resolve the last few relevant pedantic clippy lints

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-27 16:33:09 -04:00 · 2024-03-27 16:33:09 -04:00 · 48d1a3af3c
commit 48d1a3af3c
parent fa71dd4b4c
20 changed files with 464 additions and 560 deletions
--- a/src/api/client_server/filter.rs
+++ b/src/api/client_server/filter.rs
@ -12,9 +12,8 @@ use crate::{services, Error, Result, Ruma};
 /// - A user can only access their own filters
 pub async fn get_filter_route(body: Ruma<get_filter::v3::Request>) -> Result<get_filter::v3::Response> {
 	let sender_user = body.sender_user.as_ref().expect("user is authenticated");
-	let filter = match services().users.get_filter(sender_user, &body.filter_id)? {
-		Some(filter) => filter,
-		None => return Err(Error::BadRequest(ErrorKind::NotFound, "Filter not found.")),
+	let Some(filter) = services().users.get_filter(sender_user, &body.filter_id)? else {
+		return Err(Error::BadRequest(ErrorKind::NotFound, "Filter not found."));
 	};

 	Ok(get_filter::v3::Response::new(filter))
--- a/src/api/client_server/keys.rs
+++ b/src/api/client_server/keys.rs
@ -387,36 +387,33 @@ pub(crate) async fn get_keys_helper<F: Fn(&UserId) -> bool>(
 		.collect();

 	while let Some((server, response)) = futures.next().await {
-		match response {
-			Ok(Ok(response)) => {
-				for (user, masterkey) in response.master_keys {
-					let (master_key_id, mut master_key) = services().users.parse_master_key(&user, &masterkey)?;
+		if let Ok(Ok(response)) = response {
+			for (user, masterkey) in response.master_keys {
+				let (master_key_id, mut master_key) = services().users.parse_master_key(&user, &masterkey)?;

-					if let Some(our_master_key) =
-						services()
-							.users
-							.get_key(&master_key_id, sender_user, &user, &allowed_signatures)?
-					{
-						let (_, our_master_key) = services().users.parse_master_key(&user, &our_master_key)?;
-						master_key.signatures.extend(our_master_key.signatures);
-					}
-					let json = serde_json::to_value(master_key).expect("to_value always works");
-					let raw = serde_json::from_value(json).expect("Raw::from_value always works");
-					services().users.add_cross_signing_keys(
-						&user, &raw, &None, &None,
-						false, /* Dont notify. A notification would trigger another key request resulting in an
-						       * endless loop */
-					)?;
-					master_keys.insert(user, raw);
+				if let Some(our_master_key) =
+					services()
+						.users
+						.get_key(&master_key_id, sender_user, &user, &allowed_signatures)?
+				{
+					let (_, our_master_key) = services().users.parse_master_key(&user, &our_master_key)?;
+					master_key.signatures.extend(our_master_key.signatures);
 				}
+				let json = serde_json::to_value(master_key).expect("to_value always works");
+				let raw = serde_json::from_value(json).expect("Raw::from_value always works");
+				services().users.add_cross_signing_keys(
+					&user, &raw, &None, &None,
+					false, /* Dont notify. A notification would trigger another key request resulting in an
+					       * endless loop */
+				)?;
+				master_keys.insert(user, raw);
+			}

-				self_signing_keys.extend(response.self_signing_keys);
-				device_keys.extend(response.device_keys);
-			},
-			_ => {
-				back_off(server.to_owned()).await;
-				failures.insert(server.to_string(), json!({}));
-			},
+			self_signing_keys.extend(response.self_signing_keys);
+			device_keys.extend(response.device_keys);
+		} else {
+			back_off(server.to_owned()).await;
+			failures.insert(server.to_string(), json!({}));
 		}
 	}

--- a/src/api/client_server/media.rs
+++ b/src/api/client_server/media.rs
@ -788,13 +788,12 @@ async fn request_url_preview(url: &str) -> Result<UrlPreviewData> {
 		));
 	}

