Access token refresh for websockets was not updating the location metadata #6631
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
michael-wb
force-pushed
the
mwb/update-location-on-login
branch
from
2b68702
to
32616bf
Compare
michael-wb
force-pushed
the
mwb/update-location-on-login
branch
from
919604a
to
067c9bd
Compare
michael-wb
changed the title
…location-on-login
| @@ -288,8 +288,9 @@ class CApiUnitTestTransport : public app::GenericNetworkTransport { | |||
| std::string m_provider_type; | |||
|
|
|||
| public: | |||
| CApiUnitTestTransport(const std::string& provider_type = "anon-user") | |||
| : m_provider_type(provider_type) | |||
| CApiUnitTestTransport(const std::string& provider_type = {}, uint64_t request_timeout = 60000) | |||
There was a problem hiding this comment.
why the change for the provider_type? I think the previous default value fit it well
There was a problem hiding this comment.
I moved the default designation to the member variable initializer (if the string is empty) so I could call this constructor from a different constructor that only takes the request_timeout value without having to duplicate the "anon-user" string.
There was a problem hiding this comment.
This test started failing due to the request_timeout being set to 2500 instead of the default 60000. I don't know why it wasn't failing before...
…location-on-login
kmorkos
approved these changes
May 18, 2023
src/realm/object-store/sync/app.cpp
Outdated
Comment on lines
662
to
665
| // Always update the location on a login to keep the location metadata up to date in cases where | ||
| // the transport handles the redirection automatically and does not return the redirect response | ||
| // Since the user is logged out as part of a deployment model change, the user will need to log in | ||
| // again, but Core will not know that this was driven by an HTTP redirection. |
There was a problem hiding this comment.
[nit] I think the first half of this comment is missing a lot of context on why redirects are relevant here. Maybe reword so it leads with some more context?
…ting location update to use flag
ironage
approved these changes
May 19, 2023
| @@ -902,7 +924,10 @@ void App::init_app_metadata(UniqueFunction<void(const Optional<Response>&)>&& co | |||
| // No metadata in use, update the hostname and sync route directly | |||
| self->update_hostname(hostname, ws_hostname); | |||
| } | |||
| self->m_location_updated = true; | |||
| { | |||
| std::lock_guard<std::mutex> lock(*self->m_route_mutex); | |||
There was a problem hiding this comment.
consider using util::CheckedMutex and associated GUARDED_BY on m_location_updated so that the compiler tells us if we forget things like this (non-blocking)
There was a problem hiding this comment.
Thanks - I am actually going to do this in a separate PR with some clean up of the App route components.
| if (request_count++ == 0) { | ||
| logger->trace("request.url (%1): %2", request_count, request.url); | ||
| // First request should be to location | ||
| REQUIRE(request.url.find_first_of("/location") != std::string::npos); |
src/realm/object-store/sync/app.cpp
Outdated
| // the HTTP and websocket URL values will never be updated with the new server location. | ||
| { | ||
| std::lock_guard<std::mutex> lock(*m_route_mutex); | ||
| m_location_updated = false; |
There was a problem hiding this comment.
This is a bit hard to follow and error prone imo. Is it possible to add it as a parameter parameter to do_request? There doesn't seem to be much logic around it.
There was a problem hiding this comment.
Removed updating the bool directly and moved the logic into do_request() via an extra update_location parameter to force updating the location info.
danieltabacaru
approved these changes
May 22, 2023
papafe
added a commit
that referenced
this pull request
May 30, 2023
…e-core-13.13 * commit '36b2df44453ba5e830369c76ab0683799a287605': (34 commits) core release 13.13.0 Fix an assertion failure if an async write callback ran during a write transaction (#6661) Remove catch() clause to prevent truncating stack trace in AsyncOper::do_recycle_and_execute() (#6667) Allow geo coordinate numeric argument substitutions (#6663) Fix a lock order inversion in tests (#6666) Avoid performing unaligned reads in Array::get_chunk() Fix a few UBSan failures hit by tests Use std::optional to store cached leaves in query nodes (#6653) maybe fix a race in a test (#6651) Access token refresh for websockets was not updating the location metadata (#6631) Updated release notes Prepare release Updated baas server tag for CI (#6650) Geospatial basic queries benchmarks (#6621) Geospatial feedback (#6645) Add support for early exit in BPlusTree::for_all() Filter out unresolved links in Dictionary::get_any() Benchmark for full-text search geospatial validation of polygons (#6607) Fix importing Results with deleted collection ...
