From df66f6b84d908630105d9baa1a67501e1b250d7e Mon Sep 17 00:00:00 2001
From: Marc Glasser <marc.aaron.glasser@gmail.com>
Date: Wed, 22 Sep 2021 16:25:43 -1000
Subject: [PATCH 1/4] do this

---
 src/libs/API.js             | 1 -
 src/libs/actions/Session.js | 4 +++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/libs/API.js b/src/libs/API.js
index 9e397c39c4b..ae5a43b43e8 100644
--- a/src/libs/API.js
+++ b/src/libs/API.js
@@ -265,7 +265,6 @@ function reauthenticate(command = '') {
         partnerPassword: CONFIG.EXPENSIFY.PARTNER_PASSWORD,
         partnerUserID: credentials.autoGeneratedLogin,
         partnerUserSecret: credentials.autoGeneratedPassword,
-        authToken,
     })
         .then((response) => {
             // If authentication fails throw so that we hit
diff --git a/src/libs/actions/Session.js b/src/libs/actions/Session.js
index 378a0f5d65c..3a65763941d 100644
--- a/src/libs/actions/Session.js
+++ b/src/libs/actions/Session.js
@@ -174,13 +174,15 @@ function createTemporaryLogin(authToken, encryptedAuthToken, email) {
         doNotRetry: true,
         forceNetworkRequest: true,
         email,
+        includeEncryptedAuthToken: true,
     })
         .then((createLoginResponse) => {
+            console.log({createLoginResponse});
             if (createLoginResponse.jsonCode !== 200) {
                 throw new Error(createLoginResponse.message);
             }
 
-            setSuccessfulSignInData({...createLoginResponse, encryptedAuthToken});
+            setSuccessfulSignInData({...createLoginResponse});
 
             // If we have an old generated login for some reason
             // we should delete it before storing the new details

From 5ed02a654b700bd82e112e17f0eb94cda37a2d1d Mon Sep 17 00:00:00 2001
From: Marc Glasser <marc.aaron.glasser@gmail.com>
Date: Wed, 22 Sep 2021 17:14:30 -1000
Subject: [PATCH 2/4] remove log

---
 src/libs/actions/Session.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/libs/actions/Session.js b/src/libs/actions/Session.js
index 3a65763941d..cb75ac455e3 100644
--- a/src/libs/actions/Session.js
+++ b/src/libs/actions/Session.js
@@ -177,7 +177,6 @@ function createTemporaryLogin(authToken, encryptedAuthToken, email) {
         includeEncryptedAuthToken: true,
     })
         .then((createLoginResponse) => {
-            console.log({createLoginResponse});
             if (createLoginResponse.jsonCode !== 200) {
                 throw new Error(createLoginResponse.message);
             }

From efa7206dd71098ca61cee83340d914893f7bf869 Mon Sep 17 00:00:00 2001
From: Marc Glasser <marc.aaron.glasser@gmail.com>
Date: Mon, 27 Sep 2021 08:50:17 -1000
Subject: [PATCH 3/4] only uri encode encryptedAuthToken when using it

---
 src/libs/actions/Session.js               | 17 +++++++----------
 src/libs/addEncryptedAuthTokenToURL.js    |  2 +-
 src/pages/LogInWithShortLivedTokenPage.js |  3 +--
 3 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/src/libs/actions/Session.js b/src/libs/actions/Session.js
index cb75ac455e3..ff48aa393fa 100644
--- a/src/libs/actions/Session.js
+++ b/src/libs/actions/Session.js
@@ -157,11 +157,10 @@ function fetchAccountDetails(login) {
  * re-authenticating after an authToken expires.
  *
  * @param {String} authToken
- * @param {String} encryptedAuthToken – Not required for the CreateLogin API call, but passed to setSuccessfulSignInData
  * @param {String} email
  * @return {Promise}
  */
-function createTemporaryLogin(authToken, encryptedAuthToken, email) {
+function createTemporaryLogin(authToken, email) {
     const autoGeneratedLogin = Str.guid('expensify.cash-');
     const autoGeneratedPassword = Str.guid();
 
@@ -181,7 +180,7 @@ function createTemporaryLogin(authToken, encryptedAuthToken, email) {
                 throw new Error(createLoginResponse.message);
             }
 
-            setSuccessfulSignInData({...createLoginResponse});
+            setSuccessfulSignInData(createLoginResponse);
 
