mirror of
https://github.com/zarzet/SpotiFLAC-Mobile.git
synced 2026-07-03 03:15:51 +02:00
fix(extensions): bootstrap and clear pending signed-session auth
Ensure pending auth requests are created when verification is needed but missing, and clear them after signed-session grant completion or clear so stale challenges do not block later verification flows.
This commit is contained in:
+35
-1
@@ -3287,7 +3287,7 @@ func InvokeExtensionActionJSON(extensionID, actionName string) (string, error) {
|
||||
}
|
||||
|
||||
func GetExtensionPendingAuthJSON(extensionID string) (string, error) {
|
||||
req := GetPendingAuthRequest(extensionID)
|
||||
req := ensureExtensionPendingAuthRequest(extensionID)
|
||||
if req == nil {
|
||||
return "", nil
|
||||
}
|
||||
@@ -3306,6 +3306,40 @@ func GetExtensionPendingAuthJSON(extensionID string) (string, error) {
|
||||
return string(jsonBytes), nil
|
||||
}
|
||||
|
||||
func ensureExtensionPendingAuthRequest(extensionID string) *PendingAuthRequest {
|
||||
extensionID = strings.TrimSpace(extensionID)
|
||||
if extensionID == "" {
|
||||
return nil
|
||||
}
|
||||
|
||||
if req := GetPendingAuthRequest(extensionID); req != nil {
|
||||
return req
|
||||
}
|
||||
|
||||
manager := getExtensionManager()
|
||||
ext, err := manager.GetExtension(extensionID)
|
||||
if err != nil || ext == nil || !ext.Enabled || ext.Manifest == nil || ext.Manifest.SignedSession == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
if err := ext.ensureRuntimeReady(); err != nil || ext.runtime == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
config := signedSessionConfigWithDefaults(ext.Manifest.SignedSession)
|
||||
if config.Namespace == "" || config.BaseURL == "" {
|
||||
return nil
|
||||
}
|
||||
if record, err := ext.runtime.loadSignedSession(config); err == nil {
|
||||
record.SessionID = ""
|
||||
record.SessionSecret = ""
|
||||
record.ExpiresAt = ""
|
||||
_ = ext.runtime.saveSignedSession(config, record)
|
||||
}
|
||||
ext.runtime.startSignedSessionVerification(config, "pending-auth-request")
|
||||
return GetPendingAuthRequest(extensionID)
|
||||
}
|
||||
|
||||
func SetExtensionAuthCodeByID(extensionID, authCode string) {
|
||||
SetExtensionAuthCode(extensionID, authCode)
|
||||
}
|
||||
|
||||
@@ -236,6 +236,7 @@ func (r *extensionRuntime) signedSessionClear(call goja.FunctionCall) goja.Value
|
||||
if err := r.saveSignedSession(config, record); err != nil {
|
||||
return r.vm.ToValue(map[string]interface{}{"success": false, "error": err.Error()})
|
||||
}
|
||||
ClearPendingAuthRequest(r.extensionID)
|
||||
return r.vm.ToValue(map[string]interface{}{"success": true})
|
||||
}
|
||||
|
||||
@@ -256,6 +257,7 @@ func (r *extensionRuntime) signedSessionCompleteGrant(call goja.FunctionCall) go
|
||||
if err := r.exchangeSignedSessionGrant(grant); err != nil {
|
||||
return r.vm.ToValue(map[string]interface{}{"success": false, "error": err.Error()})
|
||||
}
|
||||
ClearPendingAuthRequest(r.extensionID)
|
||||
return r.vm.ToValue(map[string]interface{}{"success": true})
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user