mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-26 00:03:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

Also allow appservice itself to auth with user_id

Browse source 
Appservice user_id + access token check needs to work both when user_id is the appservice and when appservice has the user in their user namespace.

Signed-off-by: Jason Robinson <mail@jasonrobinson.me>
This commit is contained in:
Jason Robinson 2021-01-03 01:21:55 +02:00
parent bca2790c67
commit 34d0a50271
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
userapi/internal/api.go
View file

@ -389,9 +389,10 @@ func (a *UserInternalAPI) queryAppServiceToken(ctx context.Context, token, appSe
if localpart != "" { // AS is masquerading as another user
// Verify that the user is registered
_, err := a.AccountDB.GetAccountByLocalpart(ctx, localpart)
// Verify that the account belongs to the appservice user namespaces
if err == nil && appService.IsInterestedInUserID(appServiceUserID) {
account, err := a.AccountDB.GetAccountByLocalpart(ctx, localpart)
// Verify that the account exists and either appServiceID matches or
// it belongs to the appservice user namespaces
if err == nil && (account.AppServiceID == appService.ID || appService.IsInterestedInUserID(appServiceUserID)) {
// Set the userID of dummy device
dev.UserID = appServiceUserID
return &dev, nil