feat: add load_home_data and log_out Tauri commands with IPC wrappers

+528

apps/identity-wallet/src-tauri/src/home.rs

··· 1 + // pattern: Imperative Shell 2 + // 3 + // Gathers: AppState (oauth_session), RelayClient, OAuthClient 4 + // Processes: concurrent _health + getSession + Keychain check 5 + // Returns: HomeData (always Ok — partial failures encoded as fields) 6 + 7 + use std::sync::{Arc, Mutex}; 8 + 9 + use serde_json::Value; 10 + 11 + use crate::oauth::{AppState, OAuthError}; 12 + 13 + // ── Wire types: ATProto getSession response ──────────────────────────────── 14 + 15 + #[derive(Debug, serde::Deserialize)] 16 + #[serde(rename_all = "camelCase")] 17 + struct GetSessionResponse { 18 + did: String, 19 + handle: String, 20 + #[serde(default)] 21 + email: String, 22 + #[serde(default)] 23 + email_confirmed: bool, 24 + did_doc: Option<Value>, 25 + } 26 + 27 + // ── Output types: sent to frontend via Tauri IPC ────────────────────────── 28 + 29 + /// Session info from com.atproto.server.getSession, forwarded to the frontend. 30 + #[derive(Debug, serde::Serialize)] 31 + #[serde(rename_all = "camelCase")] 32 + pub struct SessionInfo { 33 + pub did: String, 34 + pub handle: String, 35 + pub email: String, 36 + pub email_confirmed: bool, 37 + pub did_doc: Option<Value>, 38 + } 39 + 40 + /// Home screen data payload. Always returned as Ok — partial failures 41 + /// (relay unreachable, session expired) are encoded as fields so the UI 42 + /// can render whatever is available. 43 + #[derive(Debug, serde::Serialize)] 44 + #[serde(rename_all = "camelCase")] 45 + pub struct HomeData { 46 + pub relay_healthy: bool, 47 + /// null when getSession failed or no session exists in AppState 48 + pub session: Option<SessionInfo>, 49 + /// SCREAMING_SNAKE_CASE error code when session is null 50 + pub session_error: Option<String>, 51 + pub share1_in_keychain: bool, 52 + } 53 + 54 + // ── Commands ────────────────────────────────────────────────────────────── 55 + 56 + /// Load home screen data: relay health, session info, and Keychain share status. 57 + /// 58 + /// Fires GET /xrpc/_health and GET /xrpc/com.atproto.server.getSession 59 + /// concurrently via tokio::join!. Always succeeds — partial failures are 60 + /// encoded in HomeData fields rather than returned as Err. 61 + #[tauri::command] 62 + pub async fn load_home_data(state: tauri::State<'_, AppState>) -> Result<HomeData, String> { 63 + let share1_in_keychain = crate::keychain::get_item("recovery-share-1").is_ok(); 64 + 65 + // Clone session out of AppState (drops the lock immediately). 66 + let session_opt = { 67 + let guard = state.oauth_session.lock().unwrap(); 68 + guard.clone() 69 + }; 70 + 71 + let Some(session) = session_opt else { 72 + let relay_healthy = check_relay_health().await; 73 + return Ok(HomeData { 74 + relay_healthy, 75 + session: None, 76 + session_error: Some("NOT_AUTHENTICATED".to_string()), 77 + share1_in_keychain, 78 + }); 79 + }; 80 + 81 + let session_arc = Arc::new(Mutex::new(session)); 82 + 83 + let oauth_client = match crate::oauth_client::OAuthClient::new(session_arc.clone()) { 84 + Ok(c) => c, 85 + Err(e) => { 86 + return Ok(HomeData { 87 + relay_healthy: check_relay_health().await, 88 + session: None, 89 + session_error: Some(oauth_error_code(&e)), 90 + share1_in_keychain, 91 + }); 92 + } 93 + }; 94 + 95 + let (relay_healthy, session_result) = tokio::join!