Skip to content

Update MSC4326 error code #18947

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Sep 24, 2025
Merged

Update MSC4326 error code #18947

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0939be1
Update MSC4326 error code
tulir Sep 21, 2025
9af4cf1
Fix test
tulir Sep 21, 2025
036a46c
Remove outdated comment as error code was changed
tulir Sep 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/18947.misc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Update error code used when an appservice tries to masquerade as an unknown device using [MSC4326](https://github.com/matrix-org/matrix-spec-proposals/pull/4326). Contributed by @tulir @ Beeper.
4 changes: 1 addition & 3 deletions synapse/api/auth/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -354,12 +354,10 @@ async def get_appservice_user(
effective_user_id, effective_device_id
)
if device_opt is None:
# For now, use 400 M_EXCLUSIVE if the device doesn't exist.
# This is an open thread of discussion on MSC3202 as of 2021-12-09.
raise AuthError(
Copy link
Contributor

@reivilibre reivilibre Sep 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

above here it says MSC3202; is this the wrong statement, or is there some other context we should note?

Copy link
Contributor Author

@tulir tulir Sep 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh yes, that comment should probably just be removed. The behavior was extracted out of 3202 into 4326 so it's just an old comment and doesn't apply now that the error code was updated

400,
f"Application service trying to use a device that doesn't exist ('{effective_device_id}' for {effective_user_id})",
Codes.EXCLUSIVE,
Codes.UNKNOWN_DEVICE,
)

return create_requester(
Expand Down
3 changes: 3 additions & 0 deletions synapse/api/errors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,9 @@ class Codes(str, Enum):
)
MSC4306_NOT_IN_THREAD = "IO.ELEMENT.MSC4306.M_NOT_IN_THREAD"

# Part of MSC4326
UNKNOWN_DEVICE = "ORG.MATRIX.MSC4326.M_UNKNOWN_DEVICE"


class CodeMessageException(RuntimeError):
"""An exception with integer code, a message string attributes and optional headers.
Expand Down
2 changes: 1 addition & 1 deletion tests/api/test_auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -304,7 +304,7 @@ def test_get_user_by_req_appservice_valid_token_invalid_device_id(self) -> None:

failure = self.get_failure(self.auth.get_user_by_req(request), AuthError)
self.assertEqual(failure.value.code, 400)
self.assertEqual(failure.value.errcode, Codes.EXCLUSIVE)
self.assertEqual(failure.value.errcode, Codes.UNKNOWN_DEVICE)

def test_get_user_by_req__puppeted_token__not_tracking_puppeted_mau(self) -> None:
self.store.get_user_by_access_token = AsyncMock(
Expand Down
Loading