From 4e881644f60995a90325d99f77d00a99fad354a9 Mon Sep 17 00:00:00 2001 From: Dean Herbert Date: Thu, 11 May 2017 19:35:07 +0900 Subject: [PATCH] Add thread-safety on access token validation logic. --- osu.Game/Online/API/OAuth.cs | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/osu.Game/Online/API/OAuth.cs b/osu.Game/Online/API/OAuth.cs index 0ee7e0e030..2f841b67b1 100644 --- a/osu.Game/Online/API/OAuth.cs +++ b/osu.Game/Online/API/OAuth.cs @@ -72,21 +72,28 @@ namespace osu.Game.Online.API } } + private static readonly object access_token_retrieval_lock = new object(); + /// /// Should be run before any API request to make sure we have a valid key. /// private bool ensureAccessToken() { - //todo: we need to mutex this to ensure only one authentication request is running at a time. - - //If we already have a valid access token, let's use it. + // if we already have a valid access token, let's use it. if (accessTokenValid) return true; - //If not, let's try using our refresh token to request a new access token. - if (!string.IsNullOrEmpty(Token?.RefreshToken)) - AuthenticateWithRefresh(Token.RefreshToken); + // we want to ensure only a single authentication update is happening at once. + lock (access_token_retrieval_lock) + { + // re-check if valid, in case another requrest completed and revalidated our access. + if (accessTokenValid) return true; - return accessTokenValid; + // if not, let's try using our refresh token to request a new access token. + if (!string.IsNullOrEmpty(Token?.RefreshToken)) + AuthenticateWithRefresh(Token.RefreshToken); + + return accessTokenValid; + } } private bool accessTokenValid => Token?.IsValid ?? false;