Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Make the AS login method call Auth.get_user_by_req for checking the AS token. #13094

Merged
merged 4 commits into from
Jul 12, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/13094.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Make the AS login method call `Auth.get_user_by_req` for checking the AS token.
10 changes: 8 additions & 2 deletions synapse/rest/client/login.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@

from typing_extensions import TypedDict

from synapse.api.errors import Codes, LoginError, SynapseError
from synapse.api.errors import Codes, InvalidClientTokenError, LoginError, SynapseError
from synapse.api.ratelimiting import Ratelimiter
from synapse.api.urls import CLIENT_API_PREFIX
from synapse.appservice import ApplicationService
Expand Down Expand Up @@ -172,7 +172,13 @@ async def on_POST(self, request: SynapseRequest) -> Tuple[int, LoginResponse]:

try:
if login_submission["type"] == LoginRestServlet.APPSERVICE_TYPE:
appservice = self.auth.get_appservice_by_req(request)
requester = await self.auth.get_user_by_req(request)
appservice = requester.app_service

if appservice is None:
raise InvalidClientTokenError(
"This login method is only valid for application services"
)

if appservice.is_rate_limited():
await self._address_ratelimiter.ratelimit(
Expand Down