From 54e0e2a14c1446847d02b299d17f7c848abb2ead Mon Sep 17 00:00:00 2001
From: Matthias Ahouansou <matthias@ahouansou.cz>
Date: Mon, 15 Apr 2024 19:13:10 +0100
Subject: [PATCH] fix(appservices): don't use identity assertion on account
 management endpoints

---
 src/api/ruma_wrapper/axum.rs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs
index 895b601d..e721e80d 100644
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@@ -108,10 +108,7 @@ where
                     ))
                 }
                 (
-                    AuthScheme::AccessToken
-                    | AuthScheme::AppserviceToken
-                    | AuthScheme::AccessTokenOptional
-                    | AuthScheme::None,
+                    AuthScheme::AccessToken | AuthScheme::AccessTokenOptional,
                     Token::Appservice(info),
                 ) => {
                     let user_id = query_params
@@ -138,6 +135,9 @@ where
                     // TODO: Check if appservice is allowed to be that user
                     (Some(user_id), None, None, true)
                 }
+                (AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(_)) => {
+                    (None, None, None, true)
+                }
                 (AuthScheme::AccessToken, Token::None) => {
                     return Err(Error::BadRequest(
                         ErrorKind::MissingToken,