Add support for 410 responses in OAuth requests#693
Open
grappigegovert wants to merge 3 commits into
Open
Conversation
A 410 response occurs when IOI's server did not expect the supplied profile ID - either when the supplied profile ID is linked to a different external user id or when the profile ID does not exist at all.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds support for handling 410 responses coming from IOI's servers when sending an oauth request, and also adds support for sending 410 responses of our own in oauth requests.
A response of
410 Goneis sent by IOI's servers when sending a request to/oauth/tokenwithpIdset to a profile id that is not linked with the external user id used for the authentication.When the game receives such a response, it will retry the oauth request with
pIdset to an empty string.Scope
I have added this retry logic (to mimic the game client) in
officialServerAuth.ts, and changed some bits inwebFeatures.tsto use the correct new profile id returned by IOI's servers.If a user is logged into peacock with a profile id that does not match their profile id on official servers, this will allow them to still do a progression transfer instead of hitting an error. (This can happen for example when logging into peacock without having logged into official servers before)
Peacock can now also send a 410 response when
pIdin the oauth request does not match the profile id linked to the external user.If for example a user now switches steam accounts and logs into peacock again, a new profile will be created instead of linking the second steam account to the same user profile used by the first steam account. Before this fix both steam users would be linked to the same peacock profile
Test Plan
I have done some testing with this of course and I think it all works correctly but I didn't want to straight push this to master without someone else looking at it first.
I thought about adding an
officialUserIdfield to user profiles so we only have to do the retry once, but because the large majority of users will never need this (their official user id is just the same as their peacock profile id) I'm not sure; I'd like to hear your thoughtsGeneral
Testing