-	let content_type = match response
+	let Some(content_type) = response
 		.headers()
 		.get(reqwest::header::CONTENT_TYPE)
 		.and_then(|x| x.to_str().ok())
-	{
-		Some(ct) => ct,
-		None => return Err(Error::BadRequest(ErrorKind::Unknown, "Unknown Content-Type")),
+	else {
+		return Err(Error::BadRequest(ErrorKind::Unknown, "Unknown Content-Type"));
 	};
 	let data = match content_type {
 		html if html.starts_with("text/html") => download_html(client, url).await?,
--- a/src/api/client_server/membership.rs
+++ b/src/api/client_server/membership.rs
@ -669,17 +669,15 @@ pub(crate) async fn join_room_by_id_helper(
 							"There is a signed event. This room is probably using restricted joins. Adding signature \
 							 to our event"
 						);
-						let (signed_event_id, signed_value) =
-							match gen_event_id_canonical_json(signed_raw, &room_version_id) {
-								Ok(t) => t,
-								Err(_) => {
-									// Event could not be converted to canonical json
-									return Err(Error::BadRequest(
-										ErrorKind::InvalidParam,
-										"Could not convert event to canonical json.",
-									));
-								},
-							};
+						let Ok((signed_event_id, signed_value)) =
+							gen_event_id_canonical_json(signed_raw, &room_version_id)
+						else {
+							// Event could not be converted to canonical json
+							return Err(Error::BadRequest(
+								ErrorKind::InvalidParam,
+								"Could not convert event to canonical json.",
+							));
+						};

 						if signed_event_id != event_id {
 							return Err(Error::BadRequest(
@ -753,9 +751,8 @@ pub(crate) async fn join_room_by_id_helper(
 			.iter()
 			.map(|pdu| validate_and_add_event_id(pdu, &room_version_id, &pub_key_map))
 		{
-			let (event_id, value) = match result.await {
-				Ok(t) => t,
-				Err(_) => continue,
+			let Ok((event_id, value)) = result.await else {
+				continue;
 			};

 			let pdu = PduEvent::from_id_val(&event_id, value.clone()).map_err(|e| {
@ -783,9 +780,8 @@ pub(crate) async fn join_room_by_id_helper(
 			.iter()
 			.map(|pdu| validate_and_add_event_id(pdu, &room_version_id, &pub_key_map))
 		{
-			let (event_id, value) = match result.await {
-				Ok(t) => t,
-				Err(_) => continue,
+			let Ok((event_id, value)) = result.await else {
+				continue;
 			};

 			services()
@ -1104,15 +1100,13 @@ pub(crate) async fn join_room_by_id_helper(
 				.await?;

 			if let Some(signed_raw) = send_join_response.room_state.event {
-				let (signed_event_id, signed_value) = match gen_event_id_canonical_json(&signed_raw, &room_version_id) {
-					Ok(t) => t,
-					Err(_) => {
-						// Event could not be converted to canonical json
-						return Err(Error::BadRequest(
-							ErrorKind::InvalidParam,
-							"Could not convert event to canonical json.",
-						));
-					},
+				let Ok((signed_event_id, signed_value)) = gen_event_id_canonical_json(&signed_raw, &room_version_id)
+				else {
+					// Event could not be converted to canonical json
+					return Err(Error::BadRequest(
+						ErrorKind::InvalidParam,
+						"Could not convert event to canonical json.",
+					));
 				};

 				if signed_event_id != event_id {
@ -1311,15 +1305,12 @@ pub(crate) async fn invite_helper(

 		// We do not add the event_id field to the pdu here because of signature and
 		// hashes checks
-		let (event_id, value) = match gen_event_id_canonical_json(&response.event, &room_version_id) {
-			Ok(t) => t,
-			Err(_) => {
-				// Event could not be converted to canonical json
-				return Err(Error::BadRequest(
-					ErrorKind::InvalidParam,
-					"Could not convert event to canonical json.",
-				));
-			},
+		let Ok((event_id, value)) = gen_event_id_canonical_json(&response.event, &room_version_id) else {
+			// Event could not be converted to canonical json
+			return Err(Error::BadRequest(
+				ErrorKind::InvalidParam,
+				"Could not convert event to canonical json.",
+			));
 		};

 		if *pdu.event_id != *event_id {
--- a/src/api/client_server/report.rs
+++ b/src/api/client_server/report.rs
@ -21,14 +21,11 @@ pub async fn report_event_route(body: Ruma<report_content::v3::Request>) -> Resu
 	info!("Received /report request by user {}", sender_user);

