diff options
| author | Quentin Gliech <quenting@element.io> | 2023-05-16 10:52:37 +0200 |
|---|---|---|
| committer | Patrick Cloke <clokep@users.noreply.github.com> | 2023-05-30 09:43:06 -0400 |
| commit | 4d0231b3648d5d70a8e0f4d99a0c040f12f15669 (patch) | |
| tree | 5838e6a59adc17570938e9d52a1c697282b62e62 /synapse/api/auth/msc3861_delegated.py | |
| parent | Add an admin token for MAS -> Synapse calls (diff) | |
| download | synapse-4d0231b3648d5d70a8e0f4d99a0c040f12f15669.tar.xz | |
Make AS tokens work & allow ASes to /register
Diffstat (limited to 'synapse/api/auth/msc3861_delegated.py')
| -rw-r--r-- | synapse/api/auth/msc3861_delegated.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/synapse/api/auth/msc3861_delegated.py b/synapse/api/auth/msc3861_delegated.py index a84b7730b3..b84dce2563 100644 --- a/synapse/api/auth/msc3861_delegated.py +++ b/synapse/api/auth/msc3861_delegated.py @@ -162,14 +162,19 @@ class MSC3861DelegatedAuth(BaseAuth): ) -> Requester: access_token = self.get_access_token_from_request(request) - # TODO: we probably want to assert the allow_guest inside this call so that we don't provision the user if they don't have enough permission: - requester = await self.get_user_by_access_token(access_token, allow_expired) + requester = await self.get_appservice_user(request, access_token) + if not requester: + # TODO: we probably want to assert the allow_guest inside this call + # so that we don't provision the user if they don't have enough permission: + requester = await self.get_user_by_access_token(access_token, allow_expired) if not allow_guest and requester.is_guest: raise OAuthInsufficientScopeError( ["urn:matrix:org.matrix.msc2967.client:api:*"] ) + request.requester = requester + return requester async def get_user_by_access_token( |