Login screens: Doc: adapt log to correct logs and fix typo

docs/signup.md

@@ -1,30 +1,23 @@
 # Sign up to a homeserver
 
-This document describes the flow of registration to a homeserver. Examples come from the matrix.org homeserver, and the logs come from Riot-Android.
+This document describes the flow of registration to a homeserver. Examples come from the `matrix.org` homeserver.
 
-Note that it contains bugs:
+*Ref*: https://matrix.org/docs/spec/client_server/latest#account-registration-and-management
- - "password" and "initial_device_display_name" values are sent a bit too much
- - the first received "sessionId" is not reused
- - The order of stages returned by the homeserver is not strictly followed
-
-Ref: https://matrix.org/docs/spec/client_server/latest#account-registration-and-management
 
 ## Sign up flows
 
 ### First step
 
-Client request the sign-up flows, once the homeserver is chosen by the user and its url is knwon (in the example it's https://matrix.org)
+Client request the sign-up flows, once the homeserver is chosen by the user and its url is known (in the example it's `https://matrix.org`)
 
-> curl -X POST --data $'{"initial_device_display_name":"Mobile device","x_show_msisdn":true}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
-  "initial_device_display_name": "Mobile device",
-  "x_show_msisdn": true
 }
 ```
 
-401
+We get the flows with a 401, which also means the the registration is possible on this homeserver.
 
 ```json
 {
@@ -66,18 +59,19 @@ Client request the sign-up flows, once the homeserver is chosen by the user and
 
 ### Step 1: entering user name and password
 
-The app is displaying a form with login and password. Only the login is sent for the first request
+The app is displaying a form to enter username and password.
 
-> curl -X POST --data $'{"initial_device_display_name":"Mobile device","username":"alice"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"initial_device_display_name":"Mobile device","username":"alice","password": "weak_password"}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
   "initial_device_display_name": "Mobile device",
-  "username": "alice"
+  "username": "alice",
+  "password": "weak_password"
 }
 ```
 
-401
+401. Note that the `session` value has changed (because we did not provide the previous value in the request body), but it's ok, we will use the new value for the next steps.
 
 ```json
 {
@@ -119,6 +113,8 @@ The app is displaying a form with login and password. Only the login is sent for
 
 #### If username already exists
 
+We get a 400:
+
 ```json
 {
   "errcode": "M_USER_IN_USE",
@@ -130,17 +126,14 @@ The app is displaying a form with login and password. Only the login is sent for
 
 User is proposed to enter an email. We skip this step.
 
-> curl -X POST --data $'{"auth":{"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.dummy"},"initial_device_display_name":"Mobile device","password":"azerty","username":"alice"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"auth":{"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.dummy"}}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
   "auth": {
     "session": "xptUYoREDACTEDogOWAGVnbJQ",
     "type": "m.login.dummy"
-  },
+  }
-  "initial_device_display_name": "Mobile device",
-  "password": "password_REDACTED",
-  "username":"alice"
 }
 ```
 
@@ -189,6 +182,8 @@ User is proposed to enter an email. We skip this step.
 
 ### Step 2 bis: we enter an email
 
+We request a token to the homeserver. The `client_secret` is generated by the application
+
 > curl -X POST --data $'{"client_secret":"53e679ea-oRED-ACTED-92b8-3012c49c6cfa","email":"alice@yopmail.com","send_attempt":0}' 'https://matrix.org/_matrix/client/r0/register/email/requestToken'
 
 ```json
@@ -209,7 +204,7 @@ User is proposed to enter an email. We skip this step.
 
 And
 
-> curl -X POST --data $'{"auth":{"threepid_creds":{"client_secret":"53e679ea-oRED-ACTED-92b8-3012c49c6cfa","sid":"qlBCREDACTEDEtgxD"},"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.email.identity"},"initial_device_display_name":"Mobile device","password":"password_REDACTED","username":"alice"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"auth":{"threepid_creds":{"client_secret":"53e679ea-oRED-ACTED-92b8-3012c49c6cfa","sid":"qlBCREDACTEDEtgxD"},"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.email.identity"}}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
@@ -220,14 +215,11 @@ And
     },
     "session": "xptUYoREDACTEDogOWAGVnbJQ",
     "type": "m.login.email.identity"
-  },
+  }
-  "initial_device_display_name": "Mobile device",
-  "password": "password_REDACTED",
-  "username": "alice"
 }
 ```
 