             // If we have an old generated login for some reason
             // we should delete it before storing the new details
@@ -230,9 +229,8 @@ function signIn(password, twoFactorAuthCode) {
         twoFactorAuthCode,
         email: credentials.login,
     })
-        .then((authenticateResponse) => {
-            const {authToken, encryptedAuthToken, email} = authenticateResponse;
-            createTemporaryLogin(authToken, encryptedAuthToken, email);
+        .then(({authToken, email}) => {
+            createTemporaryLogin(authToken, email);
         })
         .catch((error) => {
             Onyx.merge(ONYXKEYS.ACCOUNT, {error: translateLocal(error.message), loading: false});
@@ -245,12 +243,11 @@ function signIn(password, twoFactorAuthCode) {
  * @param {String} accountID
  * @param {String} email
  * @param {String} shortLivedToken
- * @param {string} encryptedAuthToken
  */
-function signInWithShortLivedToken(accountID, email, shortLivedToken, encryptedAuthToken) {
+function signInWithShortLivedToken(accountID, email, shortLivedToken) {
     Onyx.merge(ONYXKEYS.ACCOUNT, {...CONST.DEFAULT_ACCOUNT_DATA, loading: true});
 
-    createTemporaryLogin(shortLivedToken, encryptedAuthToken, email).then((response) => {
+    createTemporaryLogin(shortLivedToken, email).then((response) => {
         Onyx.merge(ONYXKEYS.SESSION, {
             authToken: shortLivedToken,
             accountID,
@@ -298,7 +295,7 @@ function setPassword(password, validateCode, accountID) {
     })
         .then((response) => {
             if (response.jsonCode === 200) {
-                createTemporaryLogin(response.authToken, response.encryptedAuthToken, response.email);
+                createTemporaryLogin(response.authToken, response.email);
                 return;
             }
 
diff --git a/src/libs/addEncryptedAuthTokenToURL.js b/src/libs/addEncryptedAuthTokenToURL.js
index 82c4c1ac640..d0d910e6134 100644
--- a/src/libs/addEncryptedAuthTokenToURL.js
+++ b/src/libs/addEncryptedAuthTokenToURL.js
@@ -15,5 +15,5 @@ Onyx.connect({
  * @returns {String}
  */
 export default function (url) {
-    return `${url}?encryptedAuthToken=${encryptedAuthToken}`;
+    return `${url}?encryptedAuthToken=${encodeURIComponent(encryptedAuthToken)}`;
 }
diff --git a/src/pages/LogInWithShortLivedTokenPage.js b/src/pages/LogInWithShortLivedTokenPage.js
index e409b76217a..c163af03170 100644
--- a/src/pages/LogInWithShortLivedTokenPage.js
+++ b/src/pages/LogInWithShortLivedTokenPage.js
@@ -51,7 +51,6 @@ class LogInWithShortLivedTokenPage extends Component {
         const accountID = parseInt(lodashGet(this.props.route.params, 'accountID', ''), 10);
         const email = lodashGet(this.props.route.params, 'email', '');
         const shortLivedToken = lodashGet(this.props.route.params, 'shortLivedToken', '');
-        const encryptedAuthToken = lodashGet(this.props.route.params, 'encryptedAuthToken', '');
 
         // exitTo is URI encoded because it could contain a variable number of slashes (i.e. "workspace/new" vs "workspace/<ID>/card")
         const exitTo = decodeURIComponent(lodashGet(this.props.route.params, 'exitTo', ''));
@@ -68,7 +67,7 @@ class LogInWithShortLivedTokenPage extends Component {
             Navigation.navigate(exitTo);
         }
 
-        signInWithShortLivedToken(accountID, email, shortLivedToken, encryptedAuthToken);
+        signInWithShortLivedToken(accountID, email, shortLivedToken);
     }
 
     render() {

From 83e99036169905dd142dec23c2261baa34ab73f2 Mon Sep 17 00:00:00 2001
From: Marc Glasser <marc.aaron.glasser@gmail.com>
Date: Mon, 27 Sep 2021 09:47:57 -1000
Subject: [PATCH 4/4] dont set the shortLivedToken because we are setting a
 long lived token in the CreateLogin response

---
 src/libs/actions/Session.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/libs/actions/Session.js b/src/libs/actions/Session.js
index ff48aa393fa..afd21b1cc8e 100644
--- a/src/libs/actions/Session.js
+++ b/src/libs/actions/Session.js
@@ -249,7 +249,6 @@ function signInWithShortLivedToken(accountID, email, shortLivedToken) {
 
     createTemporaryLogin(shortLivedToken, email).then((response) => {
         Onyx.merge(ONYXKEYS.SESSION, {
-            authToken: shortLivedToken,
             accountID,
             email,
         });