From d2b349a75adf0c6ec10b18a94b4869676e55dc5a Mon Sep 17 00:00:00 2001
From: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Date: Tue, 17 Jul 2018 08:36:23 -0700
Subject: [PATCH] Check userID against AS namespace instead of localpart (#533)

---
 .../dendrite/clientapi/routing/register.go        | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/github.com/matrix-org/dendrite/clientapi/routing/register.go b/src/github.com/matrix-org/dendrite/clientapi/routing/register.go
index bfecec5d4..3e3a7c4c6 100644
--- a/src/github.com/matrix-org/dendrite/clientapi/routing/register.go
+++ b/src/github.com/matrix-org/dendrite/clientapi/routing/register.go
@@ -335,9 +335,10 @@ func UsernameMatchesMultipleExclusiveNamespaces(
 	cfg *config.Dendrite,
 	username string,
 ) bool {
+	userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
+
 	// Check namespaces and see if more than one match
 	matchCount := 0
-	userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
 	for _, appservice := range cfg.Derived.ApplicationServices {
 		if appservice.IsInterestedInUserID(userID) {
 			if matchCount++; matchCount > 1 {
@@ -348,6 +349,16 @@ func UsernameMatchesMultipleExclusiveNamespaces(
 	return false
 }
 
+// UsernameMatchesExclusiveNamespaces will check if a given username matches any
+// application service's exclusive users namespace
+func UsernameMatchesExclusiveNamespaces(
+	cfg *config.Dendrite,
+	username string,
+) bool {
+	userID := userutil.MakeUserID(username, cfg.Matrix.ServerName)
+	return cfg.Derived.ExclusiveApplicationServicesUsernameRegexp.MatchString(userID)
+}
+
 // validateApplicationService checks if a provided application service token
 // corresponds to one that is registered. If so, then it checks if the desired
 // username is within that application service's namespace. As long as these
@@ -466,7 +477,7 @@ func Register(
 	// service namespace. Skip this check if no app services are registered.
 	if r.Auth.Type != "m.login.application_service" &&
 		len(cfg.Derived.ApplicationServices) != 0 &&
-		cfg.Derived.ExclusiveApplicationServicesUsernameRegexp.MatchString(r.Username) {
+		UsernameMatchesExclusiveNamespaces(cfg, r.Username) {
 		return util.JSONResponse{
 			Code: http.StatusBadRequest,
 			JSON: jsonerror.ASExclusive("This username is reserved by an application service."),