summary refs log tree commit diff
path: root/synapse/api/auth/msc3861_delegated.py
diff options
context:
space:
mode:
authorQuentin Gliech <quenting@element.io>2023-05-16 10:52:37 +0200
committerPatrick Cloke <clokep@users.noreply.github.com>2023-05-30 09:43:06 -0400
commit4d0231b3648d5d70a8e0f4d99a0c040f12f15669 (patch)
tree5838e6a59adc17570938e9d52a1c697282b62e62 /synapse/api/auth/msc3861_delegated.py
parentAdd an admin token for MAS -> Synapse calls (diff)
downloadsynapse-4d0231b3648d5d70a8e0f4d99a0c040f12f15669.tar.xz
Make AS tokens work & allow ASes to /register
Diffstat (limited to 'synapse/api/auth/msc3861_delegated.py')
-rw-r--r--synapse/api/auth/msc3861_delegated.py9
1 files changed, 7 insertions, 2 deletions
diff --git a/synapse/api/auth/msc3861_delegated.py b/synapse/api/auth/msc3861_delegated.py
index a84b7730b3..b84dce2563 100644
--- a/synapse/api/auth/msc3861_delegated.py
+++ b/synapse/api/auth/msc3861_delegated.py
@@ -162,14 +162,19 @@ class MSC3861DelegatedAuth(BaseAuth):
     ) -> Requester:
         access_token = self.get_access_token_from_request(request)
 
-        # TODO: we probably want to assert the allow_guest inside this call so that we don't provision the user if they don't have enough permission:
-        requester = await self.get_user_by_access_token(access_token, allow_expired)
+        requester = await self.get_appservice_user(request, access_token)
+        if not requester:
+            # TODO: we probably want to assert the allow_guest inside this call
+            # so that we don't provision the user if they don't have enough permission:
+            requester = await self.get_user_by_access_token(access_token, allow_expired)
 
         if not allow_guest and requester.is_guest:
             raise OAuthInsufficientScopeError(
                 ["urn:matrix:org.matrix.msc2967.client:api:*"]
             )
 
+        request.requester = requester
+
         return requester
 
     async def get_user_by_access_token(