Unable to join vector.im/matrix.org IS from my intelfx.name HS

[intelfx]

Description

Trying to change identity server to vector.im or matrix.org from an account on my personal HS, intelfx.name, resuls in a "Terms of service not accepted or the identity server is invalid" message without a possibility to review and accept the Terms of service.

Steps to reproduce

Reproduction is likely tied to my specific HS (intelfx.name) configuration or state. I can create any amount of accounts on intelfx.name if needed (contact @intelfx:intelfx.name).

• login using riot.im/app or riot.im/develop
• open Settings -> General
• enter "vector.im" or "matrix.org" into the "Enter a new identity server" textbox
• click "Change"
• observe "Terms of service not accepted or the identity server is invalid" without a chance to review and accept the Terms of service

Logs being sent: yes

Screenshot:

Version information

• Platform: web
• Browser: Firefox 69.0.3
• OS: Arch Linux
• URL: riot.im/develop, riot.im/app

[aaronraimist]

In that screenshot it looks like you are already using vector.im? Is it just a bad error message not realizing that you are changing it to an identity server you are already using?

[turt2live]

Is your federation working correctly?

[intelfx]

@aaronraimist As far as I'm aware, I'm not using vector.im (specifically, I cannot add my mobile phone number). Attempting to change identity server to both vector.im and matrix.org yields the same error message. Clicking "disconnect" also does not change that label, so I believe that label is in error.

[intelfx]

@turt2live I believe it does, at least I had no reason to think otherwise and matrix-federation-tester says all clear (at least it used to; right now it yields some bogus error that I'm not sure how to interpret).

[intelfx]

This does not look like a bug in riot-web.

I've looked at requests being done by riot-web during the IS change request. As far as I can follow the spec, all API calls are well-formed, but the IS returns 500 somewhy. There have been no relevant requests incoming to my HS between the IS registration request and its 500 response.

1. request:

   GET /_matrix/identity/api/v1 HTTP/1.1
   Host: vector.im
   User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
   Accept: */*
   Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
   Accept-Encoding: gzip, deflate, br
   Origin: https://riot.im
   DNT: 1
   Connection: keep-alive

   response:

   HTTP/2.0 200 OK
   date: Fri, 25 Oct 2019 20:55:47 GMT
   content-type: application/json
   set-cookie: <redacted>
   access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
   access-control-allow-origin: *
   access-control-allow-headers: *
   cf-cache-status: DYNAMIC
   expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
   server: cloudflare
   cf-ray: 52b717eb2b00cc42-ZRH
   content-encoding: br
   X-Firefox-Spdy: h2

2. request:

   POST /_matrix/client/r0/user/%40intelfx%3Aintelfx.name/openid/request_token HTTP/1.1
   Host: intelfx.name
   User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
   Accept: application/json
   Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
   Accept-Encoding: gzip, deflate, br
   Authorization: Bearer <redacted>
   content-type: application/json
   Content-Length: 2
   Origin: https://riot.im
   DNT: 1
   Connection: keep-alive
   
   {}

   response:

   HTTP/2.0 200 OK
   server: nginx/1.17.4
   date: Fri, 25 Oct 2019 20:55:48 GMT
   content-type: application/json
   cache-control: no-cache, no-store, must-revalidate
   access-control-allow-origin: *
   access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
   access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
   strict-transport-security: max-age=31536000
   content-encoding: gzip
   X-Firefox-Spdy: h2
   
   {"access_token": "<redacted>", "token_type": "Bearer", "matrix_server_name": "intelfx.name", "expires_in": 3600.0}

3. request:

   POST /_matrix/identity/v2/account/register HTTP/1.1
   Host: vector.im
   User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
   Accept: application/json
   Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
   Accept-Encoding: gzip, deflate, br
   content-type: application/json
   Content-Length: 119
   Origin: https://riot.im
   DNT: 1
   Connection: keep-alive
   
   {"access_token":"<redacted>","token_type":"Bearer","matrix_server_name":"intelfx.name","expires_in":3600}

   response:

   HTTP/2.0 500 Internal Server Error
   date: Fri, 25 Oct 2019 20:55:48 GMT
   content-type: application/json
   set-cookie: <redacted>
   access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
   access-control-allow-origin: *
   access-control-allow-headers: *
   cf-cache-status: DYNAMIC
   expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
   server: cloudflare
   cf-ray: 52b717eedab3cc42-ZRH
   X-Firefox-Spdy: h2
   
   {"errcode": "M_UNKNOWN", "error": "Internal Server Error"}