MirrorHub/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2024-11-16 19:10:50 +01:00
Code Issues Releases Activity

fix: ignore access tokens where they are not needed

Browse source
This commit is contained in:
Matthias Ahouansou 2024-04-02 17:19:59 +01:00
parent 33fb32be9a
commit 0d62c9de7c
No known key found for this signature in database
1 changed files with 5 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/api/ruma_wrapper/axum.rs
View file

@ -110,7 +110,8 @@ where
( (
AuthScheme::AccessToken AuthScheme::AccessToken
| AuthScheme::AppserviceToken | AuthScheme::AppserviceToken
| AuthScheme::AccessTokenOptional, | AuthScheme::AccessTokenOptional
| AuthScheme::None,
Token::Appservice(info), Token::Appservice(info),
) => { ) => {
let user_id = query_params let user_id = query_params
@ -144,7 +145,7 @@ where
)); ));
} }
( (
AuthScheme::AccessToken | AuthScheme::AccessTokenOptional, AuthScheme::AccessToken | AuthScheme::AccessTokenOptional | AuthScheme::None,
Token::User((user_id, device_id)), Token::User((user_id, device_id)),
) => (Some(user_id), Some(device_id), None, false), ) => (Some(user_id), Some(device_id), None, false),
(AuthScheme::ServerSignatures, Token::None) => { (AuthScheme::ServerSignatures, Token::None) => {
@ -259,13 +260,10 @@ where
| AuthScheme::AccessTokenOptional, | AuthScheme::AccessTokenOptional,
Token::None, Token::None,
) => (None, None, None, false), ) => (None, None, None, false),
( (AuthScheme::ServerSignatures, Token::Appservice(_) | Token::User(_)) => {
AuthScheme::ServerSignatures | AuthScheme::None,
Token::Appservice(_) | Token::User(_),
) => {
return Err(Error::BadRequest( return Err(Error::BadRequest(
ErrorKind::Unauthorized, ErrorKind::Unauthorized,
"Access tokens should not be used on this endpoint.", "Only server signatures should be used on this endpoint.",
)); ));
} }
(AuthScheme::AppserviceToken, Token::User(_)) => { (AuthScheme::AppserviceToken, Token::User(_)) => {