Page MenuHomePhabricator

[lib][web][native] Handle invalidSessionDowngrade for identity actions
ClosedPublic

Authored by inka on Feb 6 2024, 2:59 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Wed, Dec 18, 1:49 AM
Unknown Object (File)
Fri, Dec 6, 3:47 PM
Unknown Object (File)
Mon, Nov 25, 3:07 PM
Unknown Object (File)
Nov 10 2024, 10:13 AM
Subscribers

Details

Summary

When we start using CSAT, we can use identityInvalidSessionDowngrade (D10962) to check if session downgrade is valid. Until then we have to use the old logic, because CSAT is always undefined, so we cannot check if identity session changed, and if the same user logs backin, the session downgrade may be incorrectly considered valid

Test Plan

Tested that if using CSAT, and a different CSAT is present in state and in preRequestUserState, then this code returns
Tested that if currentUserInfo and preRequestUserState.currentUserInfo are the same, and CSAT is present in state and in preRequestUserState are the same, and a user is logged in and the action is trying to downgrade the session - then resetUserSpecificStateOnIdentityActions is called and action goes to the next reducers
Tested that if using CSAT currentUserInfo and preRequestUserState.currentUserInfo are different, then this code returns
Tested that if not using CSAT, this code correctly disregards an action performing an invalid session downgrade

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

inka requested review of this revision.Feb 6 2024, 3:37 AM
michal added inline comments.
native/redux/redux-setup.js
165–179 ↗(On Diff #36672)

It might be cleaner if we moved usingCommServicesAccessToken check into identityInvalidSessionDowngrade and "redirect" to invalidSessionDowngrade inside it.

This revision is now accepted and ready to land.Feb 7 2024, 4:02 AM

Address review - move usingCommServicesAccessToken check into identityInvalidSessionDowngrade