This is used by the official client to show the username and avatar as a preview and to prompt the user to accept the scanned code. When the user scans the QR code using their device, the server sends a pending_finish packet containing encrypted user data. Used by mobile to uniquely identify a login request This approach is preferable to using random data alone because users can be directed to install the app if they scan it using a conventional QR code scanner app. The client uses concatenated with the fingerprint parameter to create the QR code. The official client does check this equality, but there's no reason a client needs to. Interestingly, fingerprint is the base64-url-encoded SHA-256 digest of the public key. When the server receives a correct nonce_proof packet from the client, it sends a pending_remote_init with a fingerprint which describes the actual login request. fieldīase64-url-encoded SHA-256 digest of data decrypted from the encrypted_nonce parameter fieldĪfter the client receives a nonce_proof packet from the server, the client sends back a nonce_proof packet of its own containing a SHA-256 digest of the decrypted data encoded as base64-url. fieldĪfter receiving an init packet from the client, the server sends a nonce_proof packet containing a nonce encrypted using the public key provided in the init packet. # OP initĪfter receiving a hello packet, a client should send the init packet with the public key it generated which future data will be encrypted with. Sent by the server after every heartbeat, the client should close the connection if no heartbeat_ack is received after the next heartbeat packet is to be sent. Sent by the client every heartbeat_intervalms # OP heartbeat_ack
Time in milliseconds between when a client should send heartbeats Time in milliseconds until the server will close the websocket and invalidate the login QR code When the socket is first opened, the server sends an OP hello packet. Sent after heartbeat packet, should close connection if a heartbeat_ack isn't received by the next heartbeat interval Sent every N ms, described in hello packet
Sent after login flow is completed, contains encrypted token Sent after QR code is scanned, contains encrypted user data Sent after a valid nonce_proof is submitted Sent after nonce_proof, contains decrypted nonce as "proof"
Sent after init, contains encrypted nonce Sent after hello, describes generated public key
0 kommentar(er)
