mirror of
https://github.com/hoernschen/dendrite.git
synced 2024-12-25 22:48:27 +00:00
Fix user_id
query param breaking auth for non-appservices (#3196)
The `user_id` query param only has defined behavior when authenticating with an `as_token`. For any other tokens, the presence of the parameter should simply be ignored. Fixes #1738 Signed-off-by: Tulir Asokan <tulir@maunium.net> Co-authored-by: devonh <devon.dmytro@gmail.com>
This commit is contained in:
parent
478827459c
commit
bea73c765a
1 changed files with 8 additions and 5 deletions
|
@ -563,12 +563,15 @@ func (a *UserInternalAPI) QueryAccountData(ctx context.Context, req *api.QueryAc
|
||||||
func (a *UserInternalAPI) QueryAccessToken(ctx context.Context, req *api.QueryAccessTokenRequest, res *api.QueryAccessTokenResponse) error {
|
func (a *UserInternalAPI) QueryAccessToken(ctx context.Context, req *api.QueryAccessTokenRequest, res *api.QueryAccessTokenResponse) error {
|
||||||
if req.AppServiceUserID != "" {
|
if req.AppServiceUserID != "" {
|
||||||
appServiceDevice, err := a.queryAppServiceToken(ctx, req.AccessToken, req.AppServiceUserID)
|
appServiceDevice, err := a.queryAppServiceToken(ctx, req.AccessToken, req.AppServiceUserID)
|
||||||
if err != nil {
|
if err != nil || appServiceDevice != nil {
|
||||||
res.Err = err.Error()
|
if err != nil {
|
||||||
}
|
res.Err = err.Error()
|
||||||
res.Device = appServiceDevice
|
}
|
||||||
|
res.Device = appServiceDevice
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
|
}
|
||||||
|
// If the provided token wasn't an as_token (both err and appServiceDevice are nil), continue with normal auth.
|
||||||
}
|
}
|
||||||
device, err := a.DB.GetDeviceByAccessToken(ctx, req.AccessToken)
|
device, err := a.DB.GetDeviceByAccessToken(ctx, req.AccessToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in a new issue