 	// check if we know about the reported event ID or if it's invalid
-	let pdu = match services().rooms.timeline.get_pdu(&body.event_id)? {
-		Some(pdu) => pdu,
-		_ => {
-			return Err(Error::BadRequest(
-				ErrorKind::NotFound,
-				"Event ID is not known to us or Event ID is invalid",
-			))
-		},
+	let Some(pdu) = services().rooms.timeline.get_pdu(&body.event_id)? else {
+		return Err(Error::BadRequest(
+			ErrorKind::NotFound,
+			"Event ID is not known to us or Event ID is invalid",
+		));
 	};

 	// check if the room ID from the URI matches the PDU's room ID
--- a/src/api/client_server/sync.rs
+++ b/src/api/client_server/sync.rs
@ -314,28 +314,23 @@ async fn sync_helper(
 			None => HashMap::new(),
 		};

-		let left_event_id = match services().rooms.state_accessor.room_state_get_id(
+		let Some(left_event_id) = services().rooms.state_accessor.room_state_get_id(
 			&room_id,
 			&StateEventType::RoomMember,
 			sender_user.as_str(),
-		)? {
-			Some(e) => e,
-			None => {
-				error!("Left room but no left state event");
-				continue;
-			},
+		)?
+		else {
+			error!("Left room but no left state event");
+			continue;
 		};

-		let left_shortstatehash = match services()
+		let Some(left_shortstatehash) = services()
 			.rooms
 			.state_accessor
 			.pdu_shortstatehash(&left_event_id)?
-		{
-			Some(s) => s,
-			None => {
-				error!("Leave event has no state");
-				continue;
-			},
+		else {
+			error!("Leave event has no state");
+			continue;
 		};

 		let mut left_state_ids = services()
@ -616,9 +611,7 @@ async fn load_joined_room(

 	// Database queries:

-	let current_shortstatehash = if let Some(s) = services().rooms.state.get_room_shortstatehash(room_id)? {
-		s
-	} else {
+	let Some(current_shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? else {
 		error!("Room {} has no state", room_id);
 		return Err(Error::BadDatabase("Room has no state"));
 	};
@ -736,12 +729,9 @@ async fn load_joined_room(
 						.get_statekey_from_short(shortstatekey)?;

 					if event_type != StateEventType::RoomMember {
-						let pdu = match services().rooms.timeline.get_pdu(&id)? {
-							Some(pdu) => pdu,
-							None => {
-								error!("Pdu in state not found: {}", id);
-								continue;
-							},
+						let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+							error!("Pdu in state not found: {}", id);
+							continue;
 						};
 						state_events.push(pdu);

@ -755,12 +745,9 @@ async fn load_joined_room(
                // TODO: Delete the following line when this is resolved: https://github.com/vector-im/element-web/issues/22565
                || (cfg!(feature = "element_hacks") && *sender_user == state_key)
 					{
-						let pdu = match services().rooms.timeline.get_pdu(&id)? {
-							Some(pdu) => pdu,
-							None => {
-								error!("Pdu in state not found: {}", id);
-								continue;
-							},
+						let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+							error!("Pdu in state not found: {}", id);
+							continue;
 						};

 						// This check is in case a bad user ID made it into the database
@ -812,12 +799,9 @@ async fn load_joined_room(

 					for (key, id) in current_state_ids {
 						if full_state || since_state_ids.get(&key) != Some(&id) {
-							let pdu = match services().rooms.timeline.get_pdu(&id)? {
-								Some(pdu) => pdu,
-								None => {
-									error!("Pdu in state not found: {}", id);
-									continue;
-								},
+							let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+								error!("Pdu in state not found: {}", id);
+								continue;
 							};

 							if pdu.kind == TimelineEventType::RoomMember {
@ -1209,9 +1193,7 @@ pub async fn sync_events_v4_route(
 		);

 		for room_id in &all_joined_rooms {
-			let current_shortstatehash = if let Some(s) = services().rooms.state.get_room_shortstatehash(room_id)? {
-				s
-			} else {
+			let Some(current_shortstatehash) = services().rooms.state.get_room_shortstatehash(room_id)? else {
 				error!("Room {} has no state", room_id);
 				continue;
 			};
@ -1272,12 +1254,9 @@ pub async fn sync_events_v4_route(

