diff --git a/foodgroup/auth.go b/foodgroup/auth.go index 94c5423..bf8888a 100644 --- a/foodgroup/auth.go +++ b/foodgroup/auth.go @@ -123,12 +123,17 @@ func (s AuthService) RegisterBOSSession(authCookie []byte) (*state.Session, erro // RetrieveBOSSession returns a user's existing session func (s AuthService) RetrieveBOSSession(authCookie []byte) (*state.Session, error) { - screenName, err := s.cookieBaker.Crack(authCookie) + buf, err := s.cookieBaker.Crack(authCookie) if err != nil { return nil, err } - u, err := s.userManager.User(state.NewIdentScreenName(string(screenName))) + c := bosCookie{} + if err := wire.UnmarshalBE(&c, bytes.NewBuffer(buf)); err != nil { + return nil, err + } + + u, err := s.userManager.User(state.NewIdentScreenName(c.ScreenName.String())) if err != nil { return nil, fmt.Errorf("failed to retrieve user: %w", err) } diff --git a/foodgroup/auth_test.go b/foodgroup/auth_test.go index a7ec5ca..cd47da3 100644 --- a/foodgroup/auth_test.go +++ b/foodgroup/auth_test.go @@ -1193,17 +1193,22 @@ func TestAuthService_RegisterBOSSession(t *testing.T) { func TestAuthService_RetrieveBOSSession_HappyPath(t *testing.T) { sess := newTestSession("screen-name") + aimAuthCookie := bosCookie{ + ScreenName: sess.DisplayScreenName(), + } + buf := &bytes.Buffer{} + assert.NoError(t, wire.MarshalBE(aimAuthCookie, buf)) + authCookie := buf.Bytes() + sessionManager := newMockSessionManager(t) sessionManager.EXPECT(). RetrieveSession(sess.IdentScreenName()). Return(sess) - authCookie := []byte(`the-auth-cookie`) - cookieBaker := newMockCookieBaker(t) cookieBaker.EXPECT(). Crack(authCookie). - Return([]byte("screen-name"), nil) + Return(authCookie, nil) userManager := newMockUserManager(t) userManager.EXPECT(). @@ -1220,17 +1225,23 @@ func TestAuthService_RetrieveBOSSession_HappyPath(t *testing.T) { func TestAuthService_RetrieveBOSSession_SessionNotFound(t *testing.T) { sess := newTestSession("screen-name") + aimAuthCookie := bosCookie{ + ScreenName: sess.DisplayScreenName(), + } + buf := &bytes.Buffer{} + assert.NoError(t, wire.MarshalBE(aimAuthCookie, buf)) + authCookie := buf.Bytes() + sessionManager := newMockSessionManager(t) sessionManager.EXPECT(). RetrieveSession(sess.IdentScreenName()). Return(nil) - authCookie := []byte(`the-auth-cookie`) cookieBaker := newMockCookieBaker(t) cookieBaker.EXPECT(). Crack(authCookie). - Return([]byte("screen-name"), nil) + Return(authCookie, nil) userManager := newMockUserManager(t) userManager.EXPECT().