From 10224350ea2321c4ed70415fbbd207b4fa669612 Mon Sep 17 00:00:00 2001
From: Niels Andriesse <andriesseniels@gmail.com>
Date: Fri, 26 Mar 2021 13:56:15 +1100
Subject: [PATCH] Handle token expiration

---
 .../Open Groups/V2/OpenGroupAPIV2.swift           | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/SessionMessagingKit/Open Groups/V2/OpenGroupAPIV2.swift b/SessionMessagingKit/Open Groups/V2/OpenGroupAPIV2.swift
index 625d6b352..2e5a62e7a 100644
--- a/SessionMessagingKit/Open Groups/V2/OpenGroupAPIV2.swift	
+++ b/SessionMessagingKit/Open Groups/V2/OpenGroupAPIV2.swift	
@@ -2,7 +2,6 @@ import PromiseKit
 import SessionSnodeKit
 
 // TODO: Message signature validation
-// TODO: Token expiration
 
 @objc(SNOpenGroupAPIV2)
 public final class OpenGroupAPIV2 : NSObject {
@@ -97,7 +96,19 @@ public final class OpenGroupAPIV2 : NSObject {
             if request.isAuthRequired, let room = request.room { // Because auth happens on a per-room basis, we need both to make an authenticated request
                 return getAuthToken(for: room, on: request.server).then(on: DispatchQueue.global(qos: .default)) { authToken -> Promise<JSON> in
                     tsRequest.setValue(authToken, forHTTPHeaderField: "Authorization")
-                    return OnionRequestAPI.sendOnionRequest(tsRequest, to: request.server, using: publicKey)
+                    let promise = OnionRequestAPI.sendOnionRequest(tsRequest, to: request.server, using: publicKey)
+                    promise.catch(on: DispatchQueue.global(qos: .default)) { error in
+                        // A 401 means that we didn't provide a (valid) auth token for a route that required one. We use this as an
+                        // indication that the token we're using has expired. Note that a 403 has a different meaning; it means that
+                        // we provided a valid token but it doesn't have a high enough permission level for the route in question.
+                        if case OnionRequestAPI.Error.httpRequestFailedAtDestination(let statusCode, _) = error, statusCode == 401 {
+                            let storage = SNMessagingKitConfiguration.shared.storage
+                            storage.write { transaction in
+                                storage.removeAuthToken(for: room, on: request.server, using: transaction)
+                            }
+                        }
+                    }
+                    return promise
                 }
             } else {
                 return OnionRequestAPI.sendOnionRequest(tsRequest, to: request.server, using: publicKey)