 					for (key, id) in current_state_ids {
 						if since_state_ids.get(&key) != Some(&id) {
-							let pdu = match services().rooms.timeline.get_pdu(&id)? {
-								Some(pdu) => pdu,
-								None => {
-									error!("Pdu in state not found: {}", id);
-									continue;
-								},
+							let Some(pdu) = services().rooms.timeline.get_pdu(&id)? else {
+								error!("Pdu in state not found: {}", id);
+								continue;
 							};
 							if pdu.kind == TimelineEventType::RoomMember {
 								if let Some(state_key) = &pdu.state_key {
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@ -84,82 +84,60 @@ where
 			None
 		};

-		let (sender_user, sender_device, sender_servername, from_appservice) = if let Some(info) =
-			appservice_registration
-		{
-			match metadata.authentication {
-				AuthScheme::AccessToken => {
-					let user_id = query_params.user_id.map_or_else(
-						|| {
-							UserId::parse_with_server_name(
-								info.registration.sender_localpart.as_str(),
-								services().globals.server_name(),
-							)
-							.unwrap()
-						},
-						|s| UserId::parse(s).unwrap(),
-					);
+		let (sender_user, sender_device, sender_servername, from_appservice) =
+			if let Some(info) = appservice_registration {
+				match metadata.authentication {
+					AuthScheme::AccessToken => {
+						let user_id = query_params.user_id.map_or_else(
+							|| {
+								UserId::parse_with_server_name(
+									info.registration.sender_localpart.as_str(),
+									services().globals.server_name(),
+								)
+								.unwrap()
+							},
+							|s| UserId::parse(s).unwrap(),
+						);

-					debug!("User ID: {:?}", user_id);
+						debug!("User ID: {:?}", user_id);

-					if !services().users.exists(&user_id)? {
-						return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
-					}
+						if !services().users.exists(&user_id)? {
+							return Err(Error::BadRequest(ErrorKind::Forbidden, "User does not exist."));
+						}

-					// TODO: Check if appservice is allowed to be that user
-					(Some(user_id), None, None, true)
-				},
-				AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken => {
-					let user_id = query_params.user_id.map_or_else(
-						|| {
-							UserId::parse_with_server_name(
-								info.registration.sender_localpart.as_str(),
-								services().globals.server_name(),
-							)
-							.unwrap()
-						},
-						|s| UserId::parse(s).unwrap(),
-					);
-
-					debug!("User ID: {:?}", user_id);
-
-					if !services().users.exists(&user_id)? {
-						(None, None, None, true)
-					} else {
 						// TODO: Check if appservice is allowed to be that user
 						(Some(user_id), None, None, true)
-					}
-				},
-				AuthScheme::ServerSignatures | AuthScheme::None => (None, None, None, true),
-			}
-		} else {
-			match metadata.authentication {
-				AuthScheme::AccessToken => {
-					let token = match token {
-						Some(token) => token,
-						_ => return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token.")),
-					};
+					},
+					AuthScheme::AccessTokenOptional | AuthScheme::AppserviceToken => {
+						let user_id = query_params.user_id.map_or_else(
+							|| {
+								UserId::parse_with_server_name(
+									info.registration.sender_localpart.as_str(),
+									services().globals.server_name(),
+								)
+								.unwrap()
+							},
+							|s| UserId::parse(s).unwrap(),
+						);

-					match services().users.find_from_token(token)? {
-						None => {
-							return Err(Error::BadRequest(
-								ErrorKind::UnknownToken {
-									soft_logout: false,
-								},
-								"Unknown access token.",
-							))
-						},
-						Some((user_id, device_id)) => {
-							(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
-						},
-					}
-				},
-				AuthScheme::AccessTokenOptional => {
-					let token = token.unwrap_or("");
+						debug!("User ID: {:?}", user_id);
+
+						if !services().users.exists(&user_id)? {
+							(None, None, None, true)
+						} else {
+							// TODO: Check if appservice is allowed to be that user
+							(Some(user_id), None, None, true)
+						}
+					},
+					AuthScheme::ServerSignatures | AuthScheme::None => (None, None, None, true),
+				}
+			} else {
+				match metadata.authentication {
+					AuthScheme::AccessToken => {
+						let Some(token) = token else {
+							return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token."));
+						};

