Page MenuHomePhabricator
Differential D10952

[lib] Let keyserver session recovery code handle calling setNewSession
ClosedPublic
Actions

Authored by ashoat on Feb 5 2024, 12:28 PM.
Tags
None
Referenced Files
Unknown Object (File)
Apr 4 2024, 1:52 AM
Unknown Object (File)
Mar 16 2024, 7:23 AM
Unknown Object (File)
Mar 10 2024, 11:44 PM
Unknown Object (File)
Mar 10 2024, 7:51 PM
Unknown Object (File)
Mar 10 2024, 12:18 PM
Unknown Object (File)
Mar 9 2024, 10:05 AM
Unknown Object (File)
Mar 8 2024, 3:26 AM
Unknown Object (File)
Mar 8 2024, 3:26 AM
View All 25 Files
Subscribers
None

Details

Reviewers
tomek
inka
Commits
rCOMMd33b36fb3557: [lib] Let keyserver session recovery code handle calling setNewSession
Summary

Currently, if two keyserver calls are dispatched simultaneously from a client using an invalid session, both of them will end up calling setNewSession.

Instead, we should let the keyserver session recovery code handle calling setNewSession.

Exceptions are:

  1. Where the setNewSession is NOT the result of an invalid session (eg. logIn). In these cases, we don't expect multiple simultaneous calls, and won't be triggering the keyserver session recovery code anyways.
  2. Where session recovery is not possible. Right now, this is web and cases where we specify paramOverride. When usingCommServicesAccessToken is true, this will only be cases where we specify paramOverride. At that point, we can consider removing the boundSetNewSession call introduced in this diff, as arguably the paramOverride cases should not be messing with Redux anyways.

Depends on D10951

Test Plan
  1. Test successful session invalidation in single keyserver world
    1. I prevented the Socket from rendering by adding a return null line before the other returns in KeyserverConnectionHandler. This avoided the Socket triggering session recovery.
    2. I started the iOS simulator and logged in using a test user.
    3. I opened the Redux Dev Tools
    4. I deleted the test user's cookie from the MariaDB database: DELETE FROM cookies WHERE user = 6390578 AND platform = 'ios'
    5. I sent a message as the test user
    6. I confirmed that session recovery was triggered in the Redux dev tools (and through some console logs)
    7. I repeated the process above several times to make sure it consistently worked multiple times in a single run
    8. I confirmed that the message was delivered "transparently" (without any visible issues, or evidence of session invalidation)
  2. Test failed session invalidation in single keyserver world
    1. I ran through the above test, but I hacked legacy-recover-keyserver-session.js to use the wrong password so the session recovery would fail
    2. I confirmed that I was logged out, and that an alert appeared explaining that my session was invalidated
  3. Test logging out during session recovery
    1. I triggered an infinite loop of session recoveries by running through the above test, but swallowing the SET_NEW_SESSION
    2. I logged out of the app
    3. I confirmed that the session recovery loop stopped, and that I was logged out successfully

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

ashoat created this revision.Feb 5 2024, 12:28 PM
ashoat added a child revision: D10953: [lib][keyserver] Extract rawThreadInfo validators into their own file.
ashoat updated this revision to Diff 36652.Feb 5 2024, 12:41 PM

Rebase

Harbormaster failed remote builds in B26509: Diff 36644!Feb 5 2024, 12:43 PM
Harbormaster completed remote builds in B26517: Diff 36652.Feb 5 2024, 1:11 PM
ashoat requested review of this revision.Feb 5 2024, 1:11 PM
tomek accepted this revision.Feb 6 2024, 4:47 AM
This revision is now accepted and ready to land.Feb 6 2024, 4:47 AM
ashoat mentioned this in D10970: [lib] Dispatch SET_NEW_SESSION when session recovery fails.Feb 6 2024, 12:09 PM
ashoat edited the test plan for this revision. (Show Details)Feb 6 2024, 12:24 PM
ashoat edited child revisions, added: D10954: [lib] Move CallKeyserverEndpoint session recovery to KeyserverConnectionHandler; removed: D10953: [lib][keyserver] Extract rawThreadInfo validators into their own file.Feb 6 2024, 12:55 PM
ashoat edited parent revisions, added: D10953: [lib][keyserver] Extract rawThreadInfo validators into their own file; removed: D10951: [lib] Disable keyserver session recovery when paramOverride is specified.
ashoat updated this revision to Diff 37548.Feb 23 2024, 2:05 PM
ashoat added a parent revision: D10951: [lib] Disable keyserver session recovery when paramOverride is specified.

Rebase

Harbormaster failed remote builds in B27131: Diff 37548!Feb 23 2024, 2:15 PM
Harbormaster completed remote builds in B27131: Diff 37548.Feb 26 2024, 2:24 PM
ashoat updated this revision to Diff 37627.Feb 26 2024, 6:14 PM

Rebase

Harbormaster failed remote builds in B27189: Diff 37627!Feb 26 2024, 6:18 PM
Harbormaster completed remote builds in B27189: Diff 37627.Feb 26 2024, 6:31 PM
ashoat updated this revision to Diff 37739.Mar 3 2024, 8:34 PM

Add detail to code comment about removing boundSetNewSession call once usingCommServicesAccessToken is true

ashoat added a child revision: D11210: [lib][native] Separate out recoveryActionSources.Mar 3 2024, 8:39 PM
ashoat removed a child revision: D11210: [lib][native] Separate out recoveryActionSources.
ashoat removed a parent revision: D10951: [lib] Disable keyserver session recovery when paramOverride is specified.
ashoat removed a child revision: D10954: [lib] Move CallKeyserverEndpoint session recovery to KeyserverConnectionHandler.
ashoat removed a parent revision: D10953: [lib][keyserver] Extract rawThreadInfo validators into their own file.Mar 3 2024, 8:42 PM
ashoat added a child revision: D10954: [lib] Move CallKeyserverEndpoint session recovery to KeyserverConnectionHandler.
Harbormaster completed remote builds in B27262: Diff 37739.Mar 3 2024, 8:49 PM
ashoat mentioned this in D11225: [lib] Make resolveKeyserverSessionInvalidation generic.Mar 3 2024, 9:02 PM
Closed by commit rCOMMd33b36fb3557: [lib] Let keyserver session recovery code handle calling setNewSession (authored by ashoat). · Explain WhyMar 5 2024, 8:51 AM
This revision was automatically updated to reflect the committed changes.
ashoat added a commit: rCOMMd33b36fb3557: [lib] Let keyserver session recovery code handle calling setNewSession.
ashoat mentioned this in rCOMM477ec3ca967d: [lib] Dispatch SET_NEW_SESSION when session recovery fails.
ashoat mentioned this in rCOMMfaeec0cee2c7: [lib] Make resolveKeyserverSessionInvalidation generic.

Revision Contents
Changeset List

Diff 37831

View Options

lib/keyserver-conn/call-keyserver-endpoint-provider.react.js

Loading...
View Options

lib/utils/call-single-keyserver-endpoint.js

Loading...