fix(Auth-server): Ensure correct oauth2 username and history ID for a…

…ccounts added with auth server
postalsys · Dec 20, 2024 · aa68c0d · aa68c0d
1 parent 5971050
commit aa68c0d
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 4 deletions.
diff --git a/lib/account.js b/lib/account.js
@@ -840,6 +840,7 @@ class Account {
                         throw error;
                     }
                 }
+
                 pipeline = pipeline.hset(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user, this.account);
             }
         }

diff --git a/lib/email-client/gmail-client.js b/lib/email-client/gmail-client.js
@@ -264,9 +264,31 @@ class GmailClient extends BaseClient {
 
         if (Object.keys(updates).length) {
             await this.accountObject.update(updates);
+            accountData = await this.accountObject.loadAccountData(this.account, false);
+        }
+
+        this.logger.info({
+            msg: 'Initializing Gmail account',
+            provider: accountData.oauth2.provider,
+            user: accountData.oauth2.auth?.user
+        });
+
+        if (
+            accountData.oauth2.auth?.user &&
+            (await this.redis.hget(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user)) !== this.account
+        ) {
+            await this.redis.hset(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user, this.account);
+            this.logger.info({ msg: 'Re-set missing Google Pub/Sub subscription', account: this.account, emailAddress: accountData.oauth2.auth?.user });
         }
 
         let historyId = Number(profileRes?.historyId) || null;
+        if (!accountData.googleHistoryId) {
+            // set as initial
+            await this.redis.hset(this.getAccountKey(), 'googleHistoryId', historyId.toString());
+            accountData.googleHistoryId = historyId;
+            this.logger.info({ msg: 'Re-set missing Google History ID', account: this.account, historyId });
+        }
+
         if (historyId && accountData.googleHistoryId && historyId > accountData.googleHistoryId) {
             // changes detected
             this.triggerSync(accountData.googleHistoryId, historyId);

diff --git a/lib/oauth/pubsub/google.js b/lib/oauth/pubsub/google.js
@@ -36,7 +36,7 @@ class PubSubInstance {
     }
 
     async processPulledMessage(messageId, data) {
-        logger.info({ msg: 'Processing subscription message', source: 'google', app: this.app, messageId });
+        logger.info({ msg: 'Processing subscription message', source: 'google', app: this.app, messageId, data });
 
         let payload;
         try {
@@ -60,7 +60,7 @@ class PubSubInstance {
         }
 
         if (!accountIds.size) {
-            logger.info({ msg: 'Failed to match email address with account ID', app: this.app, messageId, emailAddress: payload.emailAddress });
+            logger.info({ msg: 'Failed to match email address with account ID', app: this.app, subscriberApps, messageId, emailAddress: payload.emailAddress });
             return;
         }
 

diff --git a/lib/schemas.js b/lib/schemas.js
@@ -610,10 +610,10 @@ const oauth2AuthSchema = Joi.object({
             'Account ID of another account to authenticate the shared mailbox. If provided, EmailEngine uses the credentials of this account instead of the current one.'
         )
 })
+    .required()
     .when('authorize', {
         is: true,
-        then: Joi.optional().valid(false, null),
-        otherwise: Joi.required()
+        then: Joi.optional().valid(false, null)
     })
     .label('OAuth2Authentication');
-Original file line number
+Diff line change
@@ Expand Up / @@ -840,6 +840,7 @@ class Account { @@
                             throw error;
                         }
                     }
                     pipeline = pipeline.hset(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user, this.account);
                 }
             }
@@ Expand Down @@