( 96 + check_relay_health(), 97 + oauth_client.get("/xrpc/com.atproto.server.getSession"), 98 + ); 99 + 100 + let (session_info, session_error) = match session_result { 101 + Ok(resp) if resp.status().is_success() => { 102 + match resp.json::<GetSessionResponse>().await { 103 + Ok(gs) => { 104 + // Write back potentially-refreshed tokens to AppState. 105 + let refreshed = session_arc.lock().unwrap().clone(); 106 + *state.oauth_session.lock().unwrap() = Some(refreshed); 107 + ( 108 + Some(SessionInfo { 109 + did: gs.did, 110 + handle: gs.handle, 111 + email: gs.email, 112 + email_confirmed: gs.email_confirmed, 113 + did_doc: gs.did_doc, 114 + }), 115 + None, 116 + ) 117 + } 118 + Err(e) => { 119 + tracing::error!(error = %e, "getSession deserialization failed"); 120 + (None, Some("SESSION_PARSE_ERROR".to_string())) 121 + } 122 + } 123 + } 124 + Ok(resp) => { 125 + tracing::warn!(status = %resp.status(), "getSession returned non-success"); 126 + (None, Some("NOT_AUTHENTICATED".to_string())) 127 + } 128 + Err(e) => (None, Some(oauth_error_code(&e))), 129 + }; 130 + 131 + Ok(HomeData { 132 + relay_healthy, 133 + session: session_info, 134 + session_error, 135 + share1_in_keychain, 136 + }) 137 + } 138 + 139 + /// Clear OAuth tokens and DID from Keychain and wipe the in-memory session. 140 + /// 141 + /// Always succeeds — Keychain delete errors are swallowed so the frontend 142 + /// unconditionally navigates to the welcome screen. 143 + #[tauri::command] 144 + pub async fn log_out(state: tauri::State<'_, AppState>) -> Result<(), String> { 145 + let _ = crate::keychain::delete_item("oauth-access-token"); 146 + let _ = crate::keychain::delete_item("oauth-refresh-token"); 147 + let _ = crate::keychain::delete_item("did"); 148 + *state.oauth_session.lock().unwrap() = None; 149 + Ok(()) 150 + } 151 + 152 + // ── Private helpers ─────────────────────────────────────────────────────── 153 + 154 + /// Creates a new RelayClient on each call. Acceptable because load_home_data 155 + /// is invoked at most once per user-initiated home screen refresh; the cost is 156 + /// not significant at this call frequency. 157 + async fn check_relay_health() -> bool { 158 + crate::http::RelayClient::new() 159 + .get("/xrpc/_health") 160 + .await 161 + .map(|r| r.status().is_success()) 162 + .unwrap_or(false) 163 + } 164 + 165 + fn oauth_error_code(e: &OAuthError) -> String { 166 + serde_json::to_value(e) 167 + .ok() 168 + .and_then(|v| v["code"].as_str().map(String::from)) 169 + .unwrap_or_else(|| "UNKNOWN".to_string()) 170 + } 171 + 172 + // ── Test helper: injectable base URLs ───────────────────────────────────── 173 + 174 + #[cfg(test)] 175 + async fn load_home_data_with_urls( 176 + relay_base: &str, 177 + oauth_base: &str, 178 + session: Option<crate::oauth::OAuthSession>, 179 + app_state: &AppState, 180 + ) -> HomeData { 181 + let share1_in_keychain = crate::keychain::get_item("recovery-share-1").is_ok(); 182 + 183 + let Some(s) = session else { 184 + let relay_healthy = reqwest::Client::new() 185 + .get(format!("{}/xrpc/_health", relay_base)) 186 + .send() 187 + .await 188 + .map(|r| r.status().is_success()) 189 + .unwrap_or(false); 190 + return HomeData { 191 + relay_healthy, 192 + session: None, 193 + session_error: Some("NOT_AUTHENTICATED".to_string()), 194 + share1_in_keychain, 195 + }; 196 + }; 197 + 198 + let session_arc = Arc::new(Mutex::new(s)); 199 + 200 + let dpop = crate::oauth::DPoPKeypair::get_or_create().expect("keypair must exist"); 201 + let oauth_client = crate::oauth_client::OAuthClient::new_for_test( 202 + dpop, 203 + session_arc.clone(), 204 + oauth_base.to_string(), 205 + ); 206 + 207 + let relay_client = reqwest::Client::new(); 208 + let (health_result, session_result) = tokio::join!