From fa233a90dba23d8d5ac516e4cef96b519f79b9e3 Mon Sep 17 00:00:00 2001 From: Abdourahamane Boinaidi Date: Wed, 29 May 2024 15:49:43 +0200 Subject: [PATCH] fix: Trying to retrieve token while logged out --- .../lib/core/auth/CredentialManager.kt | 2 ++ .../lib/core/auth/TokenAuthenticator.kt | 28 +++++++++++-------- .../lib/core/auth/TokenInterceptorListener.kt | 1 + 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/infomaniak/lib/core/auth/CredentialManager.kt b/src/main/java/com/infomaniak/lib/core/auth/CredentialManager.kt index 5f752eea..d336099f 100644 --- a/src/main/java/com/infomaniak/lib/core/auth/CredentialManager.kt +++ b/src/main/java/com/infomaniak/lib/core/auth/CredentialManager.kt @@ -97,6 +97,8 @@ abstract class CredentialManager { user = getUserById(userId) return user?.apiToken } + + override fun getCurrentUserId() = null } HttpClientConfig.apply { cacheDir?.let { cache(Cache(it, CACHE_SIZE_BYTES)) } } diff --git a/src/main/java/com/infomaniak/lib/core/auth/TokenAuthenticator.kt b/src/main/java/com/infomaniak/lib/core/auth/TokenAuthenticator.kt index f2e2df4d..a3ed98de 100644 --- a/src/main/java/com/infomaniak/lib/core/auth/TokenAuthenticator.kt +++ b/src/main/java/com/infomaniak/lib/core/auth/TokenAuthenticator.kt @@ -18,9 +18,8 @@ package com.infomaniak.lib.core.auth import com.infomaniak.lib.core.api.ApiController +import com.infomaniak.lib.core.utils.SentryLog import com.infomaniak.lib.login.ApiToken -import io.sentry.Sentry -import io.sentry.SentryLevel import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.runBlocking import kotlinx.coroutines.sync.Mutex @@ -34,21 +33,28 @@ class TokenAuthenticator( private val tokenInterceptorListener: TokenInterceptorListener ) : Authenticator { - override fun authenticate(route: Route?, response: Response): Request { + private val userId = tokenInterceptorListener.getCurrentUserId() + + override fun authenticate(route: Route?, response: Response): Request? { return runBlocking(Dispatchers.IO) { mutex.withLock { val request = response.request val authorization = request.header("Authorization") - var apiToken = tokenInterceptorListener.getApiToken() ?: run { - Sentry.captureMessage("Null ApiToken in TokenAuthenticator", SentryLevel.ERROR) - return@runBlocking request + val apiToken = tokenInterceptorListener.getApiToken() ?: run { + // The last user has been disconnected + SentryLog.e("TokenAuthenticator", "Null ApiToken in TokenAuthenticator") + return@runBlocking null } + val isAlreadyRefreshed = apiToken.accessToken != authorization?.replaceFirst("Bearer ", "") + val hasUserChanged = userId != tokenInterceptorListener.getCurrentUserId() - if (apiToken.accessToken != authorization?.replaceFirst("Bearer ", "")) { - return@runBlocking changeAccessToken(request, apiToken) - } else { - apiToken = ApiController.refreshToken(apiToken.refreshToken, tokenInterceptorListener) - return@runBlocking changeAccessToken(request, apiToken) + return@runBlocking when { + hasUserChanged -> null + isAlreadyRefreshed -> changeAccessToken(request, apiToken) + else -> { + val newToken = ApiController.refreshToken(apiToken.refreshToken, tokenInterceptorListener) + changeAccessToken(request, newToken) + } } } } diff --git a/src/main/java/com/infomaniak/lib/core/auth/TokenInterceptorListener.kt b/src/main/java/com/infomaniak/lib/core/auth/TokenInterceptorListener.kt index 980cb0f4..7aeed629 100644 --- a/src/main/java/com/infomaniak/lib/core/auth/TokenInterceptorListener.kt +++ b/src/main/java/com/infomaniak/lib/core/auth/TokenInterceptorListener.kt @@ -23,4 +23,5 @@ interface TokenInterceptorListener { suspend fun onRefreshTokenSuccess(apiToken: ApiToken) suspend fun onRefreshTokenError() suspend fun getApiToken(): ApiToken? + fun getCurrentUserId(): Int? }