From eb10e7d39b33d460148bf90bdad39dbbce0fe7cc Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Tue, 23 Apr 2024 17:11:30 -0400
Subject: [PATCH] fix(appservices): don't perform identity assertion when auth
 is optional

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/api/ruma_wrapper/axum.rs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs
index 1cfc36b03..f1df87b60 100644
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@@ -132,7 +132,7 @@ async fn from_request(req: Request<axum::body::Body>, _state: &S) -> Result<Self
 					"Unknown access token.",
 				))
 			},
-			(AuthScheme::AccessToken | AuthScheme::AccessTokenOptional, Token::Appservice(info)) => {
+			(AuthScheme::AccessToken, Token::Appservice(info)) => {
 				let user_id = query_params
 					.user_id
 					.map_or_else(
@@ -156,9 +156,10 @@ async fn from_request(req: Request<axum::body::Body>, _state: &S) -> Result<Self
 
 				(Some(user_id), None, None, Some(*info))
 			},
-			(AuthScheme::None | AuthScheme::AppserviceToken, Token::Appservice(info)) => {
-				(None, None, None, Some(*info))
-			},
+			(
+				AuthScheme::None | AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken,
+				Token::Appservice(info),
+			) => (None, None, None, Some(*info)),
 			(AuthScheme::AccessToken, Token::None) => {
 				return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token."));
 			},
-- 
GitLab