( 209 + relay_client 210 + .get(format!("{}/xrpc/_health", relay_base)) 211 + .send(), 212 + oauth_client.get("/xrpc/com.atproto.server.getSession"), 213 + ); 214 + 215 + let relay_healthy = health_result 216 + .map(|r| r.status().is_success()) 217 + .unwrap_or(false); 218 + 219 + let (session_info, session_error) = match session_result { 220 + Ok(resp) if resp.status().is_success() => match resp.json::<GetSessionResponse>().await { 221 + Ok(gs) => { 222 + let refreshed = session_arc.lock().unwrap().clone(); 223 + *app_state.oauth_session.lock().unwrap() = Some(refreshed); 224 + ( 225 + Some(SessionInfo { 226 + did: gs.did, 227 + handle: gs.handle, 228 + email: gs.email, 229 + email_confirmed: gs.email_confirmed, 230 + did_doc: gs.did_doc, 231 + }), 232 + None, 233 + ) 234 + } 235 + Err(_) => (None, Some("SESSION_PARSE_ERROR".to_string())), 236 + }, 237 + Ok(resp) => { 238 + let _status = resp.status().as_u16(); 239 + (None, Some("NOT_AUTHENTICATED".to_string())) 240 + } 241 + Err(e) => (None, Some(oauth_error_code(&e))), 242 + }; 243 + 244 + HomeData { 245 + relay_healthy, 246 + session: session_info, 247 + session_error, 248 + share1_in_keychain, 249 + } 250 + } 251 + 252 + #[cfg(test)] 253 + mod tests { 254 + use super::*; 255 + use crate::oauth::{AppState, OAuthSession}; 256 + use httpmock::prelude::*; 257 + 258 + fn make_session(access: &str) -> OAuthSession { 259 + OAuthSession { 260 + access_token: access.to_string(), 261 + refresh_token: "refresh".to_string(), 262 + expires_at: u64::MAX, // never expires 263 + dpop_nonce: None, 264 + } 265 + } 266 + 267 + // ── Serialization ────────────────────────────────────────────────────── 268 + 269 + #[test] 270 + fn home_data_serializes_camel_case() { 271 + let data = HomeData { 272 + relay_healthy: true, 273 + session: Some(SessionInfo { 274 + did: "did:plc:abc".into(), 275 + handle: "alice.test".into(), 276 + email: "alice@example.com".into(), 277 + email_confirmed: true, 278 + did_doc: None, 279 + }), 280 + session_error: None, 281 + share1_in_keychain: true, 282 + }; 283 + let json = serde_json::to_value(&data).unwrap(); 284 + assert_eq!(json["relayHealthy"], true); 285 + assert_eq!(json["session"]["did"], "did:plc:abc"); 286 + assert_eq!(json["session"]["handle"], "alice.test"); 287 + assert_eq!(json["session"]["emailConfirmed"], true); 288 + assert_eq!(json["sessionError"], serde_json::Value::Null); 289 + assert_eq!(json["share1InKeychain"], true); 290 + } 291 + 292 + #[test] 293 + fn home_data_session_null_serializes_error_code() { 294 + let data = HomeData { 295 + relay_healthy: false, 296 + session: None, 297 + session_error: Some("NOT_AUTHENTICATED".to_string()), 298 + share1_in_keychain: false, 299 + }; 300 + let json = serde_json::to_value(&data).unwrap(); 301 + assert_eq!(json["session"], serde_json::Value::Null); 302 + assert_eq!(json["sessionError"], "NOT_AUTHENTICATED"); 303 + assert_eq!(json["relayHealthy"], false); 304 + } 305 + 306 + // ── log_out Keychain behavior ────────────────────────────────────────── 307 + 308 + /// Store the three OAuth items that log_out must delete. 309 + fn store_oauth_keychain_items() { 310 + crate::keychain::store_item("oauth-access-token", b"access").unwrap(); 311 + crate::keychain::store_item("oauth-refresh-token", b"refresh").unwrap(); 312 + crate::keychain::store_item("did", b"did:plc:abc").unwrap(); 313 + } 314 + 315 + /// Execute the same Keychain + AppState wipe that log_out performs. 316 + /// Used in tests because Tauri commands can't be called without an app handle. 