Extract the id token of the token when authing users, include the token and device_id in the internal meta data for the event along with the transaction id when sending events

synapse/api/auth.py

@@ -21,7 +21,7 @@ from synapse.api.constants import EventTypes, Membership, JoinRules
 from synapse.api.errors import AuthError, StoreError, Codes, SynapseError
 from synapse.util.logutils import log_function
 from synapse.util.async import run_on_reactor
-from synapse.types import UserID
+from synapse.types import UserID, ClientID
 
 import logging
 
@@ -292,7 +292,7 @@ class Auth(object):
         Returns:
             Tuple of UserID and device string:
                 User ID object of the user making the request
-                Device ID string of the device the user is using
+                Client ID object of the client instance the user is using
         Raises:
             AuthError if no user by that token exists or the token is invalid.
         """
@@ -302,6 +302,7 @@ class Auth(object):
             user_info = yield self.get_user_by_token(access_token)
             user = user_info["user"]
             device_id = user_info["device_id"]
+            token_id = user_info["token_id"]
 
             ip_addr = self.hs.get_ip_from_request(request)
             user_agent = request.requestHeaders.getRawHeaders(
@@ -317,7 +318,7 @@ class Auth(object):
                     user_agent=user_agent
                 )
 
-            defer.returnValue((user, device_id))
+            defer.returnValue((user, ClientID(device_id, token_id)))
         except KeyError:
             raise AuthError(403, "Missing access token.")
 
@@ -342,6 +343,7 @@ class Auth(object):
                 "admin": bool(ret.get("admin", False)),
                 "device_id": ret.get("device_id"),
                 "user": UserID.from_string(ret.get("name")),
+                "token_id": ret.get("token_id", None),
             }
 
             defer.returnValue(user_info)