From 5912429d5329276a77eabb955735d35c7c89384a Mon Sep 17 00:00:00 2001 From: Neil Alexander Date: Mon, 8 Mar 2021 13:57:15 +0000 Subject: [PATCH] Return a more useful error on /register spec compliance violation (#1792) --- clientapi/routing/register.go | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/clientapi/routing/register.go b/clientapi/routing/register.go index 7d5ddbea..8e5a6b9b 100644 --- a/clientapi/routing/register.go +++ b/clientapi/routing/register.go @@ -502,11 +502,23 @@ func Register( // Squash username to all lowercase letters r.Username = strings.ToLower(r.Username) - if r.Type == authtypes.LoginTypeApplicationService && accessTokenErr == nil { + switch { + case r.Type == authtypes.LoginTypeApplicationService && accessTokenErr == nil: + // Spec-compliant case (the access_token is specified and the login type + // is correctly set, so it's an appservice registration) if resErr = validateApplicationServiceUsername(r.Username); resErr != nil { return *resErr } - } else { + case accessTokenErr == nil: + // Non-spec-compliant case (the access_token is specified but the login + // type is not known or specified) + return util.JSONResponse{ + Code: http.StatusBadRequest, + JSON: jsonerror.MissingArgument("A known registration type (e.g. m.login.application_service) must be specified if an access_token is provided"), + } + default: + // Spec-compliant case (neither the access_token nor the login type are + // specified, so it's a normal user registration) if resErr = validateUsername(r.Username); resErr != nil { return *resErr }