317 + fn simulate_log_out(state: &AppState) { 318 + let _ = crate::keychain::delete_item("oauth-access-token"); 319 + let _ = crate::keychain::delete_item("oauth-refresh-token"); 320 + let _ = crate::keychain::delete_item("did"); 321 + *state.oauth_session.lock().unwrap() = None; 322 + } 323 + 324 + #[tokio::test] 325 + async fn log_out_deletes_oauth_and_did_from_keychain() { 326 + store_oauth_keychain_items(); 327 + let state = AppState::new(); 328 + *state.oauth_session.lock().unwrap() = Some(make_session("access")); 329 + simulate_log_out(&state); 330 + assert!(crate::keychain::get_item("oauth-access-token").is_err()); 331 + assert!(crate::keychain::get_item("oauth-refresh-token").is_err()); 332 + assert!(crate::keychain::get_item("did").is_err()); 333 + assert!(state.oauth_session.lock().unwrap().is_none()); 334 + } 335 + 336 + #[tokio::test] 337 + async fn log_out_succeeds_when_keychain_items_absent() { 338 + // Items may not exist — log_out must not panic. AC4.7. 339 + let state = AppState::new(); 340 + simulate_log_out(&state); 341 + } 342 + 343 + #[tokio::test] 344 + async fn log_out_preserves_device_and_dpop_keys() { 345 + // Store OAuth items AND keys that must survive logout. 346 + store_oauth_keychain_items(); 347 + crate::keychain::store_item("oauth-dpop-key-priv", b"dpop-key-bytes").unwrap(); 348 + crate::keychain::store_item("device-rotation-key-priv", b"device-key-bytes").unwrap(); 349 + 350 + let state = AppState::new(); 351 + simulate_log_out(&state); 352 + 353 + // OAuth items gone. 354 + assert!(crate::keychain::get_item("oauth-access-token").is_err()); 355 + // Device and DPoP keys must NOT have been deleted (AC3.3). 356 + assert!( 357 + crate::keychain::get_item("oauth-dpop-key-priv").is_ok(), 358 + "DPoP key must remain after logout" 359 + ); 360 + assert!( 361 + crate::keychain::get_item("device-rotation-key-priv").is_ok(), 362 + "device key must remain after logout" 363 + ); 364 + 365 + // Cleanup so other tests are not affected. 366 + let _ = crate::keychain::delete_item("oauth-dpop-key-priv"); 367 + let _ = crate::keychain::delete_item("device-rotation-key-priv"); 368 + } 369 + 370 + // ── load_home_data: unauthenticated path ─────────────────────────────── 371 + 372 + #[tokio::test] 373 + async fn load_home_data_no_session_returns_not_authenticated() { 374 + let server = MockServer::start(); 375 + server.mock(|when, then| { 376 + when.method(GET).path("/xrpc/_health"); 377 + then.status(200).body(r#"{"version":"0.1.0"}"#); 378 + }); 379 + 380 + let state = AppState::new(); // no oauth_session 381 + let data = 382 + load_home_data_with_urls(&server.base_url(), &server.base_url(), None, &state).await; 383 + 384 + assert!(data.relay_healthy); 385 + assert!(data.session.is_none()); 386 + assert_eq!(data.session_error.as_deref(), Some("NOT_AUTHENTICATED")); 387 + } 388 + 389 + // ── load_home_data: relay health (AC4.1, AC4.3, AC2.1, AC2.2) ───────── 390 + 391 + #[tokio::test] 392 + async fn load_home_data_relay_healthy_true_when_health_returns_200() { 393 + let server = MockServer::start(); 394 + server.mock(|when, then| { 395 + when.method(GET).path("/xrpc/_health"); 396 + then.status(200).body(r#"{"version":"0.1.0"}"#); 397 + }); 398 + server.mock(|when, then| { 399 + when.method(GET).path("/xrpc/com.atproto.server.getSession"); 400 + then.status(200).json_body(serde_json::json!