HomePhabricator
Diffusion Comm cc1b7e413708

[native] Don't skip ConnectEthereum if nonce is expired

Description

[native] Don't skip ConnectEthereum if nonce is expired

Summary:
If the nonce used for SIWE will be rejected by the relevant backend (authoritative keyserver or identity service, depending on usingCommServicesAccessToken) due to expiration, then we should force the user to generate a new SIWE signature.

Would normally put @varun on the review here, but going to ask @inka instead because he is out.

Depends on D12006

Test Plan:
I tested (or will test) this diff stack as follows:

  1. Be in a multi-keyserver environment, testing SIWE with iOS simulator
  2. Do a SIWE and then wait 2 minutes to let the nonce expire in the following screens:
    • FullscreenSIWEPanel for an account that doesn't exist yet when the new registration flow is disabled
    • FullscreenSIWEPanel for an account that doesn't exist yet when the new registration flow is enabled
    • FullscreenSIWEPanel for an account that does exist
    • New registration flow for an account that doesn't exist yet (RegistrationTerms)
    • New registration flow for an account that does exist (ExistingEthereumAccount)
  3. Make sure there are no duplicate Alerts, that in all cases an Alert is shown, and that the "back" action activates when the user confirms the Alert

Reviewers: inka

Reviewed By: inka

Subscribers: tomek, varun, inka

Differential Revision: https://phab.comm.dev/D12007

Details

Provenance
ashoatAuthored on May 10 2024, 10:27 AM
Reviewer
inka
Differential Revision
D12007: [native] Don't skip ConnectEthereum if nonce is expired
Parents
rCOMMff1fb0e9cd59: [keyserver][lib][native] Introduce siweNonceExpired
Branches
Unknown
Tags
Unknown