-					if token.is_empty() {
-						(None, None, None, false)
-					} else {
 						match services().users.find_from_token(token)? {
 							None => {
 								return Err(Error::BadRequest(
@ -173,112 +151,13 @@ where
 								(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
 							},
 						}
-					}
-				},
-				// treat non-appservice registrations as None authentication
-				AuthScheme::AppserviceToken => (None, None, None, false),
-				AuthScheme::ServerSignatures => {
-					if !services().globals.allow_federation() {
-						return Err(Error::bad_config("Federation is disabled."));
-					}
-
-					let TypedHeader(Authorization(x_matrix)) = parts
-						.extract::<TypedHeader<Authorization<XMatrix>>>()
-						.await
-						.map_err(|e| {
-							warn!("Missing or invalid Authorization header: {}", e);
-
-							let msg = match e.reason() {
-								TypedHeaderRejectionReason::Missing => "Missing Authorization header.",
-								TypedHeaderRejectionReason::Error(_) => "Invalid X-Matrix signatures.",
-								_ => "Unknown header-related error",
-							};
-
-							Error::BadRequest(ErrorKind::Forbidden, msg)
-						})?;
-
-					let origin_signatures =
-						BTreeMap::from_iter([(x_matrix.key.clone(), CanonicalJsonValue::String(x_matrix.sig))]);
-
-					let signatures = BTreeMap::from_iter([(
-						x_matrix.origin.as_str().to_owned(),
-						CanonicalJsonValue::Object(origin_signatures),
-					)]);
-
-					let server_destination = services().globals.server_name().as_str().to_owned();
-
-					if let Some(destination) = x_matrix.destination.as_ref() {
-						if destination != &server_destination {
-							return Err(Error::BadRequest(ErrorKind::Forbidden, "Invalid authorization."));
-						}
-					}
-
-					let mut request_map = BTreeMap::from_iter([
-						("method".to_owned(), CanonicalJsonValue::String(parts.method.to_string())),
-						("uri".to_owned(), CanonicalJsonValue::String(parts.uri.to_string())),
-						(
-							"origin".to_owned(),
-							CanonicalJsonValue::String(x_matrix.origin.as_str().to_owned()),
-						),
-						("destination".to_owned(), CanonicalJsonValue::String(server_destination)),
-						("signatures".to_owned(), CanonicalJsonValue::Object(signatures)),
-					]);
-
-					if let Some(json_body) = &json_body {
-						request_map.insert("content".to_owned(), json_body.clone());
-					};
-
-					let keys_result = services()
-						.rooms
-						.event_handler
-						.fetch_signing_keys_for_server(&x_matrix.origin, vec![x_matrix.key.clone()])
-						.await;
-
-					let keys = match keys_result {
-						Ok(b) => b,
-						Err(e) => {
-							warn!("Failed to fetch signing keys: {}", e);
-							return Err(Error::BadRequest(ErrorKind::Forbidden, "Failed to fetch signing keys."));
-						},
-					};
-
-					let pub_key_map = BTreeMap::from_iter([(x_matrix.origin.as_str().to_owned(), keys)]);
-
-					match ruma::signatures::verify_json(&pub_key_map, &request_map) {
-						Ok(()) => (None, None, Some(x_matrix.origin), false),
-						Err(e) => {
-							warn!(
-								"Failed to verify json request from {}: {}\n{:?}",
-								x_matrix.origin, e, request_map
-							);
-
-							if parts.uri.to_string().contains('@') {
-								warn!(
-									"Request uri contained '@' character. Make sure your reverse proxy gives Conduit \
-									 the raw uri (apache: use nocanon)"
-								);
-							}
-
-							return Err(Error::BadRequest(
-								ErrorKind::Forbidden,
-								"Failed to verify X-Matrix signatures.",
-							));
-						},
-					}
-				},
-				AuthScheme::None => match parts.uri.path() {
-					// allow_public_room_directory_without_auth
-					"/_matrix/client/v3/publicRooms" | "/_matrix/client/r0/publicRooms" => {
-						if !services()
-							.globals
-							.config
-							.allow_public_room_directory_without_auth
-						{
-							let token = match token {
-								Some(token) => token,
-								_ => return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token.")),
-							};
+					},
+					AuthScheme::AccessTokenOptional => {
+						let token = token.unwrap_or("");

