Make the AS login method call `Auth.get_user_by_req` for checking the AS token. (#13094)
This gets rid of another usage of get_appservice_by_req, with all the benefits, including correctly tracking the appservice IP and setting the tracing attributes correctly. Signed-off-by: Quentin Gliech <quenting@element.io>pull/13261/head
parent
2d82cdafd2
commit
b19060a29b
|
@ -0,0 +1 @@
|
|||
Make the AS login method call `Auth.get_user_by_req` for checking the AS token.
|
|
@ -28,7 +28,7 @@ from typing import (
|
|||
|
||||
from typing_extensions import TypedDict
|
||||
|
||||
from synapse.api.errors import Codes, LoginError, SynapseError
|
||||
from synapse.api.errors import Codes, InvalidClientTokenError, LoginError, SynapseError
|
||||
from synapse.api.ratelimiting import Ratelimiter
|
||||
from synapse.api.urls import CLIENT_API_PREFIX
|
||||
from synapse.appservice import ApplicationService
|
||||
|
@ -172,7 +172,13 @@ class LoginRestServlet(RestServlet):
|
|||
|
||||
try:
|
||||
if login_submission["type"] == LoginRestServlet.APPSERVICE_TYPE:
|
||||
appservice = self.auth.get_appservice_by_req(request)
|
||||
requester = await self.auth.get_user_by_req(request)
|
||||
appservice = requester.app_service
|
||||
|
||||
if appservice is None:
|
||||
raise InvalidClientTokenError(
|
||||
"This login method is only valid for application services"
|
||||
)
|
||||
|
||||
if appservice.is_rate_limited():
|
||||
await self._address_ratelimiter.ratelimit(
|
||||
|
|
Loading…
Reference in New Issue