+175 -94

src/components/output/raw/atproto/element.js

reviewed

··· 1 1 - import { Client, ok } from "@atcute/client"; 1 1 + import { Client, ClientResponseError, ok } from "@atcute/client"; 2 2 import { BroadcastableDiffuseElement } from "@common/element.js"; 3 3 import { computed, signal } from "@common/signal.js"; 4 4 import { outputManager } from "../../common.js"; 5 5 - import { login, logout, OAuthUserAgent, restoreOrFinalize } from "./oauth.js"; 5 5 + import { 6 6 + clearStoredSession, 7 7 + login, 8 8 + logout, 9 9 + OAuthUserAgent, 10 10 + restoreOrFinalize, 11 11 + TokenRefreshError, 12 12 + } from "./oauth.js"; 6 13 7 14 /** 8 15 * @import {Signal} from "@common/signal.d.ts" ··· 38 45 this.#manager = outputManager({ 39 46 facets: { 40 47 empty: () => [], 41 41 - get: () => this.#listRecords("sh.diffuse.output.facet"), 48 48 + get: () => this.listRecords("sh.diffuse.output.facet"), 42 49 put: (data) => this.#putRecords("sh.diffuse.output.facet", data), 43 50 }, 44 51 playlistItems: { 45 52 empty: () => [], 46 46 - get: () => this.#listRecords("sh.diffuse.output.playlistItem"), 53 53 + get: () => this.listRecords("sh.diffuse.output.playlistItem"), 47 54 put: (data) => this.#putRecords("sh.diffuse.output.playlistItem", data), 48 55 }, 49 56 themes: { 50 57 empty: () => [], 51 51 - get: () => this.#listRecords("sh.diffuse.output.theme"), 58 58 + get: () => this.listRecords("sh.diffuse.output.theme"), 52 59 put: (data) => this.#putRecords("sh.diffuse.output.theme", data), 53 60 }, 54 61 tracks: { 55 62 empty: () => [], 56 56 - get: () => this.#listRecords("sh.diffuse.output.track"), 63 63 + get: () => this.listRecords("sh.diffuse.output.track"), 57 64 put: (data) => this.#putRecords("sh.diffuse.output.track", data), 58 65 }, 59 66 }); ··· 97 104 98 105 // AUTH 99 106 100 100 - async #tryRestore() { 101 101 - await this.whenConnected(); 102 102 - 103 103 - const session = await restoreOrFinalize(); 104 104 - 105 105 - if (session) { 106 106 - this.#setSession(session); 107 107 - } 108 108 - } 109 109 - 110 110 - /** 111 111 - * @param {import("@atcute/oauth-browser-client").Session} session 112 112 - */ 113 113 - #setSession(session) { 114 114 - this.#agent = new OAuthUserAgent(session); 115 115 - this.#rpc = new Client({ handler: this.#agent }); 116 116 - this.#did.value = session.info.sub; 117 117 - this.#authenticated.resolve(); 118 118 - } 119 119 - 120 107 /** 121 108 * Initiate the OAuth flow. 122 109 * Navigates the browser to the authorization server. ··· 140 127 } 141 128 } 142 129 130 130 + /** 131 131 + * Clear session state without contacting the server. 132 132 + * Used when the session has already been revoked. 133 133 + */ 134 134 + #clearSession() { 135 135 + this.#agent = null; 136 136 + this.#authenticated = Promise.withResolvers(); 137 137 + this.#did.value = null; 138 138 + this.#rpc = null; 139 139 + clearStoredSession(); 140 140 + } 141 141 + 142 142 + /** 143 143 + * @param {unknown} err 144 144 + * @returns {boolean} 145 145 + */ 146 146 + #isSessionError(err) { 147 147 + if (err instanceof TokenRefreshError) return true; 148 148 + // OAuthUserAgent.handle() swallows TokenRefreshError and returns the 149 149 + // original 401 response, which ok() wraps as a ClientResponseError. 150 150 + if (err instanceof ClientResponseError && err.status === 401) return true; 151 151 + if (err && typeof err === "object" && "cause" in err) { 152 152 + return this.#isSessionError(/** @type {any} */ (err).cause); 153 153 + } 154 154 + return false; 155 155 + } 156 156 + 157 157 + async #tryRestore() { 158 158 + await this.whenConnected(); 159 159 + 160 160 + try { 161 161 + const session = await restoreOrFinalize(); 162 162 + 163 163 + if (session) { 164 164 + this.#setSession(session); 165 165 + } 166 166 + } catch (err) { 167 167 + if (this.#isSessionError(err)) { 168 168 + this.#clearSession(); 169 169 + } else { 170 170 + throw err; 171 171 + } 172 172 + } 173 173 + } 174 174 + 175 175 + /** 176 176 + * @param {import("@atcute/oauth-browser-client").Session} session 177 177 + */ 178 178 + #setSession(session) { 179 179 + const agent = new OAuthUserAgent(session); 180 180 + 181 181 + // Intercept token refresh to detect session revocation proactively. 182 182 + // OAuthUserAgent.handle() swallows TokenRefreshError silently, 183 183 + // so we hook into getSession to clear state as soon as refresh fails. 184 184 + const originalGetSession = agent.getSession.bind(agent); 185 185 + agent.getSession = /** @param {any[]} args */ (...args) => { 186 186 + const promise = originalGetSession(...args); 187 187 + 188 188 + promise.catch((err) => { 189 189 + if (err instanceof TokenRefreshError) { 190 190 + this.#clearSession(); 191 191 + } 192 192 + }); 193 193 + 194 194 + return promise; 195 195 + }; 196 196 + 197 197 + this.#agent = agent; 198 198 + this.#rpc = new Client({ handler: agent }); 199 199 + this.#did.value = session.info.sub; 200 200 + this.#authenticated.resolve(); 201 201 + } 202 202 + 143 203 // RECORDS 144 204 145 205 /** 146 206 * @template T 147 207 * @param {string} collection 208 208 + * @param {string} [did] 148 209 * @returns {Promise<T[]>} 149 210 */ 150 150 - async #listRecords(collection) { 151 151 - if (!this.#rpc || !this.#did.value) return []; 211 211 + async listRecords(collection, did) { 212 212 + did ??= this.