summary refs log tree commit diff
path: root/synapse/module_api/__init__.py
diff options
context:
space:
mode:
authorMatthew Hodgson <matthew@matrix.org>2017-11-30 01:51:38 +0000
committerMatthew Hodgson <matthew@matrix.org>2017-11-30 01:51:38 +0000
commitf397153dfc4020744e1cf8687abb01d4b7885a7a (patch)
tree342da238d1e7de6178731ad6a040bf9c3de16ce1 /synapse/module_api/__init__.py
parentspecify default user_directory_include_pattern (diff)
parentMerge pull request #2721 from matrix-org/rav/get_user_by_access_token_comments (diff)
downloadsynapse-f397153dfc4020744e1cf8687abb01d4b7885a7a.tar.xz
Merge branch 'develop' into matthew/search-all-local-users
Diffstat (limited to 'synapse/module_api/__init__.py')
-rw-r--r--synapse/module_api/__init__.py14
1 files changed, 12 insertions, 2 deletions
diff --git a/synapse/module_api/__init__.py b/synapse/module_api/__init__.py
index dc680ddf43..097c844d31 100644
--- a/synapse/module_api/__init__.py
+++ b/synapse/module_api/__init__.py
@@ -12,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+from twisted.internet import defer
 
 from synapse.types import UserID
 
@@ -81,6 +82,7 @@ class ModuleApi(object):
         reg = self.hs.get_handlers().registration_handler
         return reg.register(localpart=localpart)
 
+    @defer.inlineCallbacks
     def invalidate_access_token(self, access_token):
         """Invalidate an access token for a user
 
@@ -94,8 +96,16 @@ class ModuleApi(object):
         Raises:
             synapse.api.errors.AuthError: the access token is invalid
         """
-
-        return self._auth_handler.delete_access_token(access_token)
+        # see if the access token corresponds to a device
+        user_info = yield self._auth.get_user_by_access_token(access_token)
+        device_id = user_info.get("device_id")
+        user_id = user_info["user"].to_string()
+        if device_id:
+            # delete the device, which will also delete its access tokens
+            yield self.hs.get_device_handler().delete_device(user_id, device_id)
+        else:
+            # no associated device. Just delete the access token.
+            yield self._auth_handler.delete_access_token(access_token)
 
     def run_db_interaction(self, desc, func, *args, **kwargs):
         """Run a function with a database connection