RJS-2789: Surface errors when linking credentials fails (#6588)

* Adding an error_code check for "InvalidSession" before refreshing access tokens * "build" got renamed to "bundle" * Fixing tsconfig.json * Comitting changes made by npm 10.5.0 * Adding a changelog header * Adding a note to the changelog * Fixing unit tests * Fixed handling invalid token signatures * Update packages/realm-web/package.json
realm · Apr 4, 2024 · 4e99e63 · 4e99e63
1 parent 86eb923
commit 4e99e63
Show file tree

Hide file tree

Showing 9 changed files with 52 additions and 74 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/realm-web/CHANGELOG.md b/packages/realm-web/CHANGELOG.md
@@ -1,3 +1,17 @@
+## vNext (TBD)
+
+### Deprecations
+* None
+
+### Enhancements
+* None
+
+### Fixed
+* Fixed an endless loop of requests that would happen if linking credentials failed due to an authentication failure. ([#6588](https://github.com/realm/realm-js/pull/6588), since v0.6.0)
+
+### Internal
+* None
+
 2.0.0 Release notes (2022-10-18)
 =============================================================
 

diff --git a/packages/realm-web/package.json b/packages/realm-web/package.json
@@ -11,9 +11,8 @@
     "./dist/bundle.es.js": "./dist/bundle.dom.es.js"
   },
   "scripts": {
-    "prepack": "npm run build",
     "bundle": "wireit",
-    "start": "npm run build -- --watch",
+    "start": "npm run bundle -- --watch",
     "lint": "eslint --ext .js,.ts .",
     "test": "mocha",
     "postversion": "ts-node --project scripts/tsconfig.json scripts/postversion.ts",

diff --git a/packages/realm-web/src/App.ts b/packages/realm-web/src/App.ts
@@ -390,6 +390,6 @@ export class App<
    */
   private hydrate() {
     const userIds = this.storage.getUserIds();
-    this.users = userIds.map((id) => new User({ app: this, id }));
+    this.users = userIds.map((id) => new User<FunctionsFactoryType, CustomDataType>({ app: this, id }));
   }
 }
diff --git a/packages/realm-web/src/Fetcher.ts b/packages/realm-web/src/Fetcher.ts
@@ -237,20 +237,28 @@ export class Fetcher implements LocationUrlContext {
 
       if (response.ok) {
         return response;
-      } else if (user && response.status === 401 && tokenType === "access") {
-        // If the access token has expired, it would help refreshing it
-        await user.refreshAccessToken();
-        // Retry with the specific user, since the currentUser might have changed.
-        return this.fetch({ ...request, user });
       } else {
-        if (user && response.status === 401 && tokenType === "refresh") {
-          // A 401 error while using the refresh token indicates the token has an issue.
-          // Reset the tokens to prevent a lock.
-          user.accessToken = null;
-          user.refreshToken = null;
+        const error = await MongoDBRealmError.fromRequestAndResponse(url, request, response);
+        if (
+          user &&
+          response.status === 401 &&
+          (error.errorCode === "InvalidSession" || // Expired token
+            error.error === "unauthorized") // Entirely invalid signature
+        ) {
+          if (tokenType === "access") {
+            // If the access token has expired, it would help refreshing it
+            await user.refreshAccessToken();
+            // Retry with the specific user, since the currentUser might have changed.
+            return this.fetch({ ...request, user });
+          } else if (tokenType === "refresh") {
+            // A 401 error while using the refresh token indicates the token has an issue.
+            // Reset the tokens to prevent a lock.
+            user.accessToken = null;
+            user.refreshToken = null;
+          }
         }
         // Throw an error with a message extracted from the body
-        throw await MongoDBRealmError.fromRequestAndResponse(url, request, response);
+        throw error;
       }
     } else {
       throw new Error("Expected either 'url' or 'path'");

diff --git a/packages/realm-web/src/tests/utils/MockFetch.ts b/packages/realm-web/src/tests/utils/MockFetch.ts
@@ -58,7 +58,7 @@ export function createMockFetch(responses: unknown[]): MockFetch {
           url: response.url,
           json: async () => ({
             error: response.error,
-            errorCode: response.errorCode,
+            error_code: response.errorCode,
             link: response.link,
           }),
           headers: {

diff --git a/packages/realm-web/src/tests/utils/index.ts b/packages/realm-web/src/tests/utils/index.ts
@@ -72,6 +72,7 @@ export const INVALID_SESSION_ERROR = new MongoDBRealmError(
   401,
   "",
   "invalid session",
+  "InvalidSession",
 );
 
 export * from "./MockApp";

diff --git a/packages/realm-web/tsconfig.json b/packages/realm-web/tsconfig.json
@@ -8,6 +8,7 @@
 		"typeRoots": [
 			"./types",
 			"./node_modules/@types",
+			"../../node_modules",
 			"../../node_modules/@types",
 		],
 		"types": [

diff --git a/packages/realm/package.json b/packages/realm/package.json
@@ -377,4 +377,4 @@
       6
     ]
   }
-}
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -72,6 +72,7 @@ export const INVALID_SESSION_ERROR = new MongoDBRealmError( @@
 ,
       "",
       "invalid session",
+      "InvalidSession",
     );
     export * from "./MockApp";
@@ Expand Down @@