fix: make login types check optional#2412
Conversation
check for login types is soon legacy duo to matrix native oidc. Making this a requirement actually makes login to oidc only homeservers like newest version of conduwuit impossible. closes krille-chan/fluffychat#3250
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #2412 +/- ##
==========================================
- Coverage 59.62% 59.60% -0.02%
==========================================
Files 161 161
Lines 20329 20346 +17
==========================================
+ Hits 12121 12128 +7
- Misses 8208 8218 +10
Continue to review full report in Codecov by Harness.
|
PR SummaryMedium Risk Overview OIDC HTTP handling in MSC2964 (token login, refresh, revoke) and MSC2966 (dynamic client registration) now calls Reviewed by Cursor Bugbot for commit 2d3b129. Bugbot is set up for automated code reviews on this repo. Configure here. |
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.
Autofix Details
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: OIDC warnings name wrong operation
- Updated the three non-200 warning messages to name their actual operations (token exchange, token refresh, token revocation) instead of the incorrect 'OIDC client registration'.
Or push these changes by commenting:
@cursor push b59b91abe2
Preview (b59b91abe2)
diff --git a/lib/msc_extensions/msc_2964_oidc_login_flow/msc_2964_oidc_login_flow.dart b/lib/msc_extensions/msc_2964_oidc_login_flow/msc_2964_oidc_login_flow.dart
--- a/lib/msc_extensions/msc_2964_oidc_login_flow/msc_2964_oidc_login_flow.dart
+++ b/lib/msc_extensions/msc_2964_oidc_login_flow/msc_2964_oidc_login_flow.dart
@@ -101,7 +101,7 @@
}
if (response.statusCode != 200) {
Logs().w(
- 'Expected a status code of 200 but got ${response.statusCode} for OIDC client registration.',
+ 'Expected a status code of 200 but got ${response.statusCode} for OIDC token exchange.',
);
}
final responseString = utf8.decode(response.bodyBytes);
@@ -139,7 +139,7 @@
}
if (response.statusCode != 200) {
Logs().w(
- 'Expected a status code of 200 but got ${response.statusCode} for OIDC client registration.',
+ 'Expected a status code of 200 but got ${response.statusCode} for OIDC token refresh.',
);
}
final responseString = utf8.decode(response.bodyBytes);
@@ -166,7 +166,7 @@
}
if (response.statusCode != 200) {
Logs().w(
- 'Expected a status code of 200 but got ${response.statusCode} for OIDC client registration.',
+ 'Expected a status code of 200 but got ${response.statusCode} for OIDC token revocation.',
);
}
}You can send follow-ups to the cloud agent here.
Turns out that some implementations can return 200 instead of 201 or other status codes. Actually 201 or 200 is the correct one but IMO not a reason to let the app crash here. Worth a warning though.
ff11875 to
2d3b129
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Login types log missing stacktrace
- Captured the stack trace from loginTypesResult.asError and passed it as the third argument to Logs().w, matching the SDK's logging convention.
Or push these changes by commenting:
@cursor push 800a9b2435
Preview (800a9b2435)
diff --git a/lib/src/client.dart b/lib/src/client.dart
--- a/lib/src/client.dart
+++ b/lib/src/client.dart
@@ -575,8 +575,13 @@
final loginTypesResult = await Result.capture(getLoginFlows());
final loginTypes = loginTypesResult.asValue?.value ?? [];
final loginTypesError = loginTypesResult.asError?.error;
+ final loginTypesStackTrace = loginTypesResult.asError?.stackTrace;
if (loginTypesError != null && loginTypesError is! MatrixException) {
- Logs().w('Unable to fetch legacy login types', loginTypesError);
+ Logs().w(
+ 'Unable to fetch legacy login types',
+ loginTypesError,
+ loginTypesStackTrace,
+ );
}
if (loginTypes.isNotEmpty &&You can send follow-ups to the cloud agent here.
Reviewed by Cursor Bugbot for commit 2d3b129. Configure here.
|
This change alone was not enough for me to get it to work, I also needed #2411. |
I haven't tried it on web so wasn't affected. I will review your PR :) |


check for login types is soon legacy duo to matrix native oidc. Making this a requirement actually makes login to oidc only homeservers like newest version of conduwuit impossible.
closes krille-chan/fluffychat#3250
closes https://famedly.atlassian.net/browse/FM-757