diff options
author | Erik Johnston <erik@matrix.org> | 2020-10-29 15:58:44 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-29 15:58:44 +0000 |
commit | f21e24ffc22a5eb01f242f47fa30979321cf20fc (patch) | |
tree | ec3dff4f767d024777c1b0c70d4f594a218c4a23 /synapse/handlers/auth.py | |
parent | Fix cache call signature to accept `on_invalidate`. (#8684) (diff) | |
download | synapse-f21e24ffc22a5eb01f242f47fa30979321cf20fc.tar.xz |
Add ability for access tokens to belong to one user but grant access to another user. (#8616)
We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
Diffstat (limited to 'synapse/handlers/auth.py')
-rw-r--r-- | synapse/handlers/auth.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 276594f3d9..ff103cbb92 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -991,17 +991,17 @@ class AuthHandler(BaseHandler): # This might return an awaitable, if it does block the log out # until it completes. result = provider.on_logged_out( - user_id=str(user_info["user"]), - device_id=user_info["device_id"], + user_id=user_info.user_id, + device_id=user_info.device_id, access_token=access_token, ) if inspect.isawaitable(result): await result # delete pushers associated with this access token - if user_info["token_id"] is not None: + if user_info.token_id is not None: await self.hs.get_pusherpool().remove_pushers_by_access_token( - str(user_info["user"]), (user_info["token_id"],) + user_info.user_id, (user_info.token_id,) ) async def delete_access_tokens_for_user( |