({ 401 + "did": "did:plc:abc", 402 + "handle": "alice.test", 403 + "email": "alice@example.com", 404 + "emailConfirmed": true, 405 + "didDoc": null 406 + })); 407 + }); 408 + 409 + let state = AppState::new(); 410 + let data = load_home_data_with_urls( 411 + &server.base_url(), 412 + &server.base_url(), 413 + Some(make_session("access")), 414 + &state, 415 + ) 416 + .await; 417 + 418 + assert!( 419 + data.relay_healthy, 420 + "relay_healthy must be true when _health returns 200" 421 + ); 422 + } 423 + 424 + #[tokio::test] 425 + async fn load_home_data_relay_healthy_false_when_health_fails() { 426 + let server = MockServer::start(); 427 + server.mock(|when, then| { 428 + when.method(GET).path("/xrpc/_health"); 429 + then.status(503); 430 + }); 431 + server.mock(|when, then| { 432 + when.method(GET).path("/xrpc/com.atproto.server.getSession"); 433 + then.status(200).json_body(serde_json::json!({ 434 + "did": "did:plc:abc", 435 + "handle": "alice.test", 436 + "email": "", 437 + "emailConfirmed": false, 438 + "didDoc": null 439 + })); 440 + }); 441 + 442 + let state = AppState::new(); 443 + let data = load_home_data_with_urls( 444 + &server.base_url(), 445 + &server.base_url(), 446 + Some(make_session("access")), 447 + &state, 448 + ) 449 + .await; 450 + 451 + assert!( 452 + !data.relay_healthy, 453 + "relay_healthy must be false when _health returns 503" 454 + ); 455 + // Session can still be populated (AC2.5: statuses are independent) 456 + assert!( 457 + data.session.is_some(), 458 + "session should still be populated when relay fails" 459 + ); 460 + } 461 + 462 + // ── load_home_data: session (AC4.2, AC4.4, AC2.3, AC2.4) ────────────── 463 + 464 + #[tokio::test] 465 + async fn load_home_data_session_populated_when_get_session_succeeds() { 466 + let server = MockServer::start(); 467 + server.mock(|when, then| { 468 + when.method(GET).path("/xrpc/_health"); 469 + then.status(200).body(r#"{"version":"0.1.0"}"#); 470 + }); 471 + server.mock(|when, then| { 472 + when.method(GET).path("/xrpc/com.atproto.server.getSession"); 473 + then.status(200).json_body(serde_json::json!({ 474 + "did": "did:plc:xyz123", 475 + "handle": "bob.test", 476 + "email": "bob@example.com", 477 + "emailConfirmed": false, 478 + "didDoc": null 479 + })); 480 + }); 481 + 482 + let state = AppState::new(); 483 + let data = load_home_data_with_urls( 484 + &server.base_url(), 485 + &server.base_url(), 486 + Some(make_session("access")), 487 + &state, 488 + ) 489 + .await; 490 + 491 + let session = data.session.expect("session must be populated"); 492 + assert_eq!(session.did, "did:plc:xyz123"); 493 + assert_eq!(session.handle, "bob.test"); 494 + assert_eq!(session.email, "bob@example.com"); 495 + assert_eq!(session.email_confirmed, false); 496 + assert!(data.session_error.is_none()); 497 + } 498 + 499 + #[tokio::test] 500 + async fn load_home_data_session_null_when_get_session_fails() { 501 + let server = MockServer::start(); 502 + server.mock(|when, then| { 503 + when.method(GET).path("/xrpc/_health"); 504 + then.status(200).body(r#"{"version":"0.1.0"}"#); 505 + }); 506 + server.mock(|when, then| { 507 + when.method(GET).path("/xrpc/com.atproto.server.getSession"); 508 + then.status(401); 509 + }); 510 + 511 + let state = AppState::new(); 512 + let data = load_home_data_with_urls( 513 + &server.base_url(), 514 + &server.base_url(), 515 + Some(make_session("access")), 516 + &state, 517 + ) 518 + .await; 519 + 520 + assert!(data.session.is_none()); 521 + assert!( 522 + data.session_error.is_some(), 523 + "sessionError must be set when getSession fails" 524 + ); 525 + // relay is still healthy (AC2.5: independent statuses) 526 + assert!(data.relay_healthy); 527 + } 528 + }

