From 7218a0ca1871c881070a25e33bb1198f51ba1e3a Mon Sep 17 00:00:00 2001
From: Jacek Kuśnierz <kusnierz@protonmail.com>
Date: Tue, 12 Jul 2022 20:48:29 +0200
Subject: Drop support for calling `/_matrix/client/v3/account/3pid/bind`
 without an `id_access_token` (#13239)

Fixes #13201

Signed-off-by: Jacek Kusnierz jacek.kusnierz@tum.de
---
 synapse/rest/client/account.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'synapse/rest/client')

diff --git a/synapse/rest/client/account.py b/synapse/rest/client/account.py
index 19c2da4244..0cc87a4001 100644
--- a/synapse/rest/client/account.py
+++ b/synapse/rest/client/account.py
@@ -704,10 +704,12 @@ class ThreepidBindRestServlet(RestServlet):
     async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
         body = parse_json_object_from_request(request)
 
-        assert_params_in_dict(body, ["id_server", "sid", "client_secret"])
+        assert_params_in_dict(
+            body, ["id_server", "sid", "id_access_token", "client_secret"]
+        )
         id_server = body["id_server"]
         sid = body["sid"]
-        id_access_token = body.get("id_access_token")  # optional
+        id_access_token = body["id_access_token"]
         client_secret = body["client_secret"]
         assert_valid_client_secret(client_secret)
 
-- 
cgit 1.4.1