Make cleaning up pushers depend on the device_id instead of the token_id (#15280)

This makes it so that we rely on the `device_id` to delete pushers on logout, instead of relying on the `access_token_id`. This ensures we're not removing pushers on token refresh, and prepares for a world without access token IDs (also known as the OIDC). This actually runs the `set_device_id_for_pushers` background update, which was forgotten in #13831. Note that for backwards compatibility it still deletes pushers based on the `access_token` until the background update finishes.
2025-08-13 20:35:28 -04:00 · 2023-03-24 16:09:39 +01:00 · 2023-03-24 16:09:39 +01:00 · 5b70f240cf
commit 5b70f240cf
parent 68a6717312
15 changed files with 142 additions and 65 deletions
--- a/tests/push/test_http.py
+++ b/tests/push/test_http.py
@ -67,13 +67,13 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        def test_data(data: Any) -> None:
            self.get_failure(
                self.hs.get_pusherpool().add_or_update_pusher(
                    user_id=user_id,
-                    access_token=token_id,
+                    device_id=device_id,
                    kind="http",
                    app_id="m.http",
                    app_display_name="HTTP Push Notifications",
@ -114,12 +114,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -235,12 +235,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -356,12 +356,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -443,12 +443,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -521,12 +521,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -628,12 +628,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -764,12 +764,12 @@ class HTTPPusherTests(HomeserverTestCase):
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
+        device_id = user_tuple.device_id

        self.get_success(
            self.hs.get_pusherpool().add_or_update_pusher(
                user_id=user_id,
-                access_token=token_id,
+                device_id=device_id,
                kind="http",
                app_id="m.http",
                app_display_name="HTTP Push Notifications",
@ -778,7 +778,6 @@ class HTTPPusherTests(HomeserverTestCase):
                lang=None,
                data={"url": "http://example.com/_matrix/push/v1/notify"},
                enabled=enabled,
-                device_id=user_tuple.device_id,
            )
        )

@ -895,19 +894,17 @@ class HTTPPusherTests(HomeserverTestCase):

    def test_update_different_device_access_token_device_id(self) -> None:
        """Tests that if we create a pusher from one device, the update it from another
-        device, the access token and device ID associated with the pusher stays the
-        same.
+        device, the device ID associated with the pusher stays the same.
        """
        # Create a user with a pusher.
        user_id, access_token = self._make_user_with_pusher("user")

-        # Get the token ID for the current access token, since that's what we store in
-        # the pushers table. Also get the device ID from it.
+        # Get the device ID for the current access token, since that's what we store in
+        # the pushers table.
        user_tuple = self.get_success(
            self.hs.get_datastores().main.get_user_by_access_token(access_token)
        )
        assert user_tuple is not None
-        token_id = user_tuple.token_id
        device_id = user_tuple.device_id

        # Generate a new access token, and update the pusher with it.
@ -920,10 +917,9 @@ class HTTPPusherTests(HomeserverTestCase):
        )
        pushers: List[PusherConfig] = list(ret)

-        # Check that we still have one pusher, and that the access token and device ID
-        # associated with it didn't change.
+        # Check that we still have one pusher, and that the device ID associated with
+        # it didn't change.
        self.assertEqual(len(pushers), 1)
-        self.assertEqual(pushers[0].access_token, token_id)
        self.assertEqual(pushers[0].device_id, device_id)

    @override_config({"experimental_features": {"msc3881_enabled": True}})