From 0301c7c083c1145f0931993e5e4fa490d61eda0e Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Sun, 17 Mar 2024 21:59:10 -0400
Subject: [PATCH] fix Appservice AccessTokenOptional authentication type
 endpoints

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/api/ruma_wrapper/axum.rs | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs
index 716f01e7..2c9a9cd7 100644
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@@ -84,8 +84,7 @@ where
 			appservice_registration
 		{
 			match metadata.authentication {
-				// TODO: verify if just or'ing `AuthScheme::AppserviceToken` is correct here
-				AuthScheme::AccessToken | AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken => {
+				AuthScheme::AccessToken | AuthScheme::AppserviceToken => {
 					let user_id = query_params.user_id.map_or_else(
 						|| {
 							UserId::parse_with_server_name(
@@ -97,6 +96,8 @@ where
 						|s| UserId::parse(s).unwrap(),
 					);
 
+					debug!("User ID: {:?}", user_id);
+
 					if !services().users.exists(&user_id)? {
 						return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
 					}
@@ -104,6 +105,27 @@ where
 					// TODO: Check if appservice is allowed to be that user
 					(Some(user_id), None, None, true)
 				},
+				AuthScheme::AccessTokenOptional => {
+					let user_id = query_params.user_id.map_or_else(
+						|| {
+							UserId::parse_with_server_name(
+								registration.sender_localpart.as_str(),
+								services().globals.server_name(),
+							)
+							.unwrap()
+						},
+						|s| UserId::parse(s).unwrap(),
+					);
+
+					debug!("User ID: {:?}", user_id);
+
+					if !services().users.exists(&user_id)? {
+						(None, None, None, true)
+					} else {
+						// TODO: Check if appservice is allowed to be that user
+						(Some(user_id), None, None, true)
+					}
+				},
 				AuthScheme::ServerSignatures => (None, None, None, true),
 				AuthScheme::None => (None, None, None, true),
 			}