From 94af959d2534ee9917105ccc96028976014dafae Mon Sep 17 00:00:00 2001 From: Mike Date: Wed, 28 Aug 2024 20:19:45 -0400 Subject: [PATCH] fix regression in admin service Update RetrieveBOSSession to unmarshal the bosCookie send by OService ServiceRequest redirect. Before, RetrieveBOSSession was expecting a plain string cookie. --- foodgroup/auth.go | 9 +++++++-- foodgroup/auth_test.go | 21 ++++++++++++++++----- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/foodgroup/auth.go b/foodgroup/auth.go index 94c54237..bf8888a9 100644 --- a/foodgroup/auth.go +++ b/foodgroup/auth.go @@ -123,12 +123,17 @@ func (s AuthService) RegisterBOSSession(authCookie []byte) (*state.Session, erro // RetrieveBOSSession returns a user's existing session func (s AuthService) RetrieveBOSSession(authCookie []byte) (*state.Session, error) { - screenName, err := s.cookieBaker.Crack(authCookie) + buf, err := s.cookieBaker.Crack(authCookie) if err != nil { return nil, err } - u, err := s.userManager.User(state.NewIdentScreenName(string(screenName))) + c := bosCookie{} + if err := wire.UnmarshalBE(&c, bytes.NewBuffer(buf)); err != nil { + return nil, err + } + + u, err := s.userManager.User(state.NewIdentScreenName(c.ScreenName.String())) if err != nil { return nil, fmt.Errorf("failed to retrieve user: %w", err) } diff --git a/foodgroup/auth_test.go b/foodgroup/auth_test.go index a7ec5cac..cd47da3c 100644 --- a/foodgroup/auth_test.go +++ b/foodgroup/auth_test.go @@ -1193,17 +1193,22 @@ func TestAuthService_RegisterBOSSession(t *testing.T) { func TestAuthService_RetrieveBOSSession_HappyPath(t *testing.T) { sess := newTestSession("screen-name") + aimAuthCookie := bosCookie{ + ScreenName: sess.DisplayScreenName(), + } + buf := &bytes.Buffer{} + assert.NoError(t, wire.MarshalBE(aimAuthCookie, buf)) + authCookie := buf.Bytes() + sessionManager := newMockSessionManager(t) sessionManager.EXPECT(). RetrieveSession(sess.IdentScreenName()). Return(sess) - authCookie := []byte(`the-auth-cookie`) - cookieBaker := newMockCookieBaker(t) cookieBaker.EXPECT(). Crack(authCookie). - Return([]byte("screen-name"), nil) + Return(authCookie, nil) userManager := newMockUserManager(t) userManager.EXPECT(). @@ -1220,17 +1225,23 @@ func TestAuthService_RetrieveBOSSession_HappyPath(t *testing.T) { func TestAuthService_RetrieveBOSSession_SessionNotFound(t *testing.T) { sess := newTestSession("screen-name") + aimAuthCookie := bosCookie{ + ScreenName: sess.DisplayScreenName(), + } + buf := &bytes.Buffer{} + assert.NoError(t, wire.MarshalBE(aimAuthCookie, buf)) + authCookie := buf.Bytes() + sessionManager := newMockSessionManager(t) sessionManager.EXPECT(). RetrieveSession(sess.IdentScreenName()). Return(nil) - authCookie := []byte(`the-auth-cookie`) cookieBaker := newMockCookieBaker(t) cookieBaker.EXPECT(). Crack(authCookie). - Return([]byte("screen-name"), nil) + Return(authCookie, nil) userManager := newMockUserManager(t) userManager.EXPECT().