+						if token.is_empty() {
+							(None, None, None, false)
+						} else {
 							match services().users.find_from_token(token)? {
 								None => {
 									return Err(Error::BadRequest(
@ -292,14 +171,132 @@ where
 									(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
 								},
 							}
-						} else {
-							(None, None, None, false)
 						}
 					},
-					_ => (None, None, None, false),
-				},
-			}
-		};
+					// treat non-appservice registrations as None authentication
+					AuthScheme::AppserviceToken => (None, None, None, false),
+					AuthScheme::ServerSignatures => {
+						if !services().globals.allow_federation() {
+							return Err(Error::bad_config("Federation is disabled."));
+						}
+
+						let TypedHeader(Authorization(x_matrix)) = parts
+							.extract::<TypedHeader<Authorization<XMatrix>>>()
+							.await
+							.map_err(|e| {
+								warn!("Missing or invalid Authorization header: {}", e);
+
+								let msg = match e.reason() {
+									TypedHeaderRejectionReason::Missing => "Missing Authorization header.",
+									TypedHeaderRejectionReason::Error(_) => "Invalid X-Matrix signatures.",
+									_ => "Unknown header-related error",
+								};
+
+								Error::BadRequest(ErrorKind::Forbidden, msg)
+							})?;
+
+						let origin_signatures =
+							BTreeMap::from_iter([(x_matrix.key.clone(), CanonicalJsonValue::String(x_matrix.sig))]);
+
+						let signatures = BTreeMap::from_iter([(
+							x_matrix.origin.as_str().to_owned(),
+							CanonicalJsonValue::Object(origin_signatures),
+						)]);
+
+						let server_destination = services().globals.server_name().as_str().to_owned();
+
+						if let Some(destination) = x_matrix.destination.as_ref() {
+							if destination != &server_destination {
+								return Err(Error::BadRequest(ErrorKind::Forbidden, "Invalid authorization."));
+							}
+						}
+
+						let mut request_map = BTreeMap::from_iter([
+							("method".to_owned(), CanonicalJsonValue::String(parts.method.to_string())),
+							("uri".to_owned(), CanonicalJsonValue::String(parts.uri.to_string())),
+							(
+								"origin".to_owned(),
+								CanonicalJsonValue::String(x_matrix.origin.as_str().to_owned()),
+							),
+							("destination".to_owned(), CanonicalJsonValue::String(server_destination)),
+							("signatures".to_owned(), CanonicalJsonValue::Object(signatures)),
+						]);
+
+						if let Some(json_body) = &json_body {
+							request_map.insert("content".to_owned(), json_body.clone());
+						};
+
+						let keys_result = services()
+							.rooms
+							.event_handler
+							.fetch_signing_keys_for_server(&x_matrix.origin, vec![x_matrix.key.clone()])
+							.await;
+
+						let keys = match keys_result {
+							Ok(b) => b,
+							Err(e) => {
+								warn!("Failed to fetch signing keys: {}", e);
+								return Err(Error::BadRequest(ErrorKind::Forbidden, "Failed to fetch signing keys."));
+							},
+						};
+
+						let pub_key_map = BTreeMap::from_iter([(x_matrix.origin.as_str().to_owned(), keys)]);
+
+						match ruma::signatures::verify_json(&pub_key_map, &request_map) {
+							Ok(()) => (None, None, Some(x_matrix.origin), false),
+							Err(e) => {
+								warn!(
+									"Failed to verify json request from {}: {}\n{:?}",
+									x_matrix.origin, e, request_map
+								);
+
+								if parts.uri.to_string().contains('@') {
+									warn!(
+										"Request uri contained '@' character. Make sure your reverse proxy gives \
+										 Conduit the raw uri (apache: use nocanon)"
+									);
+								}
+
+								return Err(Error::BadRequest(
+									ErrorKind::Forbidden,
+									"Failed to verify X-Matrix signatures.",
+								));
+							},
+						}
+					},
+					AuthScheme::None => match parts.uri.path() {
+						// allow_public_room_directory_without_auth
+						"/_matrix/client/v3/publicRooms" | "/_matrix/client/r0/publicRooms" => {
+							if !services()
+								.globals
+								.config
+								.allow_public_room_directory_without_auth
+							{
+								let Some(token) = token else {
+									return Err(Error::BadRequest(ErrorKind::MissingToken, "Missing access token."));
+								};
+
+								match services().users.find_from_token(token)? {
+									None => {
+										return Err(Error::BadRequest(
+											ErrorKind::UnknownToken {
+												soft_logout: false,
+											},
+											"Unknown access token.",
+										))
+									},
+									Some((user_id, device_id)) => {
+										(Some(user_id), Some(OwnedDeviceId::from(device_id)), None, false)
+									},
+								}
+							} else {
+								(None, None, None, false)
+							}
+						},
+						_ => (None, None, None, false),
+					},
+				}
+			};

