From 789e32281bea2b70189c528e57e4fb1d12efdffd Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Thu, 4 Jul 2019 12:53:55 +0100
Subject: [PATCH] Inline issue_access_token

this is only used in one place, so it's clearer if we inline it and reduce the
API surface.

Also, fixes a buglet where we would create an access token even if we were
about to block the user (we would never return the AT, so the user could never
use it, but it was still created and added to the db.)
---
 changelog.d/5659.misc    |  1 +
 synapse/handlers/auth.py | 10 +++-------
 tests/api/test_auth.py   |  2 +-
 3 files changed, 5 insertions(+), 8 deletions(-)
 create mode 100644 changelog.d/5659.misc

diff --git a/changelog.d/5659.misc b/changelog.d/5659.misc
new file mode 100644
index 000000000000..686001295c33
--- /dev/null
+++ b/changelog.d/5659.misc
@@ -0,0 +1 @@
+Inline issue_access_token.
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index ef5585aa9912..da312b188e64 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -578,9 +578,11 @@ def get_access_token_for_user_id(self, user_id, device_id=None):
             StoreError if there was a problem storing the token.
         """
         logger.info("Logging in user %s on device %s", user_id, device_id)
-        access_token = yield self.issue_access_token(user_id, device_id)
         yield self.auth.check_auth_blocking(user_id)
 
+        access_token = self.macaroon_gen.generate_access_token(user_id)
+        yield self.store.add_access_token_to_user(user_id, access_token, device_id)
+
         # the device *should* have been registered before we got here; however,
         # it's possible we raced against a DELETE operation. The thing we
         # really don't want is active access_tokens without a record of the
@@ -831,12 +833,6 @@ def _check_local_password(self, user_id, password):
             defer.returnValue(None)
         defer.returnValue(user_id)
 
-    @defer.inlineCallbacks
-    def issue_access_token(self, user_id, device_id=None):
-        access_token = self.macaroon_gen.generate_access_token(user_id)
-        yield self.store.add_access_token_to_user(user_id, access_token, device_id)
-        defer.returnValue(access_token)
-
     @defer.inlineCallbacks
     def validate_short_term_login_token_and_get_user_id(self, login_token):
         auth_api = self.hs.get_auth()
diff --git a/tests/api/test_auth.py b/tests/api/test_auth.py
index d4e75b5b2e72..cc48887885e1 100644
--- a/tests/api/test_auth.py
+++ b/tests/api/test_auth.py
@@ -244,7 +244,7 @@ def test_cannot_use_regular_token_as_guest(self):
         USER_ID = "@percy:matrix.org"
         self.store.add_access_token_to_user = Mock()
 
-        token = yield self.hs.handlers.auth_handler.issue_access_token(
+        token = yield self.hs.handlers.auth_handler.get_access_token_for_user_id(
             USER_ID, "DEVICE"
         )
         self.store.add_access_token_to_user.assert_called_with(USER_ID, token, "DEVICE")