kraenhansen
added a commit
that referenced
this pull request
Jun 19, 2023
* Updated release notes * Update catch2 v3.3.2 (#6605) * Make core infer platform and cpu_arch, while bundle_id must be provided by SDK's (#6612) * platform and cpu_arch are inferred by core, bundle_id must be provided by SDK's * update changelog * Return proper value for X86_64 arch Co-authored-by: Christian Melchior <christian.melchior@mongodb.com> * Get fine-grained platform for Apple devices * Fix tests * small fixes * fix more tests * Fix mistake in changelog --------- Co-authored-by: Christian Melchior <christian.melchior@mongodb.com> * use consistent rounding, following SERVER-75392 (#6477) * fix entries that went to the wrong change version (#6632) * Special-case main thread runloop scheduler * Improve SectionedResults performance SectionedResults used a std::map in a few places where the keys are a dense range (i.e. always [0..map.size())) and so they can be std::vector instead. The maps keyed on Mixed are now std::unordered_map. Change notifications now report changes as a `std::vector<IndexSet>` rather than `std::map<size_t, IndexSet>`. This is slower and uses more memory when the only sections that changed are near the end of a SectionedResults with a large number of sections, but is much faster if all sections changed or if the sections which changed are early in the SectionedResults. Change notifications now reuse buffers, which increases persistent memory usage slightly but significant reduces allocations. Change notifications for a single section now only compute the changes for that section rather than computing the full changes and then filtering out the changes for other sections. * use static_assert rather than a old home rolled one * fix warning of redefine of CHECK macro * fix unused function warning * silence warnings in bid128_to_string * Introduce BPlusTree::for_all * Prevent program from crashing when removing backlinks * Fix broken snapshot of collection of objects * Fix importing Results with deleted collection The result should be an empty result, not the whole table. * geospatial validation of polygons (#6607) * geospatial validation of polygons * Loop->Ring, added tests * use std::unique * changelog * Benchmark for full-text search * Allow to filter benchmark and run only list of specified names * Add simple benchmark for fulltext search with index * Filter out unresolved links in Dictionary::get_any() * Add support for early exit in BPlusTree::for_all() * Geospatial feedback (#6645) * verify local results match a server query * disallow geowithin on top level tables * fix geo queries with ANY/ALL/NONE * geospatial validation of points * rename GeoCenterSphere -> GeoCircle * review feedback * better testing and fix any/all/none geospatial * format * Geospatial basic queries benchmarks (#6621) * Add basic benchmarks for Geospatial type and queries * Less copying in GeoWithinCompare * Bring back caching of s2 region into Geospatial * remove transaction overhead from measurements * a couple small optimizations * formatting * simplify geospatial query evaluations * changelog --------- Co-authored-by: James Stone <james.stone@mongodb.com> * Updated baas server tag for CI (#6650) * Prepare release * Updated release notes * Access token refresh for websockets was not updating the location metadata (#6631) * Always refresh metadata on app login * Updated changelog * Always update location when requested; fix c_api test * Update test to properly evaluate websocket redirections; added one more test * Updated changelog and fixed compile warning * Added location checks back to test * added mutex locking around location updated state and reworked requesting location update to use flag * clang format and fix incorrect timeout value * Reworked update location logic a bit and removed unused function * Free mutex before calling completion on early exit in init_app_metadata * maybe fix a race in a test (#6651) * Use std::optional to store cached leaves in query nodes (#6653) Our use of aligned_storage was basically a complicated manual version of this. I was hoping this'd have binary size benefits, but it ended up making the library 100 bytes larger instead. Nonetheless, it greatly simplifies things. * Fix a few UBSan failures hit by tests * Avoid performing unaligned reads in Array::get_chunk() * Fix a lock order inversion in tests (#6666) The cycle was DaemonThread::m_running_on_change_mutex => RealmCoordinator::m_realm_mutex => SyncManager::m_mutex => RealmCoordinator::s_coordinator_mutex => DaemonThread::m_running_on_change_mutex, and it happened due to DaemonThread::remove() being called inside RealmCoordinator::clear_cache() while holding s_coordinator_mutex. Fortunately we don't actually need to be doing that. As the cycle required RealmCoordinator::clear_all_caches(), this was only applicable to tests. * Allow geo coordinate numeric argument substitutions (#6663) * allow geo coordinate numeric argument substitutions * review feedback * explicit cast to address warning * Remove catch() clause to prevent truncating stack trace in AsyncOper::do_recycle_and_execute() (#6667) * Fix an assertion failure if an async write callback ran during a write transaction (#6661) Between when the callback after acquiring the write lock is scheduled and when it's invoked a synchronous write transaction can be begun, and if it's not ended before the next time the scheduler gets to run, the scheduled callback will be invoked inside the write. When this happens we want to just do nothing. Ending the synchronous write transaction will take care of rescheduling the async write it preempted. * core release 13.13.0 * Updated release notes * Allocate arguments for lists (#6674) * Small documentation and code fixes (#6672) * Fix crash when opening FLX realm after client reset failure (#6671) * Fix crash when opening FLX realm after client reset failure * Update