 		let mut http_request = Request::builder().uri(parts.uri).method(parts.method);
 		*http_request.headers_mut().unwrap() = parts.headers;
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@ -429,74 +429,64 @@ async fn find_actual_destination(destination: &'_ ServerName) -> (FedDest, FedDe
 				FedDest::Named(host.to_owned(), port.to_owned())
 			} else {
 				debug!("Requesting well known for {destination}");
-				match request_well_known(destination.as_str()).await {
-					Some(delegated_hostname) => {
-						debug!("3: A .well-known file is available");
-						hostname = add_port_to_hostname(&delegated_hostname).into_uri_string();
-						match get_ip_with_port(&delegated_hostname) {
-							Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
-							None => {
-								if let Some(pos) = delegated_hostname.find(':') {
-									debug!("3.2: Hostname with port in .well-known file");
+				if let Some(delegated_hostname) = request_well_known(destination.as_str()).await {
+					debug!("3: A .well-known file is available");
+					hostname = add_port_to_hostname(&delegated_hostname).into_uri_string();
+					match get_ip_with_port(&delegated_hostname) {
+						Some(host_and_port) => host_and_port, // 3.1: IP literal in .well-known file
+						None => {
+							if let Some(pos) = delegated_hostname.find(':') {
+								debug!("3.2: Hostname with port in .well-known file");

-									let (host, port) = delegated_hostname.split_at(pos);
-									query_and_cache_override(host, host, port.parse::<u16>().unwrap_or(8448)).await;
+								let (host, port) = delegated_hostname.split_at(pos);
+								query_and_cache_override(host, host, port.parse::<u16>().unwrap_or(8448)).await;

-									FedDest::Named(host.to_owned(), port.to_owned())
-								} else {
-									debug!("Delegated hostname has no port in this branch");
-									if let Some(hostname_override) = query_srv_record(&delegated_hostname).await {
-										debug!("3.3: SRV lookup successful");
+								FedDest::Named(host.to_owned(), port.to_owned())
+							} else {
+								debug!("Delegated hostname has no port in this branch");
+								if let Some(hostname_override) = query_srv_record(&delegated_hostname).await {
+									debug!("3.3: SRV lookup successful");

-										let force_port = hostname_override.port();
-										query_and_cache_override(
-											&delegated_hostname,
-											&hostname_override.hostname(),
-											force_port.unwrap_or(8448),
-										)
-										.await;
+									let force_port = hostname_override.port();
+									query_and_cache_override(
+										&delegated_hostname,
+										&hostname_override.hostname(),
+										force_port.unwrap_or(8448),
+									)
+									.await;

