Created
March 4, 2024 04:26
-
-
Save Ashoat/75ab690d5c53cdd68a51b02e03e27c58 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Test successful session invalidation in single keyserver world | |
- I prevented the `Socket` from rendering by adding a `return null` line before the other returns in `KeyserverConnectionHandler`. This avoided the `Socket` triggering session recovery. | |
- I started the iOS simulator and logged in using a test user. | |
- I opened the Redux Dev Tools | |
- I deleted the test user's cookie from the MariaDB database: `DELETE FROM cookies WHERE user = 6390578 AND platform = 'ios'` | |
- I sent a message as the test user | |
- I confirmed that session recovery was triggered in the Redux dev tools (and through some console logs) | |
- I repeated the process above several times to make sure it consistently worked multiple times in a single run | |
- I confirmed that the message was delivered "transparently" (without any visible issues, or evidence of session invalidation) | |
2. Test failed session invalidation in single keyserver world | |
- I ran through the above test, but I hacked `legacy-recover-keyserver-session.js` to use the wrong password so the session recovery would fail | |
- I confirmed that I was logged out, and that an alert appeared explaining that my session was invalidated | |
3. Test logging out during session recovery | |
- I triggered an infinite loop of session recoveries by running through the above test, but swallowing the `SET_NEW_SESSION` | |
- I logged out of the app | |
- I confirmed that the session recovery loop stopped, and that I was logged out successfully | |
4. Tested various callsites of keyserver session recovery | |
1. Tested `LoggedOutModal.onInitialAppLoad` on `native` by faking the value of `loggedIn` | |
- To force `LoggedOutModal` to always render when the app started in `DEV` mode (rather than the ReactNav state being cached from the last render), I needed to comment out [this code](https://github.com/CommE2E/comm/blob/a4757d29427530b8de8f0dc182e40398482bc5a3/native/root.react.js#L139-L151) | |
- To force `onInitialAppLoad` to work, I needed to comment out the `__DEV__` check [here](https://github.com/CommE2E/comm/blob/a4757d29427530b8de8f0dc182e40398482bc5a3/native/account/logged-out-modal.react.js#L433) | |
- Confirmed it worked when correct password was provided | |
- Made `keychainCredentials.password` wrong in `resolveKeyserverSessionInvalidationUsingNativeCredentials` and confirmed that recovery failed | |
2. Tested `recoveryActionSources.socketNotLoggedIn` on `native` by forcing keyserver socket to return `not_logged_in` | |
- I just added an `|| true` to [this line](https://github.com/CommE2E/comm/blob/a4757d29427530b8de8f0dc182e40398482bc5a3/keyserver/src/socket/socket.js#L225) | |
3. Tested `recoveryActionSources.socketAuthErrorResolutionAttempt` on `native` by forcing keyserver socket to return `AUTH_ERROR` | |
- I just added an `|| true` to [this line](https://github.com/CommE2E/comm/blob/a4757d29427530b8de8f0dc182e40398482bc5a3/keyserver/src/socket/socket.js#L220) | |
4. Tested `recoveryActionSources.refetchUserDataAfterAcknowledgment` on `native` | |
- This one was more complicated | |
- First, I forced `baseNoDataAfterPolicyAcknowledgmentSelector` to always return `true` | |
- Then I [added](https://gist.github.com/Ashoat/fc4ce2af0f3c620cd55e8c36e4115bf1) a sleep longer than 10s (the client timeout) to the keyserver's response to the client's initial socket message | |
- But also [bumped](https://gist.github.com/Ashoat/fc4ce2af0f3c620cd55e8c36e4115bf1) the keyserver's own timeout for it to send a response, so that the keyserver wouldn't send a timeout response and invalidate the counter | |
- After that, I confirmed that the counter eventually got bumped and forced a session recovery | |
5. Tested `recoveryActionSources.refetchUserDataAfterAcknowledgment` on `web` | |
- On top of what I did above, I had to make `web/socket.react.js` set `noDataAfterPolicyAcknowledgment={true}` on `Socket` | |
- I confirmed that on web, the user was just signed out as soon as the session recovery was triggered (as session recovery is not possible) | |
6. Tested `SQLiteDataHandler` failures on `native` | |
- Tested the `databaseNeedsDeletion` case by adding an `|| true` to `if (databaseNeedsDeletion)` | |
- Tested the `catch (setStoreException)` case by adding a `throw` to the `try` block above it |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment