feat(ffi): Include the user ID in the secrets bundle

poljar · poljar · commit bef186d7dddd · 2026-02-27T14:53:58.000+01:00
This allows us to double check if the right user got logged in.
diff --git a/bindings/matrix-sdk-ffi/src/client.rs b/bindings/matrix-sdk-ffi/src/client.rs
@@ -16,6 +16,7 @@ use std::{
     collections::HashMap,
     fmt::Debug,
     path::PathBuf,
+    str::FromStr,
     sync::{Arc, OnceLock},
     time::Duration,
 };
@@ -105,7 +106,7 @@ use ruma::{
     },
     push::{HttpPusherData as RumaHttpPusherData, PushFormat as RumaPushFormat},
     room::RoomType,
-    OwnedDeviceId, OwnedServerName, RoomAliasId, RoomOrAliasId, ServerName,
+    OwnedDeviceId, OwnedServerName, OwnedUserId, RoomAliasId, RoomOrAliasId, ServerName,
 };
 use serde::{Deserialize, Serialize};
 use serde_json::{json, Value};
@@ -205,16 +206,18 @@ impl From<PushFormat> for RumaPushFormat {
 
 #[derive(uniffi::Object)]
 pub struct SecretsBundle {
+    user_id: OwnedUserId,
     inner: matrix_sdk_base::crypto::types::SecretsBundle,
 }
 
 #[matrix_sdk_ffi_macros::export]
 impl SecretsBundle {
     #[uniffi::constructor]
-    pub fn from_str(bundle: &str) -> Result<Arc<Self>, ClientError> {
+    pub fn from_str(user_id: &str, bundle: &str) -> Result<Arc<Self>, ClientError> {
+        let user_id = OwnedUserId::from_str(user_id)?;
         let bundle = serde_json::from_str(bundle)?;
 
-        Ok(Self { inner: bundle }.into())
+        Ok(Self { user_id, inner: bundle }.into())
     }
 
     #[uniffi::constructor]
@@ -223,6 +226,11 @@ impl SecretsBundle {
     }
 }
 
+#[matrix_sdk_ffi_macros::export]
+pub fn database_contains_secrets_bundle(database_path: &str) -> Result<bool, ClientError> {
+    todo!()
+}
+
 #[matrix_sdk_ffi_macros::export(callback_interface)]
 pub trait ClientDelegate: SyncOutsideWasm + SendOutsideWasm {
     /// A callback invoked whenever the SDK runs into an unknown token error.
@@ -443,18 +451,29 @@ impl Client {
         &self,
         secrets_bundle: &SecretsBundle,
     ) -> Result<(), ClientError> {
-        self.inner
-            .encryption()
-            .import_secrets_bundle(&secrets_bundle.inner)
-            .await
-            .map_err(|e| ClientError::from_err(e))?;
+        let user_id = self.inner.user_id().expect(
+            "We should have a user ID available now, this is only called once we're logged in",
+        );
 
-        // Upload the device keys, this will ensure that other devices see us as a fully
-        // verified device as soon as this method returns.
-        self.inner.encryption().ensure_device_keys_upload().await?;
-        self.inner.encryption().wait_for_e2ee_initialization_tasks().await;
+        if user_id == secrets_bundle.user_id {
+            self.inner
+                .encryption()
+                .import_secrets_bundle(&secrets_bundle.inner)
+                .await
+                .map_err(|e| ClientError::from_err(e))?;
 
-        Ok(())
+            // Upload the device keys, this will ensure that other devices see us as a fully
+            // verified device as soon as this method returns.
+            self.inner.encryption().ensure_device_keys_upload().await?;
+            self.inner.encryption().wait_for_e2ee_initialization_tasks().await;
+
+            Ok(())
+        } else {
+            Err(ClientError::Generic {
+                msg: "Secrets bundle does not belong to the user which was logged in".to_owned(),
+                details: None,
+            })
+        }
     }
 }
 