-										if let Some(port) = force_port {
-											FedDest::Named(delegated_hostname, format!(":{port}"))
-										} else {
-											add_port_to_hostname(&delegated_hostname)
-										}
+									if let Some(port) = force_port {
+										FedDest::Named(delegated_hostname, format!(":{port}"))
 									} else {
-										debug!("3.4: No SRV records, just use the hostname from .well-known");
-										query_and_cache_override(&delegated_hostname, &delegated_hostname, 8448).await;
 										add_port_to_hostname(&delegated_hostname)
 									}
-								}
-							},
-						}
-					},
-					None => {
-						debug!("4: No .well-known or an error occured");
-						match query_srv_record(&destination_str).await {
-							Some(hostname_override) => {
-								debug!("4: SRV record found");
-
-								let force_port = hostname_override.port();
-								query_and_cache_override(
-									&hostname,
-									&hostname_override.hostname(),
-									force_port.unwrap_or(8448),
-								)
-								.await;
-
-								if let Some(port) = force_port {
-									FedDest::Named(hostname.clone(), format!(":{port}"))
 								} else {
-									add_port_to_hostname(&hostname)
+									debug!("3.4: No SRV records, just use the hostname from .well-known");
+									query_and_cache_override(&delegated_hostname, &delegated_hostname, 8448).await;
+									add_port_to_hostname(&delegated_hostname)
 								}
-							},
-							None => {
-								debug!("5: No SRV record found");
-								query_and_cache_override(&destination_str, &destination_str, 8448).await;
-								add_port_to_hostname(&destination_str)
-							},
+							}
+						},
+					}
+				} else {
+					debug!("4: No .well-known or an error occured");
+					if let Some(hostname_override) = query_srv_record(&destination_str).await {
+						debug!("4: SRV record found");
+
+						let force_port = hostname_override.port();
+						query_and_cache_override(&hostname, &hostname_override.hostname(), force_port.unwrap_or(8448))
+							.await;
+
+						if let Some(port) = force_port {
+							FedDest::Named(hostname.clone(), format!(":{port}"))
+						} else {
+							add_port_to_hostname(&hostname)
 						}
-					},
+					} else {
+						debug!("5: No SRV record found");
+						query_and_cache_override(&destination_str, &destination_str, 8448).await;
+						add_port_to_hostname(&destination_str)
+					}
 				}
 			}
 		},
@ -776,15 +766,12 @@ pub fn parse_incoming_pdu(pdu: &RawJsonValue) -> Result<(OwnedEventId, Canonical

 	let room_version_id = services().rooms.state.get_room_version(&room_id)?;

-	let (event_id, value) = match gen_event_id_canonical_json(pdu, &room_version_id) {
-		Ok(t) => t,
-		Err(_) => {
-			// Event could not be converted to canonical json
-			return Err(Error::BadRequest(
-				ErrorKind::InvalidParam,
-				"Could not convert event to canonical json.",
-			));
-		},
+	let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, &room_version_id) else {
+		// Event could not be converted to canonical json
+		return Err(Error::BadRequest(
+			ErrorKind::InvalidParam,
+			"Could not convert event to canonical json.",
+		));
 	};
 	Ok((event_id, value, room_id))
 }
@ -1379,12 +1366,13 @@ pub async fn get_room_state_route(body: Ruma<get_room_state::v1::Request>) -> Re

 	Ok(get_room_state::v1::Response {
 		auth_chain: auth_chain_ids
-			.filter_map(|id| match services().rooms.timeline.get_pdu_json(&id).ok()? {
-				Some(json) => Some(PduEvent::convert_to_outgoing_federation_event(json)),
-				None => {
+			.filter_map(|id| {
+				if let Some(json) = services().rooms.timeline.get_pdu_json(&id).ok()? {
+					Some(PduEvent::convert_to_outgoing_federation_event(json))
+				} else {
 					error!("Could not find event json for {id} in db.");
 					None
-				},
+				}
 			})
 			.collect(),
 		pdus,
@ -1623,15 +1611,12 @@ async fn create_join_event(
 	// We do not add the event_id field to the pdu here because of signature and
 	// hashes checks
 	let room_version_id = services().rooms.state.get_room_version(room_id)?;
-	let (event_id, value) = match gen_event_id_canonical_json(pdu, &room_version_id) {
-		Ok(t) => t,
-		Err(_) => {
-			// Event could not be converted to canonical json
-			return Err(Error::BadRequest(
-				ErrorKind::InvalidParam,
-				"Could not convert event to canonical json.",
-			));
-		},
+	let Ok((event_id, value)) = gen_event_id_canonical_json(pdu, &room_version_id) else {
+		// Event could not be converted to canonical json
+		return Err(Error::BadRequest(
+			ErrorKind::InvalidParam,
+			"Could not convert event to canonical json.",
+		));
 	};

 	let origin: OwnedServerName = serde_json::from_value(