char
/
dendrite
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Ensure appservices have their devices checked (#554) 

The regular device check will return the device for the appservice's bot user instead of going through the user_id branch. The check has been moved to below the user_id check to ensure the right virtual user's device is chosen.
main
Travis Ralston 2019-03-21 08:48:21 -06:00 committed by GitHub
parent 5d2d0484d1
commit f8f9965cc5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/github.com/matrix-org/dendrite/clientapi/auth/auth.go
View File

@ -65,12 +65,6 @@ type Data struct {
func VerifyUserFromRequest(
req *http.Request, data Data,
) (*authtypes.Device, *util.JSONResponse) {
// Try to find local user from device database
dev, devErr := verifyAccessToken(req, data.DeviceDB)
if devErr == nil {
return dev, verifyUserParameters(req)
}
// Try to find the Application Service user
token, err := ExtractAccessToken(req)
if err != nil {
@ -128,6 +122,12 @@ func VerifyUserFromRequest(
return &dev, nil
}
// Try to find local user from device database
dev, devErr := verifyAccessToken(req, data.DeviceDB)
if devErr == nil {
return dev, verifyUserParameters(req)
}
return nil, &util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: jsonerror.UnknownToken("Unrecognized access token"),