Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ENOTEMPTY after login #231

Open
pixtron opened this issue Jan 27, 2020 · 0 comments
Open

ENOTEMPTY after login #231

pixtron opened this issue Jan 27, 2020 · 0 comments
Labels
auth bug hasfix
Milestone
1.3.x

Comments

@pixtron
Copy link
Member

pixtron commented Jan 27, 2020
edited
Loading

Describe the bug

When the keystore conatins expired or invalid access- and refresh-tokens and an active instance with authMethod: oidc is linked, during app start a new authorization request is made.
If the user then logs in with a different user than linked in the active instance, unarchiving of the Balloon Dir fails.

To Reproduce

1.) Login with oidc user a
2.) Logout and login with oidc user b
3.) Stop Balloon
4.) change accessToken and refreshToken in keystore to invalid values.
5.) Start app again
6.) Login with user a

Expected behavior

1.) ~/Balloon should be archived to ~/Balloon-b,
2.) ~/Balloon-a should be unarchived to ~/Balloon
3.) User a should be logged in

Probably also auth.login() should only call refreshAccessToken and also _refreshOidcAccessToken should only call oidcCtrl.refreshAccessToken and if it fails not create a new authorization request. For now auth.login() calls oidcAuth which calls oidcCtrl.signin, which tries first to refresh the access token, and if that fails creates a new authorization request.

balloon-client-desktop/app/lib/auth/controller.js

Lines 406 to 412 in 39f0000

oidcAuth(idpConfig).then(resolve).catch((err) => {
logger.info('oidc login failed, open startup configuration', {
category: 'auth',
error: err
});
startup().then(resolve).catch(reject);

Environment

  • desktop client version: v1.3.x (39f0000) and before.
  • client os: OSX

Additional context

As long as the user does not log in with user b or via another identity provider, the error persists.

Although in the case, that the user logs in via basic auth or another identity provider
a.) the Data Dir of user B is wrongly archived to ~/Balloon-a-1 and the instance of user B is not correctly updated.
b.) the synchronization stops with E_BLN_CONFIG_CREDENTIALS and the accounts gets unlinked.
c.) the config in the instance of user A gets messed up with information of user B (eg.: balloonDir, path to instance dir)

Also see: #161

ERROR <main> [category]: failed to authorize via oidc ({"error":{"stack":
  "Error: ENOTEMPTY: directory not empty, rename '/Users/../Balloon-usera' -> '/Users/../Balloon'",
  "message":"ENOTEMPTY: directory not empty, rename '/Users/../Balloon-usera' -> '/Users/../Balloon'",
  "errno":-66,"code":"ENOTEMPTY",
  "syscall":"rename",
  "path":"/Users/../Balloon-usera","dest":"/Users/../Balloon"
}})
@pixtron pixtron added the bug label Jan 27, 2020
pixtron added a commit that referenced this issue Feb 5, 2020
@pixtron
unlink active instance, if a user logs in with a different username
5f05443 
Related to: #231
pixtron added a commit that referenced this issue Feb 5, 2020
@pixtron
When refreshing an access_token fails do not create authorization req…
3ee01e7 
…uest

Related to: #231
pixtron added a commit that referenced this issue Feb 5, 2020
@pixtron
Always load correct instance when login is vreified
b2e1d32 
Related to: #232, #231
pixtron added a commit that referenced this issue Feb 5, 2020
@pixtron
Only set client config after correct instance has been loaded
5abe7f8 
Related to: #231
@pixtron pixtron mentioned this issue Feb 5, 2020
Merged
@pixtron pixtron added this to the 1.3.x milestone Mar 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth bug hasfix
Projects
None yet
Milestone
1.3.x
Development

No branches or pull requests
1 participant
@pixtron