summary refs log tree commit diff
path: root/synapse/api/auth.py
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/api/auth.py')
-rw-r--r--synapse/api/auth.py9
1 files changed, 7 insertions, 2 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py

index 307f5f9a94..d26014ef4f 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -246,6 +246,7 @@ class Auth:
         app_service = self.store.get_app_service_by_token(
             self.get_access_token_from_request(request)
         )
+
         if app_service is None:
             return None, None
 
@@ -266,8 +267,12 @@ class Auth:
 
         if not app_service.is_interested_in_user(user_id):
             raise AuthError(403, "Application service cannot masquerade as this user.")
-        if not (await self.store.get_user_by_id(user_id)):
-            raise AuthError(403, "Application service has not registered this user")
+        # Let ASes manipulate nonexistent users (e.g. to shadow-register them)
+        # if not (yield self.store.get_user_by_id(user_id)):
+        #     raise AuthError(
+        #         403,
+        #         "Application service has not registered this user"
+        #     )
         return user_id, app_service
 
     async def get_user_by_access_token(
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-09 10:36:10 +0000