Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sort out auth token refresh and setCredentials synchronization #101

Merged
merged 5 commits into from
Sep 17, 2024
Merged

Sort out auth token refresh and setCredentials synchronization #101

merged 5 commits into from
Sep 17, 2024

Conversation

michpohl
Copy link
Contributor

@michpohl michpohl commented Sep 6, 2024
edited
Loading

This fix makes auth networking more robust and predictable. While under normal circumstances the changes added here don't have an effect, making sure our SharedPreferences editing is synchronized with backend calls is necessary to enable certain types of UI tests (such as our benchmark tests) to run, as setCredentials can be called at any time.

When calling setCredentials, we essentially force credentials to be saved in the auth module's storage.
If we do this while a request for token update is in flight, we run the risk that upon return of that request, the credentials you just saved to be overwritten immediately.

This change fixes that by changing how our network calls are synchronized using a Mutex:

  • it is now shared between LoginRepository and TokenRepository
  • setCredentials is now synced too, making sure it will wait for all previously issued getCredentials calls to finish.

All following calls to getCredentials will be based on whatever was saved using setCredentials, so this change effectively prevents accidental overwrites for tests and other automated orchestration.

@michpohl michpohl force-pushed the michael/Sort-out-token-refresh-and-saving-synchronization branch 2 times, most recently from 5040064 to 96f7d15 Compare September 9, 2024 12:39
@michpohl michpohl marked this pull request as ready for review September 9, 2024 12:41
@michpohl michpohl requested a review from a team as a code owner September 9, 2024 12:41
@stoyicker
Copy link
Member

I haven't looked at the code yet, but from reading the description, it looks to me like this is the wrong approach. If calls to setCredentials need to prevail over ongoing updates, instead of waiting for ongoing/queued updates to complete, you should cancel ongoing/queued updates and execute on setCredentials calls immediately.

@michpohl
Copy link
Contributor Author

michpohl commented Sep 10, 2024
edited
Loading

I haven't looked at the code yet, but from reading the description, it looks to me like this is the wrong approach. If calls to setCredentials need to prevail over ongoing updates, instead of waiting for ongoing/queued updates to complete, you should cancel ongoing/queued updates and execute on setCredentials calls immediately.

On a conceptual level you might have a point, but it turned out to be pretty complex to solve the problem that way, which is why I ended up with this solution.
I'll give it another go though, maybe I find a better approach.

@michpohl
Copy link
Contributor Author

michpohl commented Sep 11, 2024
edited
Loading

@stoyicker see here for an alternative approach. This variant is out of the question for now - while seemingly correct it adds too much complexity and investing more time into bugproofing it is not warranted at this time.

@michpohl michpohl mentioned this pull request Sep 11, 2024
Closed
@subhasha1
Copy link
Contributor

If i understood correctly, this fix waits for any pending auth calls before applying values passed on setCredential.
Since setCredential's is only used internally,
I feel like this is perfectly acceptable solution to the problem we have.

I agree this can be further improved to an ideal implementation, but that might mean investing seemingly needless more engineering hours to the problem we would never have. imo, good to look further if thats quick

@michpohl
Inject shared mutex for both LoginRepository and TokenRepository
57934f6
@michpohl
Wrap backendCalls with withContext(Dispatchers.IO)
9b1b3de 
We know that this is done by our networking lib anyways. However, it makes sense to switch over to the correct context as early as possible
@michpohl
Add tests to ensure our mutex prevents saving of credentials while a …
e4bfa06 
…refresh is in flight
@michpohl
Remove some stray print statements
ab807b5 
These are unrelated to the logic, but since they were missed earlier, I took the opportunity to remove them.
@michpohl
Pass dispatcher as optional constructor arg into auth's TokenRepository
08ea6b9 
Running suspend funs in here using withContextbdDispatchers.IO) now forces us to be able to inject a CoroutineDispatcher, as otherwise tests won't work.
@michpohl michpohl force-pushed the michael/Sort-out-token-refresh-and-saving-synchronization branch from 96f7d15 to 08ea6b9 Compare September 16, 2024 16:33
@michpohl michpohl added this pull request to the merge queue Sep 17, 2024
Merged via the queue into main with commit 015682a Sep 17, 2024
7 checks passed
@michpohl michpohl deleted the michael/Sort-out-token-refresh-and-saving-synchronization branch September 17, 2024 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stoyicker stoyicker stoyicker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@michpohl @stoyicker @subhasha1