oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(auth): preserve resolved token version on oauth login

Browse Source
This commit is contained in:
IanShaw027
2026-04-22 16:01:25 +08:00
parent ca4e38aa01
commit 82259d1380
4 changed files with 29 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
backend/internal/handler/auth_oauth_pending_flow_test.go
View File

@@ -778,6 +778,14 @@ func TestExchangePendingOAuthCompletionExistingLoginWithSuggestedProfileSkipsAdo
require.Equal(t, "https://cdn.example/existing-login.png", payload["suggested_avatar_url"])
require.NotContains(t, payload, "adoption_required")
accessToken, ok := payload["access_token"].(string)
require.True(t, ok)
claims, err := handler.authService.ValidateToken(accessToken)
require.NoError(t, err)
reloadedUser, err := handler.userService.GetByID(ctx, userEntity.ID)
require.NoError(t, err)
require.Equal(t, reloadedUser.TokenVersion, claims.TokenVersion)
decisionCount, err := client.IdentityAdoptionDecision.Query().
Where(identityadoptiondecision.PendingAuthSessionIDEQ(session.ID)).
Count(ctx)
@@ -2033,6 +2041,13 @@ func TestLogin2FACompletesPendingOAuthBindAndConsumesSession(t *testing.T) {
payload := decodeJSONResponseData(t, recorder)
require.NotEmpty(t, payload["access_token"])
require.NotEmpty(t, payload["refresh_token"])
accessToken, ok := payload["access_token"].(string)
require.True(t, ok)
claims, err := handler.authService.ValidateToken(accessToken)
require.NoError(t, err)
reloadedUser, err := handler.userService.GetByID(ctx, existingUser.ID)
require.NoError(t, err)
require.Equal(t, reloadedUser.TokenVersion, claims.TokenVersion)
identity, err := client.AuthIdentity.Query().
Where(