From d022ee6622aa169e4e2cae1669a7ddef4e30cf29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Fri, 28 Apr 2023 11:07:26 +0200 Subject: [PATCH] Fix race condition --- app/controllers/api/avatars.php | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/app/controllers/api/avatars.php b/app/controllers/api/avatars.php index f5ab72e66c..e741aa1c2f 100644 --- a/app/controllers/api/avatars.php +++ b/app/controllers/api/avatars.php @@ -89,8 +89,10 @@ $getUserGitHub = function (string $userId, Document $project, Database $dbForPro $accessToken = $oauth2->getAccessToken(''); $refreshToken = $oauth2->getRefreshToken(''); - if (empty($accessToken) || empty($refreshToken)) { - throw new \Exception("Generation race-condition occured."); // Handeled properly in catch + $verificationId = $oauth2->getUserID($accessToken); + + if (empty($verificationId)) { + throw new \Exception("Locked tokens."); // Race codition, handeled in catch } $session @@ -104,23 +106,24 @@ $getUserGitHub = function (string $userId, Document $project, Database $dbForPro } catch (Throwable $err) { $index = 0; do { - $oldAccessToken = $accessToken; + $previousAccessToken = $session->getAttribute('providerAccessToken'); $user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId)); $sessions = $user->getAttribute('sessions', []); $session = $sessions[0] ?? new Document(); $accessToken = $session->getAttribute('providerAccessToken'); - if ($accessToken !== $oldAccessToken) { + if ($accessToken !== $previousAccessToken) { break; } $index++; - sleep(0.5); + \usleep(500000); } while ($index < 10); } } + $oauth2 = new $className($appId, $appSecret, '', [], []); $githubUser = $oauth2->getUserSlug($accessToken); $githubId = $oauth2->getUserID($accessToken);