Last cosmetic changes for v1.3.0

src/main/java/io/kamax/mxisd/backend/rest/LookupSingleRequestJson.java

@@ -37,4 +37,5 @@ public class LookupSingleRequestJson {
     public String getAddress() {
         return address;
     }
+
 }

src/main/java/io/kamax/mxisd/exception/NotAllowedException.java

@@ -25,8 +25,14 @@ import org.apache.http.HttpStatus;
 
 public class NotAllowedException extends HttpMatrixException {
 
+    public static final String ErrCode = "M_FORBIDDEN";
+
+    public NotAllowedException(int code, String s) {
+        super(code, ErrCode, s);
+    }
+
     public NotAllowedException(String s) {
-        super(HttpStatus.SC_FORBIDDEN, "M_FORBIDDEN", s);
+        super(HttpStatus.SC_FORBIDDEN, ErrCode, s);
     }
 
 }

src/main/java/io/kamax/mxisd/session/SessionManager.java

@@ -178,7 +178,6 @@ public class SessionManager {
     }
 
     public void unbind(JsonObject reqData) {
-        // TODO also check for HS header to know which domain attempting the unbind
         if (reqData.entrySet().size() == 2 && reqData.has("mxid") && reqData.has("threepid")) {
             /* This is a HS request to remove a 3PID and is considered:
              * - An attack on user privacy
@@ -218,11 +217,13 @@ public class SessionManager {
                     }
                 }
             }
+
+            throw new NotAllowedException("You have attempted to alter 3PID bindings, which can only be done by the 3PID owner directly. " +
+                    "We have informed the 3PID owner of your fraudulent attempt.");
         }
 
-        log.info("Denying request");
-        throw new NotAllowedException("You have attempted to alter 3PID bindings, which can only be done by the 3PID owner directly. " +
-                "We have informed the 3PID owner of your fraudulent attempt.");
+        log.info("Denying unbind request as the endpoint is not defined in the spec.");
+        throw new NotAllowedException(499, "This endpoint does not exist in the spec and therefore is not supported.");
     }
 
 }