From aa68c0d7519565d0ce7915a4397148199fc664d2 Mon Sep 17 00:00:00 2001 From: Andris Reinman Date: Fri, 20 Dec 2024 15:14:03 +0200 Subject: [PATCH] fix(Auth-server): Ensure correct oauth2 username and history ID for accounts added with auth server --- lib/account.js | 1 + lib/email-client/gmail-client.js | 22 ++++++++++++++++++++++ lib/oauth/pubsub/google.js | 4 ++-- lib/schemas.js | 4 ++-- 4 files changed, 27 insertions(+), 4 deletions(-) diff --git a/lib/account.js b/lib/account.js index 2c80c6dd..1090c93e 100644 --- a/lib/account.js +++ b/lib/account.js @@ -840,6 +840,7 @@ class Account { throw error; } } + pipeline = pipeline.hset(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user, this.account); } } diff --git a/lib/email-client/gmail-client.js b/lib/email-client/gmail-client.js index 8f20f876..ae3bbeda 100644 --- a/lib/email-client/gmail-client.js +++ b/lib/email-client/gmail-client.js @@ -264,9 +264,31 @@ class GmailClient extends BaseClient { if (Object.keys(updates).length) { await this.accountObject.update(updates); + accountData = await this.accountObject.loadAccountData(this.account, false); + } + + this.logger.info({ + msg: 'Initializing Gmail account', + provider: accountData.oauth2.provider, + user: accountData.oauth2.auth?.user + }); + + if ( + accountData.oauth2.auth?.user && + (await this.redis.hget(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user)) !== this.account + ) { + await this.redis.hset(`${REDIS_PREFIX}oapp:h:${accountData.oauth2.provider}`, accountData.oauth2.auth?.user, this.account); + this.logger.info({ msg: 'Re-set missing Google Pub/Sub subscription', account: this.account, emailAddress: accountData.oauth2.auth?.user }); } let historyId = Number(profileRes?.historyId) || null; + if (!accountData.googleHistoryId) { + // set as initial + await this.redis.hset(this.getAccountKey(), 'googleHistoryId', historyId.toString()); + accountData.googleHistoryId = historyId; + this.logger.info({ msg: 'Re-set missing Google History ID', account: this.account, historyId }); + } + if (historyId && accountData.googleHistoryId && historyId > accountData.googleHistoryId) { // changes detected this.triggerSync(accountData.googleHistoryId, historyId); diff --git a/lib/oauth/pubsub/google.js b/lib/oauth/pubsub/google.js index 057bf7ff..ea4a5386 100644 --- a/lib/oauth/pubsub/google.js +++ b/lib/oauth/pubsub/google.js @@ -36,7 +36,7 @@ class PubSubInstance { } async processPulledMessage(messageId, data) { - logger.info({ msg: 'Processing subscription message', source: 'google', app: this.app, messageId }); + logger.info({ msg: 'Processing subscription message', source: 'google', app: this.app, messageId, data }); let payload; try { @@ -60,7 +60,7 @@ class PubSubInstance { } if (!accountIds.size) { - logger.info({ msg: 'Failed to match email address with account ID', app: this.app, messageId, emailAddress: payload.emailAddress }); + logger.info({ msg: 'Failed to match email address with account ID', app: this.app, subscriberApps, messageId, emailAddress: payload.emailAddress }); return; } diff --git a/lib/schemas.js b/lib/schemas.js index d27f4b99..2f9bf565 100644 --- a/lib/schemas.js +++ b/lib/schemas.js @@ -610,10 +610,10 @@ const oauth2AuthSchema = Joi.object({ 'Account ID of another account to authenticate the shared mailbox. If provided, EmailEngine uses the credentials of this account instead of the current one.' ) }) + .required() .when('authorize', { is: true, - then: Joi.optional().valid(false, null), - otherwise: Joi.required() + then: Joi.optional().valid(false, null) }) .label('OAuth2Authentication');