changelog * Don't superceed pending subscriptions in case of a client reset failure * Add test * Changes after code review * Support sorting based on values from a dictionary (#5311) Co-authored-by: Sebastian Valle <svalle@gascaribe.com> Co-authored-by: James Stone <james.stone@mongodb.com> * Filter out external sources from Eclipse (#6682) Indexer has a hard time dealing with Catch2 * Use cross-compilers instead of CentOS image (#6559) * Use cross-compilers instead of CentOS image * changelog * fix bad merge * refactor toolchain files * clarify useToolchain exception circumstances * Remap github URL to ssh to fix BAAS dependency using https:// (#6685) * core v13.14.0 * Updated release notes * Switch to building with Xcode 14 (#6647) * better fix explanation in the changelog for list of args in the query parser (#6692) * Remove constructor for GeoPoint and GeoPolygon (#6679) Co-authored-by: Mathias Stearn <redbeard0531@gmail.com> * Fix failing "sync: non-synced metadata table doesn't result in non-additive schema change" tests (#6697) * Reporting correct error message on HTTP errors for Browser target * User/Server API key provider becomes a single 'API key' provider (#6696) * Allow frozen Realms to be opened with additive schema changes (#6693) * allow frozen Realms to be opened with additive schema changes * lint * strengthen tests and comments * Update src/realm/object-store/shared_realm.cpp Co-authored-by: Thomas Goyne <thomas.goyne@mongodb.com> --------- Co-authored-by: Thomas Goyne <thomas.goyne@mongodb.com> * Reverted minimum swift version to fix failing CI tests (#6706) * core release v13.15.0 * Updated release notes * Fix client reset test with invalid query (#6711) * Fix SessionWrapper use-after-free crash when tearing down sessions (#6676) * Changed SessionWrapper pointer to bind_ptr; added session ident history * Fix teardown if client is destroyed before session * Session no longer holds bind_ptr to SessionWrapper; reverted some changes * Fixed return and updated some comments * Don't process errors if session is shutting down * Added extra checks for session state * Updates from review * Updated some finalized checks * Rolled back some changes * Added output to ASSERTS and moved session history to unordered_set * Remove session history entry on normal close * Updated comment in sync tests * Add [baas] and [local] tags to object store sync tests to identify the tests that rely on BAAS or not (#6710) * Use Columns<Link> when property is Dictionary of links (#6705) If a Dictionary property has links as value type, we can use Columns<Link> to handle the links instead of the basic Columns<Dictionary>. This has the effect that when we compare with a single value, we will optimize to use LinksToNode. So we need to make LinksToNode handle the Dictionary case. When we compare with a list of links, we must ensure that the list is converted to a list obj ObjKeys - which is the type that Column<Link> evaluates to. Use LinksToNode for lists in QueryParser * better changelog message for the fix related to queries with list of arguments (#6717) * Fixes for Emscripten target (Passing header from fetch response. Using Config.path for inMemory Realm) (#6716) * Fixes for Emscripten target: Passing header for fetch response. Passing the RealmConfig.path to be used for inMemory Realm, this is needed for registering SyncSession Co-authored-by: Jørgen Edelbo <jorgen.edelbo@mongodb.com> * release 13.15.1 * Updated spec.yml to remove User & Server prefix from ApiKey credentials --------- Co-authored-by: James Stone <james.stone@mongodb.com> Co-authored-by: realm-ci <ci@realm.io> Co-authored-by: Kirill Burtsev <kirill.burtsev@mongodb.com> Co-authored-by: Daniel Tabacaru <96778637+danieltabacaru@users.noreply.github.com> Co-authored-by: Christian Melchior <christian.melchior@mongodb.com> Co-authored-by: Thomas Goyne <tg@realm.io> Co-authored-by: Thomas Goyne <thomas.goyne@mongodb.com> Co-authored-by: Jørgen Edelbo <jorgen.edelbo@mongodb.com> Co-authored-by: Michael Wilkerson-Barker <michael.wilkersonbarker@mongodb.com> Co-authored-by: Nicola Cabiddu <nicola.cabiddu@mongodb.com> Co-authored-by: Sebastian Valle <svalle@gascaribe.com> Co-authored-by: Yavor Georgiev <fealebenpae@users.noreply.github.com> Co-authored-by: Ferdinando Papale <4850119+papafe@users.noreply.github.com> Co-authored-by: Mathias Stearn <redbeard0531@gmail.com> Co-authored-by: Nabil Hachicha <nabil.hachicha@gmail.com> Co-authored-by: Finn Schiermer Andersen <finn.schiermer.andersen@gmail.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What, How & Why?
When the server location is moved as part of a deployment model change, the current server URL will start to reply with a permanent redirect response to indicate the new server URL. If a websocket attempts to connect to the old server URL, the permanent redirect response causes an access token refresh, which was updated to request the updated URL information prior to refreshing the access token. However, due to a change in PR #6505, the location was not being requested, since it had already been requested when the
Appwas started. This PR also fixes the test for this operation, which mistakenly usedfind_first_of("/location")(which searches for the first instance of any of the characters in the string) instead offind("/location")to verify the first request after a websocket redirect was to update the location.In addition, the
Appwas updated to request the location information on a log in, in case the App was never restarted after the deployment model was changed, since all users will be logged out when this change occurs.A new test was also added to verify that the user is logged out in case an error occurs (e.g. too many redirects) during the location refresh after a permanent redirect is received while connecting the websocket.
Fixes #6630
☑️ ToDos
[ ] 🚦 Tests (or not relevant)[ ] C-API, if public C++ API changed.