Write a proposal on how to do callbacks between integration services and bridges

[Half-Shot]

For billing etc

[turt2live]

@turt2live so I can watch this

[Half-Shot]

Thinking on this some more:

Endpoints could be:

POST /verify/room/linked -> used to verify if a room should be linked POST /verify/user/linked -> used to verify if a user should be linked POST /verify/room/unlink -> used to verify if a room should be unlinked POST /verify/user/unlink -> used to verify if a user should be unlinked

Each of these endpoints would be called with the id of the bridge, the (user|room) id, and any useful information about the remote (user|room). The integration service could then make an informed choice on if the user or room should be modified.

• If the response is a 200, allow the link.
• If the response is 403, deny the link and if error is included in the body, show the error to the user.
• If the response is NOT a 200, deny the link.
  • This includes 404s and 5XXs. Any failure should be treated as a denial to avoid modifying state while the integration service may be down. Bridges should be pre-configured to only use some endpoints, if only some endpoints are implemented.

On the verification side of things, the bridge and the integration manager need some way to verify that the requests are valid. Probably some kind of shared secret?