Support JWT authentication on deactivate route.

Signed-off-by: Jason Volk <jason@zemos.net>

src/api/client/session/jwt.rs

@@ -22,20 +22,9 @@ pub(super) async fn handle_login(
 	_body: &Ruma<Request>,
 	info: &Token,
 ) -> Result<OwnedUserId> {
-	let config = &services.config.jwt;
-
-	if !config.enable {
-		return Err!(Request(Unknown("JWT login is not enabled.")));
-	}
-
-	let claim = validate(config, &info.token)?;
-	let local = claim.sub.to_lowercase();
-	let server = &services.server.name;
-	let user_id = UserId::parse_with_server_name(local, server).map_err(|e| {
-		err!(Request(InvalidUsername("JWT subject is not a valid user MXID: {e}")))
-	})?;
-
+	let user_id = validate_user(services, &info.token)?;
 	if !services.users.exists(&user_id).await {
+		let config = &services.config.jwt;
 		if !config.register_user {
 			return Err!(Request(NotFound("User {user_id} is not registered on this server.")));
 		}
@@ -49,6 +38,22 @@ pub(super) async fn handle_login(
 	Ok(user_id)
 }
 
+pub(crate) fn validate_user(services: &Services, token: &str) -> Result<OwnedUserId> {
+	let config = &services.config.jwt;
+	if !config.enable {
+		return Err!(Request(Unauthorized("JWT login is not enabled.")));
+	}
+
+	let claim = validate(config, token)?;
+	let local = claim.sub.to_lowercase();
+	let server = &services.server.name;
+	let user_id = UserId::parse_with_server_name(local, server).map_err(|e| {
+		err!(Request(InvalidUsername("JWT subject is not a valid user MXID: {e}")))
+	})?;
+
+	Ok(user_id)
+}
+
 fn validate(config: &JwtConfig, token: &str) -> Result<Claim> {
 	let verifier = init_verifier(config)?;
 	let validator = init_validator(config)?;

src/api/client/session/mod.rs

@@ -1,5 +1,5 @@
 mod appservice;
-mod jwt;
+pub(crate) mod jwt;
 mod ldap;
 mod logout;
 mod password;