Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content

fix: resolve OAuth and SSO migration issues

Fahim M. Choudhury requested to merge 3540-fix-account-manager-oauth-issue into main

Description

1. Resolved issue with Murena and Google account sync

For a non-SSO Murena account already set up, if users try to add a Google or Yahoo account later, Account Manager would incorrectly update the Murena account's authState with Google/Yahoo's authState.

Users would see no Google/Yahoo account added in the Account Manager and the affected Murena account would behave incorrectly too.

This bug was introduced in the SSO migration code.

The fix checks the new account's name and type with the existing non-SSO Murena accounts and only proceeds if there's a match.

2. Resolved auth state updating logic

updateAuthState() method now correctly updates the associated account and saves them inside user data.

Previously, for re-auth and SSO migration, the update method would replace all existing account's auth state with the latest one.

This is an old bug that predates SSO migration.

Tests

Required OS version: /e/OS v3.1-beta/rc onwards

Problem 1

  1. Remove all accounts from Account Manager; start fresh.
  2. Add a Murena account with username and password (use specific server if the password box is hidden initially).
  3. Let the sync complete; wait for a while.
  4. Add a Google account — complete the login steps.
  5. Observe that the Google account is not available in the Account Manager, even though the account addition seems successful.

In the fixed version, both the accounts will be available and will sync correctly.

Problem 2

  1. Remove all accounts from Account Manager; start fresh.
  2. Add a Murena account with username and password (use specific server if the password box is hidden initially).
  3. Let the sync complete; wait for a while.
  4. Add a Google and/or a Yahoo account.
  5. Let the sync complete; wait for a while.
  6. Reboot the device.
  7. Ensure the Murena SSO migration notification appears.
  8. Click on the notification and complete the migration.
  9. Observe that Google/Yahoo sync is not working. If you have HTTP Toolkit, observe that the requests are getting HTTP 401 Unauthorized response.
  10. Observe that Murena sync works.
  11. Go to the re-authentication setting for Google/Yahoo.
  12. Do a re-auth.
  13. Observe that sync works again for the re-authed account.
  14. If you have set up all three accounts — Murena, Google, and Yahoo — observe that after SSO migration, Google and Yahoo both will have sync errors — confirm via HTTP Toolkit.
  15. If you do a re-auth on any of the accounts, Murena and the account re-authed will be syncing; the remaining account will not sync.

In the fixed version, all three accounts live side-by-side without affecting others.

Issues

https://gitlab.e.foundation/e/os/backlog/-/issues/3540

10 commandments of code review

👪 ❤️ https://gitlab.e.foundation/groups/e/-/wikis/contribute/development-processes/code-review-guidelines

Edited by Fahim M. Choudhury

Merge request reports