feat(auth): tolerate AUTH_STORE_READ_FAILED in logout --user (2/4)#26
Conversation
doistbot
left a comment
doistbot
left a comment
There was a problem hiding this comment.
This PR usefully enhances the authentication flow by introducing the AUTH_STORE_READ_FAILED error code to allow logout --user <ref> to proceed even when the token itself cannot be read. The changes logically isolate the new contract addition, making the TokenStore more robust and smoothly paving the way for the upcoming keyring implementation. A few adjustments are noted, such as ensuring the onCleared callback retains the requested reference when an account is unreadable, utilizing the existing buildStore helper to avoid test duplication, adding missing test coverage for the token-view command, and keeping the accountNotFoundError helper file-local to prevent a dead export.
scottlovegrove
force-pushed
the
feat/auth-store-read-failed
branch
from
644b8c5 to
2cd6aaf
Compare
|
@doistbot /review |
scottlovegrove
force-pushed
the
feat/keyring-primitive
branch
from
165fb07 to
5b0cfd7
Compare
scottlovegrove
force-pushed
the
feat/auth-store-read-failed
branch
from
2cd6aaf to
5092110
Compare
doistbot
left a comment
doistbot
left a comment
There was a problem hiding this comment.
This PR effectively introduces handling for AUTH_STORE_READ_FAILED in the authentication flow, ensuring logout --user can proceed smoothly even when the backing token store is unreadable. The targeted error recovery and extracted helpers create a highly resilient contract for upcoming keyring integrations. A few adjustments are needed to accurately reflect the pre-flight error handling in the contract documentation, streamline the conditional logic for snapshot retrieval, and strengthen the assertions in the error propagation tests.
scottlovegrove
force-pushed
the
feat/auth-store-read-failed
branch
3 times, most recently
from
e5b268a to
93bb598
Compare
scottlovegrove
force-pushed
the
feat/auth-store-read-failed
branch
2 times, most recently
from
3c50122 to
fe9ab44
Compare
|
@doistbot /review |
doistbot
left a comment
doistbot
left a comment
There was a problem hiding this comment.
This PR introduces the AUTH_STORE_READ_FAILED error code to allow the logout command to successfully clear records even when the underlying token is unreadable. It is a thoughtful enhancement to the authentication contract that improves the robustness of the CLI against offline keyrings. A few minor additions have been flagged for completeness, specifically updating the TokenStore.active() JSDoc to document the new failure mode and ensuring test coverage includes both the token-view error propagation and plain logouts without hooks.
| }) | ||
| }) | ||
|
|
||
| it('surfaces AUTH_STORE_READ_FAILED end-to-end (does not collapse to ACCOUNT_NOT_FOUND)', async () => { |
There was a problem hiding this comment.
[P2] This test successfully asserts error propagation for status, but the analogous test for token-view mentioned in the PR conversation appears to have been omitted from the diff. Please ensure token-view.test.ts is staged and included.
There was a problem hiding this comment.
Held — earlier in this PR's review history we explicitly dropped the analogous token-view test as redundant with the status propagation test (both attachers go through the same requireSnapshotForRef with no local catch, so they share a code path and a regression would surface in either).
A `TokenStore` may legitimately throw `CliError('AUTH_STORE_READ_FAILED', …)`
from `active(ref)` when a matching record exists but the token itself
can't be read — e.g. an OS keyring backing the store is offline. Without
special handling, that would abort `logout --user <ref>` even though
local clear doesn't need the token; only the server-side `revokeToken`
hook does, and the hook is harmlessly skipped when the snapshot is
unavailable.
Changes:
- Add `AUTH_STORE_READ_FAILED` to `AuthErrorCode`.
- `attachLogoutCommand` catches it on the explicit-ref pre-flight and
proceeds with `clear(ref)`. Other typed errors (notably
`ACCOUNT_NOT_FOUND` from a genuine ref miss) still propagate.
- `attachStatusCommand` / `attachTokenViewCommand` propagate the error
unchanged — they can't render without the token.
- Add a `ref` field to `AttachLogoutContext` (and the revoke context).
It is set to the `--user <ref>` argument or `undefined` when absent,
so a consumer's `onCleared` callback can distinguish "nothing was
stored" (`account: null`, `ref: undefined`) from "cleared an
unreadable record by ref" (`account: null`, `ref: "me"`).
- Keep `accountNotFoundError(ref)` as a file-local helper in
`auth/user-flag.ts` so a future caller can lift it without
duplicating the error wording.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
scottlovegrove
force-pushed
the
feat/auth-store-read-failed
branch
from
fe9ab44 to
3e86be6
Compare
## [0.14.0](v0.13.0...v0.14.0) (2026-05-16) ### Features * **auth:** tolerate AUTH_STORE_READ_FAILED in logout --user ([#26](#26)) ([23652bc](23652bc))
|
🎉 This PR is included in version 0.14.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
2 participants
Stack position: 2 / 4 — base is #25 (
feat/keyring-primitive). Replaces part of #24.Summary
A
TokenStoremay legitimately throwCliError('AUTH_STORE_READ_FAILED', …)fromactive(ref)when a matching record exists but the token itself can't be read (e.g. an OS keyring backing the store is offline). Without special handling,logout --user <ref>would abort even thoughclear(ref)doesn't need the token.AUTH_STORE_READ_FAILEDtoAuthErrorCode.attachLogoutCommandcatches it on the explicit-ref pre-flight and proceeds withclear(ref). Other typed errors (notablyACCOUNT_NOT_FOUNDfrom a genuine miss) still propagate.attachStatusCommand/attachTokenViewCommandpropagate the error unchanged — they can't render without the token.accountNotFoundError(ref)helper inauth/user-flag.tsso PR 3'ssetDefaultcan share the construction.Why now
The concrete thrower is in PR 3 (
createKeyringTokenStore), but this attacher behavioural change is logically a contract addition — anyTokenStoreconsumer can use it — and reviews cleaner on its own.Test plan
npm run type-check,npm run check,npm test(307 passing, +3 new attacher tests)logout --user <ref>against acreateKeyringTokenStorewithDBUS_SESSION_BUS_ADDRESSunset.🤖 Generated with Claude Code