delete_stale_devices_after pruning MSC3202 AS devices

[subjugum]

Description

With MSC3202 AS' can use devices for E2EE. However, the AS users devices devices.last_seen entry is never updated past the initial creation date. When using delete_stale_devices_after or out of band cleanup scripts, they will eventually get pruned and E2EE fails.

MSC3202 notes: "To compliment the (optional) user_id when using an as_token as an access token, a similarly optional device_id query parameter is proposed. When provided, the server asserts that the device ID is valid for the user, and that the appservice is able to masquerade as that user. If valid, that device ID should be assumed as being used for that request. For many requests, this means updating the "last seen IP" and "last seen timestamp" for the device [...]"

Query to list affected devices
select user_id, device_id, to_timestamp(last_seen / 1000) last_seen from devices where hidden = false and to_timestamp(last_seen / 1000) < now() - interval '<delete_stale_devices_after>';

Steps to reproduce

• set following config options

delete_stale_devices_after = 180d
experimental_features:
  msc3202_device_masquerading: true
  msc3202_transaction_extensions: true

• use an AS with MSC3202 support, like matrix-hookshot
• AS creates devices for its users, with devices.last_seen set to the creation date, but is never updated
• E2EE breaks for AS users after time configured in delete_stale_devices_after

Homeserver

localhost

Synapse Version

1.122.0

Installation Method

Debian packages from packages.matrix.org

Database

PostgreSQL 13

Workers

Multiple workers

Platform

Debian 11

Configuration

No response

Relevant log output

---

Anything else that would be useful to know?

No response