#did.value ?? undefined; 213 213 + 214 214 + if (!this.#rpc || !did) return []; 215 215 + 216 216 + try { 217 217 + const records = []; 218 218 + let cursor; 152 219 153 153 - const records = []; 154 154 - let cursor; 220 220 + do { 221 221 + /** @type {any} */ 222 222 + const page = await ok(this.#rpc.get( 223 223 + "com.atproto.repo.listRecords", 224 224 + { params: { repo: did, collection, limit: 100, cursor } }, 225 225 + )); 226 226 + 227 227 + for (const record of page.records) { 228 228 + records.push(record.value); 229 229 + } 155 230 156 156 - do { 157 157 - /** @type {any} */ 158 158 - const page = await ok(this.#rpc.get( 159 159 - "com.atproto.repo.listRecords", 160 160 - { params: { repo: this.#did.value, collection, limit: 100, cursor } }, 161 161 - )); 231 231 + cursor = page.cursor; 232 232 + } while (cursor); 162 233 163 163 - for (const record of page.records) { 164 164 - records.push(record.value); 234 234 + return records; 235 235 + } catch (err) { 236 236 + if (this.#isSessionError(err)) { 237 237 + this.#clearSession(); 238 238 + return []; 165 239 } 166 240 167 167 - cursor = page.cursor; 168 168 - } while (cursor); 169 169 - 170 170 - return records; 241 241 + throw err; 242 242 + } 171 243 } 172 244 173 245 /** ··· 177 249 async #putRecordsSync(collection, data) { 178 250 if (!this.#rpc || !this.#did.value) return; 179 251 180 180 - // 1. Fetch current state 181 181 - /** @type {Map<string, { rkey: string, value: unknown }>} */ 182 182 - const existing = new Map(); 183 183 - let cursor; 252 252 + try { 253 253 + // 1. Fetch current state 254 254 + /** @type {Map<string, { rkey: string, value: unknown }>} */ 255 255 + const existing = new Map(); 256 256 + let cursor; 184 257 185 185 - do { 186 186 - /** @type {any} */ 187 187 - const page = await ok(this.#rpc.get( 188 188 - "com.atproto.repo.listRecords", 189 189 - { params: { repo: this.#did.value, collection, limit: 100, cursor } }, 190 190 - )); 258 258 + do { 259 259 + /** @type {any} */ 260 260 + const page = await ok(this.#rpc.get( 261 261 + "com.atproto.repo.listRecords", 262 262 + { params: { repo: this.#did.value, collection, limit: 100, cursor } }, 263 263 + )); 191 264 192 192 - for (const record of page.records) { 193 193 - const rkey = record.uri.split("/").pop(); 194 194 - existing.set(record.value.id, { rkey, value: record.value }); 195 195 - } 265 265 + for (const record of page.records) { 266 266 + const rkey = record.uri.split("/").pop(); 267 267 + existing.set(record.value.id, { rkey, value: record.value }); 268 268 + } 196 269 197 197 - cursor = page.cursor; 198 198 - } while (cursor); 270 270 + cursor = page.cursor; 271 271 + } while (cursor); 199 272 200 200 - // 2. Build desired state 201 201 - const desired = new Map( 202 202 - data.map((record) => [record.id, { $type: collection, ...record }]), 203 203 - ); 273 273 + // 2. Build desired state 274 274 + const desired = new Map( 275 275 + data.map((record) => [record.id, { $type: collection, ...record }]), 276 276 + ); 204 277 205 205 - // 3. Compute diff 206 206 - /** @type {unknown[]} */ 207 207 - const writes = []; 278 278 + // 3. Compute diff 279 279 + /** @type {unknown[]} */ 280 280 + const writes = []; 208 281 209 209 - for (const [id, { rkey }] of existing) { 210 210 - if (!desired.has(id)) { 211 211 - writes.push({ 212 212 - $type: "com.atproto.repo.applyWrites#delete", 213 213 - collection, 214 214 - rkey, 215 215 - }); 282 282 + for (const [id, { rkey }] of existing) { 283 283 + if (!desired.has(id)) { 284 284 + writes.push({ 285 285 + $type: "com.atproto.repo.applyWrites#delete", 286 286 + collection, 287 287 + rkey, 288 288 + }); 289 289 + } 216 290 } 217 217 - } 218 291 219 219 - for (const [id, record] of desired) { 220 220 - const entry = existing.get(id); 292 292 + for (const [id, record] of desired) { 293 293 + const entry = existing.get(id); 294 294 + 295 295 + if (!entry) { 296 296 + writes.push({ 297 297 + $type: "com.atproto.repo.applyWrites#create", 298 298 + collection, 299 299 + rkey: id, 300 300 + value: record, 301 301 + }); 302 302 + } else if (JSON.stringify(entry.value) !== JSON.stringify(record)) { 303 303 + writes.push({ 304 304 + $type: "com.atproto.repo.applyWrites#update", 305 305 + collection, 306 306 + rkey: entry.rkey, 307 307 + value: record, 308 308 + }); 309 309 + } 310 310 + } 221 311 222 222 - if (!entry) { 223 223 - writes.push({ 224 224 - $type: "com.atproto.repo.applyWrites#create", 225 225 - collection, 226 226 - rkey: id, 227 227 - value: record, 312 312 + // 4. Apply 313 313 + if (writes.length > 0) { 314 314 + await this.#rpc.post("com.atproto.repo.applyWrites", { 315 315 + input: { repo: this.#did.value, writes }, 228 316 }); 229 229 - } else if (JSON.stringify(entry.value) !== JSON.stringify(record)) { 230 230 - writes.push({ 231 231 - $type: "com.atproto.repo.applyWrites#update", 232 232 - collection, 233 233 - rkey: entry.rkey, 234 234 - value: record, 235 235 - }); 317 317 + } 318 318 + } catch (err) { 319 319 + if (this.#isSessionError(err)) { 320 320 + this.#clearSession(); 321 321 + return; 236 322 } 237 237 - } 238 323 239 239 - // 4. Apply 240 240 - if (writes.length > 0) { 241 241 - await this.#rpc.post("com.atproto.repo.applyWrites", { 242 242 - input: { repo: this.#did.value, writes }, 243 243 - }); 324 324 + throw err; 244 325 } 245 326 } 246 327

