Failure when finding a refresh token in a non OIDC login (#2377)

Co-authored-by: Doug <6060466+pixlwave@users.noreply.github.com>
2025-03-10 21:39:12 +00:00 · 2024-01-25 13:35:26 +01:00 · 2024-01-25 13:35:26 +01:00 · 99a31cab00
commit 99a31cab00
parent a9460cc06f
4 changed files with 18 additions and 1 deletions
--- a/ElementX/Sources/Screens/Authentication/SoftLogoutScreen/SoftLogoutScreenCoordinator.swift
+++ b/ElementX/Sources/Screens/Authentication/SoftLogoutScreen/SoftLogoutScreenCoordinator.swift
@ -186,6 +186,10 @@ final class SoftLogoutScreenCoordinator: CoordinatorProtocol {
        case .oidcError(.userCancellation):
            // No need to show an error, the user cancelled authentication.
            break
+        case .sessionTokenRefreshNotSupported:
+            // We should display a specific error saying that we do not support this kind of login
+            // But the copy is TBD
+            viewModel.displayError(.alert(L10n.errorUnknown))
        default:
            viewModel.displayError(.alert(L10n.errorUnknown))
        }
--- a/ElementX/Sources/Services/Authentication/AuthenticationServiceProxy.swift
+++ b/ElementX/Sources/Services/Authentication/AuthenticationServiceProxy.swift
@ -122,6 +122,18 @@ class AuthenticationServiceProxy: AuthenticationServiceProxyProtocol {
                                                     deviceId: deviceID)
            }
            
+            let refreshToken = try? await Task.dispatch(on: .global()) {
+                try client.session().refreshToken
+            }
+            
+            if refreshToken != nil {
+                MXLog.warning("Refresh token found for a non oidc session, can't restore session, logging out")
+                _ = await Task.dispatch(on: .global()) {
+                    try? client.logout()
+                }
+                return .failure(.sessionTokenRefreshNotSupported)
+            }
+            
            return await userSession(for: client)
        } catch {
            MXLog.error("Failed logging in with error: \(error)")
--- a/ElementX/Sources/Services/Authentication/AuthenticationServiceProxyProtocol.swift
+++ b/ElementX/Sources/Services/Authentication/AuthenticationServiceProxyProtocol.swift
@ -34,8 +34,8 @@ enum AuthenticationServiceError: Error {
    case slidingSyncNotAvailable
    case accountDeactivated
    case failedLoggingIn
-    
    case isOnWaitlist
+    case sessionTokenRefreshNotSupported
 }

 protocol AuthenticationServiceProxyProtocol {
--- a/changelog.d/2365.bugfix
+++ b/changelog.d/2365.bugfix
@ -0,0 +1 @@
+If a refresh token is found in a non OIDC session, the app will be logged out.
				`@ -0,0 +1 @@`
				`If a refresh token is found in a non OIDC session, the app will be logged out.`