Page MenuHomePhabricator
Differential D10949

[lib] Conclude sessionRecoveryInProgress when user cookie is received or session is invalidated
ClosedPublic
Actions

Authored by ashoat on Feb 5 2024, 12:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 20 2025, 8:04 PM
Unknown Object (File)
Feb 3 2025, 7:49 PM
Unknown Object (File)
Jan 23 2025, 2:33 PM
Unknown Object (File)
Jan 22 2025, 10:45 PM
Unknown Object (File)
Jan 22 2025, 10:45 PM
Unknown Object (File)
Jan 22 2025, 10:45 PM
Unknown Object (File)
Jan 22 2025, 10:45 PM
Unknown Object (File)
Jan 22 2025, 10:45 PM
View All 84 Files
Subscribers
None

Details

Reviewers
tomek
inka
Commits
rCOMM8117e83ea5da: [lib] Conclude sessionRecoveryInProgress when user cookie is received or…
Summary

If we ever receive a user cookie, we can consider the keyserver session to be recovered.

By flipping sessionRecoveryInProgress to false, we tell CallKeyserverEndpointProvider to flush all waitingCalls using the new cookie.

It doens't matter if the new cookie came from the keyserver session recovery or not. If the keyserver session recovery is still in progress, when it concludes it should be ignored by invalidSessionRecovery.

Additionally, if the session is invalidated, we can consider the recovery to be failed and concluded.

Depends on D10948

Test Plan
  1. Test successful session invalidation in single keyserver world
    1. I prevented the Socket from rendering by adding a return null line before the other returns in KeyserverConnectionHandler. This avoided the Socket triggering session recovery.
    2. I started the iOS simulator and logged in using a test user.
    3. I opened the Redux Dev Tools
    4. I deleted the test user's cookie from the MariaDB database: DELETE FROM cookies WHERE user = 6390578 AND platform = 'ios'
    5. I sent a message as the test user
    6. I confirmed that session recovery was triggered in the Redux dev tools (and through some console logs)
    7. I repeated the process above several times to make sure it consistently worked multiple times in a single run
    8. I confirmed that the message was delivered "transparently" (without any visible issues, or evidence of session invalidation)
  2. Test failed session invalidation in single keyserver world
    1. I ran through the above test, but I hacked legacy-recover-keyserver-session.js to use the wrong password so the session recovery would fail
    2. I confirmed that I was logged out, and that an alert appeared explaining that my session was invalidated
  3. Test logging out during session recovery
    1. I triggered an infinite loop of session recoveries by running through the above test, but swallowing the SET_NEW_SESSION
    2. I logged out of the app
    3. I confirmed that the session recovery loop stopped, and that I was logged out successfully

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

ashoat created this revision.Feb 5 2024, 12:26 PM
ashoat added a child revision: D10950: [lib] Drill sessionRecoveryInProgress through to CallKeyserverEndpointProvider.
Harbormaster returned this revision to the author for changes because remote builds failed.Feb 5 2024, 12:39 PM
Harbormaster failed remote builds in B26506: Diff 36641!
ashoat updated this revision to Diff 36649.Feb 5 2024, 12:41 PM

Rebase

Harbormaster completed remote builds in B26514: Diff 36649.Feb 5 2024, 1:05 PM
ashoat requested review of this revision.Feb 5 2024, 1:05 PM
inka added a comment.Feb 6 2024, 2:16 AM

By flipping sessionRecoveryInProgress to false, we tell CallKeyserverEndpointProvider to flush all waitingCalls using the new cookie.

We also flip it to false on recovery fail, doesn't that cause the flush too? Wouldn't that be a problem?

tomek accepted this revision.Feb 6 2024, 3:28 AM
This revision is now accepted and ready to land.Feb 6 2024, 3:28 AM
ashoat added a comment.Feb 6 2024, 5:44 AM

We also flip it to false on recovery fail, doesn't that cause the flush too? Wouldn't that be a problem?

No, that's intentional. If the recovery fails, we want to "flush" all of the requests so that they fail.

inka added a comment.Feb 6 2024, 5:46 AM

No, that's intentional. If the recovery fails, we want to "flush" all of the requests so that they fail.

I see, thank you

ashoat updated this revision to Diff 36728.Feb 6 2024, 11:57 AM

Also conclude the recovery when the session is invalidated

ashoat retitled this revision from [lib] Conclude sessionRecoveryInProgress whenever user cookie is received to [lib] Conclude sessionRecoveryInProgress when user cookie is received or session is invalidated.Feb 6 2024, 11:58 AM
ashoat edited the summary of this revision. (Show Details)

The latest revision here reflects a change in the pattern of Redux actions for a session recovery failure.

If a session recovery fails, we will dispatch a SET_NEW_SESSION. Previously I was relying on a SET_SESSION_RECOVERY_IN_PROGRESS, but I decided to avoid having to dispatch two actions in a row, as this is considered bad Redux practice. Instead, we'll rely on just the single SET_NEW_SESSION action to flip sessionRecoveryInProgress to false.

I think this is safe, as we can always consider a session recovery to be concluded if the session is invalidated.

ashoat mentioned this in D10970: [lib] Dispatch SET_NEW_SESSION when session recovery fails.Feb 6 2024, 12:09 PM
Harbormaster completed remote builds in B26580: Diff 36728.Feb 6 2024, 12:16 PM
ashoat edited the test plan for this revision. (Show Details)Feb 6 2024, 12:24 PM
Closed by commit rCOMM8117e83ea5da: [lib] Conclude sessionRecoveryInProgress when user cookie is received or… (authored by ashoat). · Explain WhyFeb 6 2024, 12:54 PM
This revision was automatically updated to reflect the committed changes.
ashoat added a commit: rCOMM8117e83ea5da: [lib] Conclude sessionRecoveryInProgress when user cookie is received or….
ashoat mentioned this in rCOMM477ec3ca967d: [lib] Dispatch SET_NEW_SESSION when session recovery fails.Mar 5 2024, 8:51 AM

Revision Contents
Changeset List

PathSize
lib/
reducers/
16 lines

Diff 36741

View Options

lib/reducers/keyserver-reducer.js

// @flow // @flow
import t from 'tcomb'; import t from 'tcomb';
import type { TInterface, TUnion } from 'tcomb'; import type { TInterface, TUnion } from 'tcomb';
import { mixedRawThreadInfoValidator } from 'lib/permissions/minimally-encoded-thread-permissions-validators.js'; import { mixedRawThreadInfoValidator } from 'lib/permissions/minimally-encoded-raw-thread-info-validators.js';
import { mediaValidator } from 'lib/types/media-types.js'; import { mediaValidator } from 'lib/types/media-types.js';
import { import {
rawMessageInfoValidator, rawMessageInfoValidator,
messageTruncationStatusesValidator, messageTruncationStatusesValidator,
} from 'lib/types/message-types.js'; } from 'lib/types/message-types.js';
import { userSurfacedPermissionValidator } from 'lib/types/thread-permission-types.js'; import { userSurfacedPermissionValidator } from 'lib/types/thread-permission-types.js';
import { threadTypes } from 'lib/types/thread-types-enum.js'; import { threadTypes } from 'lib/types/thread-types-enum.js';
import { import {
▲ Show 20 LinesShow All 325 LinesShow Last 20 Lines