Merge branch 'no-identity-assertion-optional-auth' into 'next'

fix(appservices): don't perform identity assertion when auth is optional

Closes #430

See merge request famedly/conduit!641
This commit is contained in:
Matthias Ahouansou 2024-04-23 21:05:01 +00:00
commit 18f93ae8f3

View file

@ -107,10 +107,7 @@ where
"Unknown access token.",
))
}
(
AuthScheme::AccessToken | AuthScheme::AccessTokenOptional,
Token::Appservice(info),
) => {
(AuthScheme::AccessToken, Token::Appservice(info)) => {
let user_id = query_params
.user_id
.map_or_else(
@ -135,9 +132,12 @@ where
// TODO: Check if appservice is allowed to be that user
(Some(user_id), None, None, true)
}
(AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(_)) => {
(None, None, None, true)
}
(
AuthScheme::None
| AuthScheme::AppserviceToken
| AuthScheme::AccessTokenOptional,
Token::Appservice(_),
) => (None, None, None, true),
(AuthScheme::AccessToken, Token::None) => {
return Err(Error::BadRequest(
ErrorKind::MissingToken,