+20 -3

src/components/output/raw/atproto/oauth.js

reviewed

··· 18 18 finalizeAuthorization, 19 19 getSession, 20 20 OAuthUserAgent, 21 21 + TokenRefreshError, 21 22 } from "@atcute/oauth-browser-client"; 22 23 23 23 - export { OAuthUserAgent }; 24 24 + export { OAuthUserAgent, TokenRefreshError }; 24 25 25 26 /** 26 27 * @import {Session} from "@atcute/oauth-browser-client" ··· 139 140 try { 140 141 return await getSession( 141 142 /** @type {`did:${string}:${string}`} */ (did), 142 142 - { allowStale: true }, 143 143 ); 144 144 } catch (err) { 145 145 console.warn(err); 146 146 - localStorage.removeItem(STORAGE_KEY); 146 146 + clearStoredSession(); 147 147 return null; 148 148 } 149 149 } 150 150 151 151 return null; 152 152 + } 153 153 + 154 154 + // CLEAR SESSION 155 155 + // ============= 156 156 + 157 157 + /** 158 158 + * Remove stored session data without contacting the server. 159 159 + * Used when the session has already been revoked. 160 160 + */ 161 161 + export function clearStoredSession() { 162 162 + const did = localStorage.getItem(STORAGE_KEY); 163 163 + 164 164 + if (did) { 165 165 + deleteStoredSession(/** @type {`did:${string}:${string}`} */ (did)); 166 166 + } 167 167 + 168 168 + localStorage.removeItem(STORAGE_KEY); 152 169 } 153 170 154 171 // LOGOUT