-401
+We get 401 since the email is not validated yet:
 
 ```json
 {
@@ -238,7 +230,7 @@ And
 
 The app is now polling on 
 
-> curl -X POST --data $'{"auth":{"threepid_creds":{"client_secret":"53e679ea-oRED-ACTED-92b8-3012c49c6cfa","sid":"qlBCREDACTEDEtgxD"},"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.email.identity"},"initial_device_display_name":"Mobile device","password":"password_REDACTED","username":"alice"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"auth":{"threepid_creds":{"client_secret":"53e679ea-oRED-ACTED-92b8-3012c49c6cfa","sid":"qlBCREDACTEDEtgxD"},"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.email.identity"}}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
@@ -249,17 +241,14 @@ The app is now polling on
     },
     "session": "xptUYoREDACTEDogOWAGVnbJQ",
     "type": "m.login.email.identity"
-  },
+  }
-  "initial_device_display_name": "Mobile device",
-  "password": "password_REDACTED",
-  "username": "alice"
 }
 ```
 
-We click on the link received by email https://matrix.org/_matrix/client/unstable/registration/email/submit_token?token=vtQjQIZfwdoREDACTEDozrmKYSWlCXsJ&client_secret=53e679ea-oRED-ACTED-92b8-3012c49c6cfa&sid=qlBCREDACTEDEtgxD which contains:
+We click on the link received by email `https://matrix.org/_matrix/client/unstable/registration/email/submit_token?token=vtQjQIZfwdoREDACTEDozrmKYSWlCXsJ&client_secret=53e679ea-oRED-ACTED-92b8-3012c49c6cfa&sid=qlBCREDACTEDEtgxD` which contains:
-- A token vtQjQIZfwdoREDACTEDozrmKYSWlCXsJ
+- A `token` vtQjQIZfwdoREDACTEDozrmKYSWlCXsJ
-- a client secret: 53e679ea-oRED-ACTED-92b8-3012c49c6cfa
+- The `client_secret`: 53e679ea-oRED-ACTED-92b8-3012c49c6cfa
-- A sid: qlBCREDACTEDEtgxD
+- A `sid`: qlBCREDACTEDEtgxD
 
 Once the link is clicked, the registration request (polling) returns a 401 with the following content:
 
@@ -308,15 +297,14 @@ Once the link is clicked, the registration request (polling) returns a 401 with
 
