state-res: Add m.federate to the authorization rules

crates/ruma-state-res/CHANGELOG.md

@@ -1,5 +1,10 @@
 # [unreleased]
 
+Improvements:
+
+* Add `m.federate` to `auth_check`:
+  <https://github.com/matrix-org/matrix-spec/pull/1103>
+
 # 0.7.0
 
 Breaking changes:

crates/ruma-state-res/src/event_auth.rs

@@ -223,7 +223,21 @@ pub fn auth_check<E: Event>(
         return Ok(false);
     }
 
-    // [synapse] checks for federation here
+    // If the create event content has the field m.federate set to false and the sender domain of
+    // the event does not match the sender domain of the create event, reject.
+    #[derive(Deserialize)]
+    struct RoomCreateContentFederate {
+        #[serde(rename = "m.federate", default = "ruma_common::serde::default_true")]
+        federate: bool,
+    }
+    let room_create_content: RoomCreateContentFederate =
+        from_json_str(room_create_event.content().get())?;
+    if !room_create_content.federate
+        && room_create_event.sender().server_name() != incoming_event.sender().server_name()
+    {
+        warn!("room is not federated and event's sender domain does not match create event's sender domain");
+        return Ok(false);
+    }
 
     // Only in some room versions 6 and below
     if room_version.special_case_aliases_auth {