From 7d221802a2fa0dc81f78204c644a6b861f23c746 Mon Sep 17 00:00:00 2001 From: Dean Herbert Date: Thu, 11 May 2017 19:27:02 +0900 Subject: [PATCH 1/3] Fix refresh tokens not working correctly Turns out there's plenty of slashes in refresh tokens. --- osu.Game/Online/API/OAuthToken.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/osu.Game/Online/API/OAuthToken.cs b/osu.Game/Online/API/OAuthToken.cs index 4085e5602a..328888ab8a 100644 --- a/osu.Game/Online/API/OAuthToken.cs +++ b/osu.Game/Online/API/OAuthToken.cs @@ -41,13 +41,13 @@ namespace osu.Game.Online.API [JsonProperty(@"refresh_token")] public string RefreshToken; - public override string ToString() => $@"{AccessToken}/{AccessTokenExpiry.ToString(NumberFormatInfo.InvariantInfo)}/{RefreshToken}"; + public override string ToString() => $@"{AccessToken}|{AccessTokenExpiry.ToString(NumberFormatInfo.InvariantInfo)}|{RefreshToken}"; public static OAuthToken Parse(string value) { try { - string[] parts = value.Split('/'); + string[] parts = value.Split('|'); return new OAuthToken { AccessToken = parts[0], From 4e881644f60995a90325d99f77d00a99fad354a9 Mon Sep 17 00:00:00 2001 From: Dean Herbert Date: Thu, 11 May 2017 19:35:07 +0900 Subject: [PATCH 2/3] Add thread-safety on access token validation logic. --- osu.Game/Online/API/OAuth.cs | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/osu.Game/Online/API/OAuth.cs b/osu.Game/Online/API/OAuth.cs index 0ee7e0e030..2f841b67b1 100644 --- a/osu.Game/Online/API/OAuth.cs +++ b/osu.Game/Online/API/OAuth.cs @@ -72,21 +72,28 @@ namespace osu.Game.Online.API } } + private static readonly object access_token_retrieval_lock = new object(); + /// /// Should be run before any API request to make sure we have a valid key. /// private bool ensureAccessToken() { - //todo: we need to mutex this to ensure only one authentication request is running at a time. - - //If we already have a valid access token, let's use it. + // if we already have a valid access token, let's use it. if (accessTokenValid) return true; - //If not, let's try using our refresh token to request a new access token. - if (!string.IsNullOrEmpty(Token?.RefreshToken)) - AuthenticateWithRefresh(Token.RefreshToken); + // we want to ensure only a single authentication update is happening at once. + lock (access_token_retrieval_lock) + { + // re-check if valid, in case another requrest completed and revalidated our access. + if (accessTokenValid) return true; - return accessTokenValid; + // if not, let's try using our refresh token to request a new access token. + if (!string.IsNullOrEmpty(Token?.RefreshToken)) + AuthenticateWithRefresh(Token.RefreshToken); + + return accessTokenValid; + } } private bool accessTokenValid => Token?.IsValid ?? false; From c3d2cdd2f2ab15c353a08f403fc1a55de06a71f6 Mon Sep 17 00:00:00 2001 From: Dean Herbert Date: Thu, 11 May 2017 19:49:28 +0900 Subject: [PATCH 3/3] Fix typo --- osu.Game/Online/API/OAuth.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osu.Game/Online/API/OAuth.cs b/osu.Game/Online/API/OAuth.cs index 2f841b67b1..c96b21a855 100644 --- a/osu.Game/Online/API/OAuth.cs +++ b/osu.Game/Online/API/OAuth.cs @@ -85,7 +85,7 @@ namespace osu.Game.Online.API // we want to ensure only a single authentication update is happening at once. lock (access_token_retrieval_lock) { - // re-check if valid, in case another requrest completed and revalidated our access. + // re-check if valid, in case another request completed and revalidated our access. if (accessTokenValid) return true; // if not, let's try using our refresh token to request a new access token.