msisdn local validation doesn't work

[DrMoriarty]

Hello! I'm using local sessions only config and set up synapseSql config section to my postgresql backend.

When I add email it works pretty well. Only one verification email was sent with link to my own matrix.mobilap.ru server.

Mar 08 09:03:58 matrix mxisd[15850]: .986  INFO [nio-8090-exec-1]  i.k.m.c.i.v1.SessionRestController : Request POST: http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/email/requestToken
Mar 08 09:03:59 matrix mxisd[15850]: .016  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : Server 172.17.0.5 is asking to create session for email:drmoriarty.0@gmail.com (Attempt #1) - Next link: null
Mar 08 09:03:59 matrix mxisd[15850]: .038  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : No existing session for email:drmoriarty.0@gmail.com
Mar 08 09:03:59 matrix mxisd[15850]: .043  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : Is 3PID bound to local domain? false
Mar 08 09:03:59 matrix mxisd[15850]: .054  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : Generated new session 1520499839044 to validate email:drmoriarty.0@gmail.com from server 172.17.0.5
Mar 08 09:03:59 matrix mxisd[15850]: .055  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : Session 1520499839044 for email:drmoriarty.0@gmail.com: sending local validation notification
Mar 08 09:03:59 matrix mxisd[15850]: .059  INFO [nio-8090-exec-1] enericTemplateNotificationGenerator : Generating notification content for 3PID Session validation
Mar 08 09:03:59 matrix mxisd[15850]: .202  INFO [nio-8090-exec-1]  i.k.m.t.c.email.EmailSmtpConnector : Sending invite to drmoriarty.0@gmail.com via SMTP using email-smtp.eu-west-1.amazonaws.com:25
Mar 08 09:03:59 matrix mxisd[15850]: .229  INFO [nio-8090-exec-1]  i.k.m.t.c.email.EmailSmtpConnector : Connecting to email-smtp.eu-west-1.amazonaws.com:25
Mar 08 09:04:00 matrix mxisd[15850]: .393  INFO [nio-8090-exec-1]  i.k.m.t.c.email.EmailSmtpConnector : Invite to drmoriarty.0@gmail.com was sent
Mar 08 09:04:00 matrix mxisd[15850]: .421  INFO [nio-8090-exec-1]   i.k.mxisd.session.SessionMananger : Stored session 1520499839044
Mar 08 09:04:49 matrix mxisd[15850]: .983  INFO [nio-8090-exec-2]      i.k.m.c.i.v1.SessionController : Requested: http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/email/submitToken?sid=1520499839044&client_secret=ooluIjRGw5UpnZaaPySpwYkGfG45N2dB&token=068503
Mar 08 09:04:49 matrix mxisd[15850]: .985  INFO [nio-8090-exec-2]   i.k.mxisd.session.SessionMananger : Attempting validation for session 1520499839044 from 172.17.0.5
Mar 08 09:04:49 matrix mxisd[15850]: .997  INFO [nio-8090-exec-2]   i.k.mxisd.session.SessionMananger : Session 1520499839044 has been validated locally
Mar 08 09:04:50 matrix mxisd[15850]: .002  INFO [nio-8090-exec-2]      i.k.m.c.i.v1.SessionController : Session 1520499839044 was validated
Mar 08 09:04:56 matrix mxisd[15850]: .799  INFO [nio-8090-exec-3]  i.k.m.c.i.v1.SessionRestController : Requested: http://matrix.mobilap.ru/_matrix/identity/api/v1/3pid/getValidated3pid
Mar 08 09:04:56 matrix mxisd[15850]: .864  INFO [nio-8090-exec-4]  i.k.m.c.i.v1.SessionRestController : Requested: http://matrix.mobilap.ru/_matrix/identity/api/v1/3pid/bind
Mar 08 09:04:56 matrix mxisd[15850]: .872  INFO [nio-8090-exec-4]   i.k.mxisd.session.SessionMananger : Session 1520499839044 for email:drmoriarty.0@gmail.com: MXID @drmoriarty:mobilap.ru was bound locally

