Implementation of MSC3967: Don't require UIA for initial upload of cross signing keys (#15077)

author: Hugh Nimmo-Smith <hughns@users.noreply.github.com> 2023-03-02 10:34:59 +0000
committer: GitHub <noreply@github.com> 2023-03-02 10:34:59 +0000
commit: 916b8061d20dc0902b7f2d42d994efc20300e9e7 (patch)
tree: bf06dc8e7e62246d70ae81879aa19bee173a25bc /synapse/rest
parent: Remove support for aggregating reactions (#15172) (diff)
download: synapse-916b8061d20dc0902b7f2d42d994efc20300e9e7.tar.xz
1 files changed, 23 insertions, 9 deletions
diff --git a/synapse/rest/client/keys.py b/synapse/rest/client/keys.py
index 7873b363c0..32bb8b9a91 100644
--- a/synapse/rest/client/keys.py
+++ b/synapse/rest/client/keys.py
@@ -312,15 +312,29 @@ class SigningKeyUploadServlet(RestServlet):
         user_id = requester.user.to_string()
         body = parse_json_object_from_request(request)
 
-        await self.auth_handler.validate_user_via_ui_auth(
-            requester,
-            request,
-            body,
-            "add a device signing key to your account",
-            # Allow skipping of UI auth since this is frequently called directly
-            # after login and it is silly to ask users to re-auth immediately.
-            can_skip_ui_auth=True,
-        )
+        if self.hs.config.experimental.msc3967_enabled:
+            if await self.e2e_keys_handler.is_cross_signing_set_up_for_user(user_id):
+                # If we already have a master key then cross signing is set up and we require UIA to reset
+                await self.auth_handler.validate_user_via_ui_auth(
+                    requester,
+                    request,
+                    body,
+                    "reset the device signing key on your account",
+                    # Do not allow skipping of UIA auth.
+                    can_skip_ui_auth=False,
+                )
+            # Otherwise we don't require UIA since we are setting up cross signing for first time
+        else:
+            # Previous behaviour is to always require UIA but allow it to be skipped
+            await self.auth_handler.validate_user_via_ui_auth(
+                requester,
+                request,
+                body,
+                "add a device signing key to your account",
+                # Allow skipping of UI auth since this is frequently called directly
+                # after login and it is silly to ask users to re-auth immediately.
+                can_skip_ui_auth=True,
+            )
 
         result = await self.e2e_keys_handler.upload_signing_keys_for_user(user_id, body)
         return 200, result
author	Hugh Nimmo-Smith <hughns@users.noreply.github.com>	2023-03-02 10:34:59 +0000
committer	GitHub <noreply@github.com>	2023-03-02 10:34:59 +0000
commit	916b8061d20dc0902b7f2d42d994efc20300e9e7 (patch)
tree	bf06dc8e7e62246d70ae81879aa19bee173a25bc /synapse/rest
parent	Remove support for aggregating reactions (#15172) (diff)
download	synapse-916b8061d20dc0902b7f2d42d994efc20300e9e7.tar.xz