From 424be176d44436dd7fa7d7f1be9c32bd65bfc05e Mon Sep 17 00:00:00 2001 From: "pr-automation-bot-public[bot]" Date: Tue, 9 Jun 2026 10:19:23 +0000 Subject: [PATCH] chore: sync II spec to dfinity/internet-identity release-2026-06-05-hotfix --- .sources/VERSIONS | 2 +- .sources/internetidentity | 2 +- public/references/internet-identity.did | 26 +++++++++++++++++++++++++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/.sources/VERSIONS b/.sources/VERSIONS index 3f72cb1..effd210 100644 --- a/.sources/VERSIONS +++ b/.sources/VERSIONS @@ -62,4 +62,4 @@ motoko-core v2.4.0 cdk-rs ic-cdk v0.20.1 / ic-cdk-timers v1.0.0 / ic-cdk-executor v2.0.0 317f55c candid 2025-12-18 # candid v0.10.20, didc v0.5.4 2e4a2cf response-verification v3.1.0 18c5a37 -internetidentity release-2026-06-01 18130689 +internetidentity release-2026-06-05-hotfix d2b368e0 diff --git a/.sources/internetidentity b/.sources/internetidentity index 1813068..d2b368e 160000 --- a/.sources/internetidentity +++ b/.sources/internetidentity @@ -1 +1 @@ -Subproject commit 18130689eda68a3ec51af2aaa7ba13eb32e6568e +Subproject commit d2b368e033b54aa3b1f1d4123dd977c6f454b39b diff --git a/public/references/internet-identity.did b/public/references/internet-identity.did index 40c7259..af225bd 100644 --- a/public/references/internet-identity.did +++ b/public/references/internet-identity.did @@ -625,6 +625,24 @@ type EmailRecoveryStatus = variant { Expired; }; +// Which trust path the canister used (or will use) to verify the +// challenge email. Public — already chosen by the FE and derivable +// from the public deploy config. +type VerificationPath = variant { Doh; Dnssec }; + +// Strictly-public, user-copyable diagnostics for one pending challenge +// (see email_recovery_diagnostics). Intended for a support ticket so a +// case can be lined up across the SMTP gateway logs and the canister's +// production logs via message_id. NO email address, anchor, principal, +// delegation/seed, or inner error string — reason_code is the failing +// variant's name only. +type EmailRecoveryDiagnostics = record { + message_id : opt text; + reason_code : text; + verification_path : VerificationPath; + created_at : Timestamp; +}; + type EmailRecoveryGetDelegationArgs = record { nonce : text; session_key : SessionKey; @@ -671,6 +689,13 @@ type SmtpRequest = record { message : opt SmtpMessage; envelope : opt SmtpEnvelope; gateway_flags : opt vec text; + // Optional gateway-supplied correlation id for one inbound message + // (e.g. the RFC 5322 Message-ID or a gateway-assigned tracking id). + // The canister does not interpret it; it lets a reported case be + // lined up across the SMTP gateway logs and the canister's production + // logs during support investigations. Capped at 256 bytes; oversize + // values are rejected with code 555. + message_id : opt text; }; // Error returned by `smtp_request` / `smtp_request_validate`. @@ -1489,6 +1514,7 @@ service : (opt InternetIdentityInit) -> { email_recovery_credential_prepare_add : (IdentityNumber, EmailRecoveryDnsInput) -> (variant { Ok : EmailRecoveryChallenge; Err : EmailRecoveryError }); email_recovery_prepare_delegation : (EmailRecoveryDnsInput, SessionKey) -> (variant { Ok : EmailRecoveryChallenge; Err : EmailRecoveryError }); email_recovery_status : (text) -> (EmailRecoveryStatus) query; + email_recovery_diagnostics : (text) -> (opt EmailRecoveryDiagnostics) query; email_recovery_submit_dkim_leaf : (EmailRecoverySubmitDkimLeafArg) -> (variant { Ok : EmailRecoveryStatus; Err : EmailRecoveryError }); email_recovery_get_delegation : (EmailRecoveryGetDelegationArgs) -> (variant { Ok : SignedDelegation; Err : EmailRecoveryError }) query; email_recovery_credential_remove : (IdentityNumber, text) -> (variant { Ok; Err : EmailRecoveryError });