 User is proposed to accept T&C and he accepts them
 
-> curl -X POST --data $'{"auth":{"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.terms"},"initial_device_display_name":"Mobile device"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"auth":{"session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.terms"}}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
   "auth": {
     "session": "xptUYoREDACTEDogOWAGVnbJQ",
     "type": "m.login.terms"
-  },
+  }
-  "initial_device_display_name": "Mobile device"
 }
 ```
 
@@ -368,7 +356,7 @@ User is proposed to accept T&C and he accepts them
 
 User is proposed to prove he is not a robot and he does it:
 
-> curl -X POST --data $'{"auth":{"response":"03AOLTBLSiGS9GhFDpAMblJ2nlXOmHXqAYJ5OvHCPUjiVLBef3k9snOYI_BDC32-t4D2jv-tpvkaiEI_uloobFd9RUTPpJ7con2hMddbKjSCYqXqcUQFhzhbcX6kw8uBnh2sbwBe80_ihrHGXEoACXQkL0ki1Q0uEtOeW20YBRjbNABsZPpLNZhGIWC0QVXnQ4FouAtZrl3gOAiyM-oG3cgP6M9pcANIAC_7T2P2amAHbtsTlSR9CsazNyS-rtDR9b5MywdtnWN9Aw8fTJb8cXQk_j7nvugMxzofPjSOrPKcr8h5OqPlpUCyxxnFtag6cuaPSUwh43D2L0E-ZX7djzaY2Yh_U2n6HegFNPOQ22CJmfrKwDlodmAfMPvAXyq77n3HpoREDACTEDo3830RHF4BfkGXUaZjctgg-A1mvC17hmQmQpkG7IhDqyw0onU-0vF_-ehCjq_CcQEDpS_O3uiHJaG5xGf-0rhLm57v_wA3deugbsZuO4uTuxZZycN_mKxZ97jlDVBetl9hc_5REPbhcT1w3uzTCSx7Q","session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.recaptcha"},"initial_device_display_name":"Mobile device"}' 'https://matrix.org/_matrix/client/r0/register'
+> curl -X POST --data $'{"auth":{"response":"03AOLTBLSiGS9GhFDpAMblJ2nlXOmHXqAYJ5OvHCPUjiVLBef3k9snOYI_BDC32-t4D2jv-tpvkaiEI_uloobFd9RUTPpJ7con2hMddbKjSCYqXqcUQFhzhbcX6kw8uBnh2sbwBe80_ihrHGXEoACXQkL0ki1Q0uEtOeW20YBRjbNABsZPpLNZhGIWC0QVXnQ4FouAtZrl3gOAiyM-oG3cgP6M9pcANIAC_7T2P2amAHbtsTlSR9CsazNyS-rtDR9b5MywdtnWN9Aw8fTJb8cXQk_j7nvugMxzofPjSOrPKcr8h5OqPlpUCyxxnFtag6cuaPSUwh43D2L0E-ZX7djzaY2Yh_U2n6HegFNPOQ22CJmfrKwDlodmAfMPvAXyq77n3HpoREDACTEDo3830RHF4BfkGXUaZjctgg-A1mvC17hmQmQpkG7IhDqyw0onU-0vF_-ehCjq_CcQEDpS_O3uiHJaG5xGf-0rhLm57v_wA3deugbsZuO4uTuxZZycN_mKxZ97jlDVBetl9hc_5REPbhcT1w3uzTCSx7Q","session":"xptUYoREDACTEDogOWAGVnbJQ","type":"m.login.recaptcha"}}' 'https://matrix.org/_matrix/client/r0/register'
 
 ```json
 {
@@ -376,8 +364,7 @@ User is proposed to prove he is not a robot and he does it:
     "response": "03AOLTBLSiGS9GhFDpAMblJ2nlXOmHXqAYJ5OvHCPUjiVLBef3k9snOYI_BDC32-t4D2jv-tpvkaiEI_uloobFd9RUTPpJ7con2hMddbKjSCYqXqcUQFhzhbcX6kw8uBnh2sbwBe80_ihrHGXEoACXQkL0ki1Q0uEtOeW20YBRjbNABsZPpLNZhGIWC0QVXnQ4FouAtZrl3gOAiyM-oG3cgP6M9pcANIAC_7T2P2amAHbtsTlSR9CsazNyS-rtDR9b5MywdtnWN9Aw8fTJb8cXQk_j7nvugMxzofPjSOrPKcr8h5OqPlpUCyxxnFtag6cuaPSUwh43D2L0E-ZX7djzaY2Yh_U2n6HegFNPOQ22CJmfrKwDlodmAfMPvAXyq77n3HpoREDACTEDo3830RHF4BfkGXUaZjctgg-A1mvC17hmQmQpkG7IhDqyw0onU-0vF_-ehCjq_CcQEDpS_O3uiHJaG5xGf-0rhLm57v_wA3deugbsZuO4uTuxZZycN_mKxZ97jlDVBetl9hc_5REPbhcT1w3uzTCSx7Q",
     "session": "xptUYoREDACTEDogOWAGVnbJQ",
     "type": "m.login.recaptcha"
-  },
+  }
-  "initial_device_display_name": "Mobile device"
 }
 ```