But when I add my phone number it generates one SMS with verification code, and then client (web riot) asks me for the second verification code. But there aren't any second SMS. The log:

Mar 08 09:05:35 matrix mxisd[15850]: .924  INFO [nio-8090-exec-5]  i.k.m.c.i.v1.SessionRestController : Request POST: http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/msisdn/requestToken
Mar 08 09:05:35 matrix mxisd[15850]: .956  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : Server 172.17.0.5 is asking to create session for msisdn:79602938024 (Attempt #1) - Next link: null
Mar 08 09:05:35 matrix mxisd[15850]: .962  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : No existing session for msisdn:79602938024
Mar 08 09:05:35 matrix mxisd[15850]: .964  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : Is 3PID bound to local domain? false
Mar 08 09:05:35 matrix mxisd[15850]: .965  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : Generated new session 1520499935964 to validate msisdn:79602938024 from server 172.17.0.5
Mar 08 09:05:35 matrix mxisd[15850]: .967  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : Session 1520499935964 for msisdn:79602938024: sending local validation notification
Mar 08 09:05:35 matrix mxisd[15850]: .968  INFO [nio-8090-exec-5] enericTemplateNotificationGenerator : Generating notification content for 3PID Session validation
Mar 08 09:05:35 matrix mxisd[15850]: .974  INFO [nio-8090-exec-5] i.k.m.t.c.p.PhoneSmsTwilioConnector : Sending SMS notification from +12055091480 to +79602938024 with 27 characters
Mar 08 09:05:37 matrix mxisd[15850]: .193  INFO [nio-8090-exec-5]   i.k.mxisd.session.SessionMananger : Stored session 1520499935964
Mar 08 09:05:56 matrix mxisd[15850]: .870  INFO [nio-8090-exec-6]  i.k.m.c.i.v1.SessionRestController : Requested: http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/msisdn/submitToken
Mar 08 09:05:56 matrix mxisd[15850]: .873  INFO [nio-8090-exec-6]   i.k.mxisd.session.SessionMananger : Attempting validation for session 1520499935964 from 172.17.0.5
Mar 08 09:05:56 matrix mxisd[15850]: .878  INFO [nio-8090-exec-6]   i.k.mxisd.session.SessionMananger : Session 1520499935964 has been validated locally
Mar 08 09:05:56 matrix mxisd[15850]: .880  INFO [nio-8090-exec-6]   i.k.mxisd.session.SessionMananger : Creating remote 3PID session for msisdn:79602938024 with local session [1520499935964] to {}
Mar 08 09:05:56 matrix mxisd[15850]: .888  INFO [nio-8090-exec-6]     i.k.m.c.DefaultExceptionHandler : Request POST http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/msisdn/submitToken - Error M_FORBIDDEN: Validating remote 3PID is not allowed

I think that the message Request POST http://matrix.mobilap.ru/_matrix/identity/api/v1/validate/msisdn/submitToken - Error M_FORBIDDEN is the root of issue, but I have no idea how to fix the mxisd behaviour. May be I miss some config section for it?

[DrMoriarty]

I forget to write details about my system: mxisd version: 0.6.1 from debian package Linux matrix 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux I'm using proxy nginx which redirects requests to mxisd instance:

       < redirect to sygnal >
        location /_matrix/identity {                                                                                                                                                                                              
                proxy_pass http://172.17.0.1:8090/_matrix/identity;                                                                                                                                                               
                proxy_set_header Host $host;                                                                                                                                                                                      
                proxy_set_header X-Forwarded-For $remote_addr;                                                                                                                                                                    
        } 
       < redirect to synapse >

[maxidorius]

This is a known bug and was fixed a coupled of days ago in PR #63. There will be a release today (0.7.0) including the fix. Stay tuned!

[DrMoriarty]

@maxidor Thank you very much!

[maxidorius]

@DrMoriarty v0.7.0 is out and contains your fix!