIN_PRETTY% Admins

diff --git a/src/main/resources/email/validate-remote-template.eml b/src/main/resources/email/validate-remote-template.eml new file mode 100644 index 0000000..76c64fc --- /dev/null +++ b/src/main/resources/email/validate-remote-template.eml @@ -0,0 +1,102 @@ +Subject: Linking your Email address to your Matrix account +MIME-Version: 1.0 +Content-Type: multipart/alternative; + boundary="7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ" + +--7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ +Content-Type: text/plain; charset=UTF-8 +Content-Disposition: inline + +Hello there! + +We have received a request to link this email address with your Matrix account. + +Due to the security policy in place, this email address can only be stored in the central Matrix Identity Server. +If you continue, your e-mail address and Matrix ID association will be made public without any current mean to be removed. + +If you would still like to continue, you will need to: +1. Go to your private Public registration process page: + + %NEXT_STEP_LINK% + +2. Follow the registration process of the central Identity Server, usually another email with similar content +3. Once your email address validated with the central Identity Server, click on "Continue" on page of step #1 +4. If your public association is found by our Identity server, the next step will be given to you. + + +If you didn't make this request, or do not want to make your address public, you can safely disregard this email. + +%DOMAIN_PRETTY% Admins + +--7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ +Content-Type: multipart/related; + boundary="M3yzHl5YZehm9v4bAM8sKEdcOoVnRnKR"; + type="text/html" + +--M3yzHl5YZehm9v4bAM8sKEdcOoVnRnKR +Content-Type: text/html; charset=UTF-8 +Content-Disposition: inline + + + + + + + + + + + + + +
+

Hello there!

+ +

We have received a request to link this email address with your Matrix account.

+ +

Due to the security policy in place, this email address can only be stored in the central Matrix Identity Server. + If you continue, your e-mail address and Matrix ID association will be made public without any current mean to be removed.

+ +

If you would still like to continue, you will need to: +

    +
  1. Go to your private Public registration process page
    2. +
  2. Follow the registration process of the central Identity Server, usually another email with similar content
    3. +
  3. Once your email address validated with the central Identity Server, click on "Continue" on page of step #1
    4. +
  4. If your public association is found by our Identity server, the next step will be given to you.
    5. +
+

+ +

If you didn't make this request, or do not want to make your address public, you can safely disregard this email.

+ +

%DOMAIN_PRETTY% Admins

+
+ + +--M3yzHl5YZehm9v4bAM8sKEdcOoVnRnKR-- + +--7REaIwWQCioQ6NaBlAQlg8ztbUQj6PKJ--