fix(extensions): bootstrap and clear pending signed-session auth

Ensure pending auth requests are created when verification is needed but
missing, and clear them after signed-session grant completion or clear
so stale challenges do not block later verification flows.
This commit is contained in:
zarzet
2026-07-01 08:18:35 +07:00
parent 08c738dc69
commit 2c2cf8cdf8
2 changed files with 37 additions and 1 deletions
+35 -1
View File
@@ -3287,7 +3287,7 @@ func InvokeExtensionActionJSON(extensionID, actionName string) (string, error) {
}
func GetExtensionPendingAuthJSON(extensionID string) (string, error) {
req := GetPendingAuthRequest(extensionID)
req := ensureExtensionPendingAuthRequest(extensionID)
if req == nil {
return "", nil
}
@@ -3306,6 +3306,40 @@ func GetExtensionPendingAuthJSON(extensionID string) (string, error) {
return string(jsonBytes), nil
}
func ensureExtensionPendingAuthRequest(extensionID string) *PendingAuthRequest {
extensionID = strings.TrimSpace(extensionID)
if extensionID == "" {
return nil
}
if req := GetPendingAuthRequest(extensionID); req != nil {
return req
}
manager := getExtensionManager()
ext, err := manager.GetExtension(extensionID)
if err != nil || ext == nil || !ext.Enabled || ext.Manifest == nil || ext.Manifest.SignedSession == nil {
return nil
}
if err := ext.ensureRuntimeReady(); err != nil || ext.runtime == nil {
return nil
}
config := signedSessionConfigWithDefaults(ext.Manifest.SignedSession)
if config.Namespace == "" || config.BaseURL == "" {
return nil
}
if record, err := ext.runtime.loadSignedSession(config); err == nil {
record.SessionID = ""
record.SessionSecret = ""
record.ExpiresAt = ""
_ = ext.runtime.saveSignedSession(config, record)
}
ext.runtime.startSignedSessionVerification(config, "pending-auth-request")
return GetPendingAuthRequest(extensionID)
}
func SetExtensionAuthCodeByID(extensionID, authCode string) {
SetExtensionAuthCode(extensionID, authCode)
}
+2
View File
@@ -236,6 +236,7 @@ func (r *extensionRuntime) signedSessionClear(call goja.FunctionCall) goja.Value
if err := r.saveSignedSession(config, record); err != nil {
return r.vm.ToValue(map[string]interface{}{"success": false, "error": err.Error()})
}
ClearPendingAuthRequest(r.extensionID)
return r.vm.ToValue(map[string]interface{}{"success": true})
}
@@ -256,6 +257,7 @@ func (r *extensionRuntime) signedSessionCompleteGrant(call goja.FunctionCall) go
if err := r.exchangeSignedSessionGrant(grant); err != nil {
return r.vm.ToValue(map[string]interface{}{"success": false, "error": err.Error()})
}
ClearPendingAuthRequest(r.extensionID)
return r.vm.ToValue(map[string]interface{}{"success": true})
}