Merge branch 'no-identity-assertion-optional-auth' into 'next'

fix(appservices): don't perform identity assertion when auth is optional Closes #430 See merge request famedly/conduit!641
2024-04-23 21:05:01 +00:00 · 2024-04-23 21:05:01 +00:00 · 18f93ae8f3
commit 18f93ae8f3
parent 27753b1d96 6c9c1b5afe
1 changed files with 7 additions and 7 deletions
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@ -107,10 +107,7 @@ where
                        "Unknown access token.",
                    ))
                }
-                (
-                    AuthScheme::AccessToken | AuthScheme::AccessTokenOptional,
-                    Token::Appservice(info),
-                ) => {
+                (AuthScheme::AccessToken, Token::Appservice(info)) => {
                    let user_id = query_params
                        .user_id
                        .map_or_else(
@ -135,9 +132,12 @@ where
                    // TODO: Check if appservice is allowed to be that user
                    (Some(user_id), None, None, true)
                }
-                (AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(_)) => {
-                    (None, None, None, true)
-                }
+                (
+                    AuthScheme::None
+                    | AuthScheme::AppserviceToken
+                    | AuthScheme::AccessTokenOptional,
+                    Token::Appservice(_),
+                ) => (None, None, None, true),
                (AuthScheme::AccessToken, Token::None) => {
                    return Err(Error::BadRequest(
                        ErrorKind::MissingToken,