PM-20593: sync-org-keys notification should allow token to be refreshed on next request (#5988)

2025-12-10 08:35:05 -06:00 · 2025-10-08 10:32:39 -05:00 · 2025-10-08 10:32:39 -05:00 · bebf94796c
commit bebf94796c
parent 10a92dd2a3
2 changed files with 20 additions and 10 deletions
--- a/app/src/main/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt
+++ b/app/src/main/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt
@ -302,9 +302,14 @@ class AuthRepositoryImpl(
        pushManager
            .syncOrgKeysFlow
            .onEach { userId ->
+                // This will force the next authenticated request to refresh the auth token.
+                authDiskSource.storeAccountTokens(
+                    userId = userId,
+                    accountTokens = authDiskSource
+                        .getAccountTokens(userId = userId)
+                        ?.copy(expiresAtSec = 0L),
+                )
                if (userId == activeUserId) {
-                    // TODO: [PM-20593] Investigate why tokens are explicitly refreshed.
-                    refreshAccessTokenSynchronously(userId = userId)
                    // We just sync now to get the latest data
                    vaultRepository.sync(forced = true)
                } else {
--- a/app/src/test/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt
+++ b/app/src/test/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt
@ -6439,34 +6439,39 @@ class AuthRepositoryTest {
    fun `syncOrgKeysFlow emissions for active user should refresh access token and force sync`() {
        fakeAuthDiskSource.userState = MULTI_USER_STATE
        fakeAuthDiskSource.storeAccountTokens(userId = USER_ID_1, accountTokens = ACCOUNT_TOKENS_1)
-        coEvery {
-            identityService.refreshTokenSynchronously(REFRESH_TOKEN)
-        } returns REFRESH_TOKEN_RESPONSE_JSON.asSuccess()
-        coEvery { vaultRepository.sync(forced = true) } just runs
+        every { vaultRepository.sync(forced = true) } just runs

        mutableSyncOrgKeysFlow.tryEmit(USER_ID_1)

-        coVerify(exactly = 1) {
-            identityService.refreshTokenSynchronously(REFRESH_TOKEN)
+        verify(exactly = 1) {
            vaultRepository.sync(forced = true)
        }
+        fakeAuthDiskSource.assertAccountTokens(
+            userId = USER_ID_1,
+            accountTokens = ACCOUNT_TOKENS_1.copy(expiresAtSec = 0L),
+        )
    }

    @Test
    fun `syncOrgKeysFlow emissions for inactive user should clear the last sync time`() {
        fakeAuthDiskSource.userState = MULTI_USER_STATE
+        fakeAuthDiskSource.storeAccountTokens(userId = USER_ID_2, accountTokens = ACCOUNT_TOKENS_2)
        fakeSettingsDiskSource.storeLastSyncTime(
            userId = USER_ID_2,
            lastSyncTime = FIXED_CLOCK.instant(),
        )
+        every { vaultRepository.sync(forced = true) } just runs

        mutableSyncOrgKeysFlow.tryEmit(USER_ID_2)

-        coVerify(exactly = 0) {
-            identityService.refreshTokenSynchronously(REFRESH_TOKEN)
+        verify(exactly = 0) {
            vaultRepository.sync(forced = true)
        }
        fakeSettingsDiskSource.assertLastSyncTime(userId = USER_ID_2, null)
+        fakeAuthDiskSource.assertAccountTokens(
+            userId = USER_ID_2,
+            accountTokens = ACCOUNT_TOKENS_2.copy(expiresAtSec = 0L),
+        )
    }

    @Test