+3

apps/identity-wallet/src-tauri/src/lib.rs

··· 1 1 pub mod device_key; 2 + pub mod home; 2 3 pub mod http; 3 4 pub mod keychain; 4 5 pub mod oauth; ··· 440 441 get_or_create_device_key, 441 442 sign_with_device_key, 442 443 perform_did_ceremony, 444 + home::load_home_data, 445 + home::log_out, 443 446 oauth::start_oauth_flow, 444 447 ]) 445 448 .run(tauri::generate_context!())

+1

apps/identity-wallet/src-tauri/src/oauth.rs

··· 265 265 // ── OAuth session ───────────────────────────────────────────────────────────── 266 266 267 267 /// Active OAuth session stored in AppState after successful token exchange. 268 + #[derive(Clone)] 268 269 pub struct OAuthSession { 269 270 pub access_token: String, 270 271 pub refresh_token: String,

+50

apps/identity-wallet/src/lib/ipc.ts

··· 176 176 | { code: 'NOT_AUTHENTICATED' }; 177 177 178 178 export const startOAuthFlow = (): Promise<void> => invoke('start_oauth_flow'); 179 + 180 + // ── Home screen ────────────────────────────────────────────────────────── 181 + // 182 + // These types must exactly match the Rust structs in home.rs. 183 + // Rust serializes them with #[serde(rename_all = "camelCase")]. 184 + 185 + /** 186 + * Session info returned by com.atproto.server.getSession. 187 + * null fields (email, emailConfirmed) default to empty string / false 188 + * when the relay omits them. 189 + */ 190 + export type SessionInfo = { 191 + did: string; 192 + handle: string; 193 + email: string; 194 + emailConfirmed: boolean; 195 + /** Full DID document object, or null when the relay has none for this DID. */ 196 + didDoc: Record<string, unknown> | null; 197 + }; 198 + 199 + /** 200 + * Home screen data payload from the `load_home_data` Rust command. 201 + * 202 + * Always resolves (never rejects) — partial failures are encoded as fields 203 + * so the UI can render whatever is available. 204 + */ 205 + export type HomeData = { 206 + relayHealthy: boolean; 207 + /** null when getSession failed or no session exists */ 208 + session: SessionInfo | null; 209 + /** SCREAMING_SNAKE_CASE error code when session is null */ 210 + sessionError: string | null; 211 + share1InKeychain: boolean; 212 + }; 213 + 214 + /** 215 + * Load relay health, session info, and Keychain share status concurrently. 216 + * 217 + * Always resolves — never rejects. Partial failures encoded in HomeData fields. 218 + */ 219 + export const loadHomeData = (): Promise<HomeData> => 220 + invoke<HomeData>('load_home_data').then((data) => data); 221 + 222 + /** 223 + * Clear OAuth access token, refresh token, and DID from Keychain and wipe 224 + * the in-memory session. 225 + * 226 + * Always resolves. Frontend should unconditionally navigate to the welcome screen. 227 + */ 228 + export const logOut = (): Promise<void> => invoke('log_out').then(() => undefined);

Configure Feed

Configure Feed