Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Make the AS login method call Auth.get_user_by_req for checking the AS token. #13094

Merged
merged 4 commits into from
Jul 12, 2022
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/13094.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Make the AS login method call `Auth.get_user_by_req` for checking the AS token.
8 changes: 6 additions & 2 deletions synapse/rest/client/login.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@

from typing_extensions import TypedDict

from synapse.api.errors import Codes, LoginError, SynapseError
from synapse.api.errors import Codes, InvalidClientTokenError, LoginError, SynapseError
from synapse.api.ratelimiting import Ratelimiter
from synapse.api.urls import CLIENT_API_PREFIX
from synapse.appservice import ApplicationService
Expand Down Expand Up @@ -172,7 +172,11 @@ async def on_POST(self, request: SynapseRequest) -> Tuple[int, LoginResponse]:

try:
if login_submission["type"] == LoginRestServlet.APPSERVICE_TYPE:
appservice = self.auth.get_appservice_by_req(request)
requester = await self.auth.get_user_by_req(request)
appservice = requester.app_service

if appservice is None:
raise InvalidClientTokenError("This login method is only valid for application services")

if appservice.is_rate_limited():
await self._address_ratelimiter.ratelimit(
Expand Down