Make AuthAction an enum and enforce it's handling

Author: EhabY

.eslintrc.json

@@ -46,6 +46,10 @@
 						"prefer": "type-imports",
 						"fixStyle": "inline-type-imports"
 					}
+				],
+				"@typescript-eslint/switch-exhaustiveness-check": [
+					"error",
+					{ "considerDefaultExhaustiveForUnions": true }
 				]
 			}
 		},

src/core/secretsManager.ts

@@ -4,7 +4,11 @@ const SESSION_TOKEN_KEY = "sessionToken";
 
 const LOGIN_STATE_KEY = "loginState";
 
-type AuthAction = "login" | "logout";
+export enum AuthAction {
+	LOGIN,
+	LOGOUT,
+	INVALID,
+}
 
 export class SecretsManager {
 	constructor(private readonly secrets: SecretStorage) {}
@@ -38,7 +42,9 @@ export class SecretsManager {
 	 * Uses the secrets storage onDidChange event as a cross-window communication mechanism.
 	 * Appends a timestamp to ensure the value always changes, guaranteeing the event fires.
 	 */
-	public async triggerLoginStateChange(action: AuthAction): Promise<void> {
+	public async triggerLoginStateChange(
+		action: "login" | "logout",
+	): Promise<void> {
 		const date = new Date().toISOString();
 		await this.secrets.store(LOGIN_STATE_KEY, `${action}-${date}`);
 	}
@@ -48,18 +54,18 @@ export class SecretsManager {
 	 * The secrets storage onDidChange event fires across all windows, enabling cross-window sync.
 	 */
 	public onDidChangeLoginState(
-		listener: (state?: AuthAction) => Promise<void>,
+		listener: (state: AuthAction) => Promise<void>,
 	): Disposable {
 		return this.secrets.onDidChange(async (e) => {
 			if (e.key === LOGIN_STATE_KEY) {
 				const state = await this.secrets.get(LOGIN_STATE_KEY);
 				if (state?.startsWith("login")) {
-					listener("login");
+					listener(AuthAction.LOGIN);
 				} else if (state?.startsWith("logout")) {
-					listener("logout");
+					listener(AuthAction.LOGOUT);
 				} else {
 					// Secret was deleted or is invalid
-					listener(undefined);
+					listener(AuthAction.INVALID);
 				}
 			}
 		});

src/error.ts

@@ -64,6 +64,8 @@ export class CertificateError extends Error {
 					return new CertificateError(err.message, X509_ERR.UNTRUSTED_LEAF);
 				case X509_ERR_CODE.SELF_SIGNED_CERT_IN_CHAIN:
 					return new CertificateError(err.message, X509_ERR.UNTRUSTED_CHAIN);
+				case undefined:
+					break;
 			}
 		}
 		return err;
@@ -154,6 +156,7 @@ export class CertificateError extends Error {
 		);
 		switch (val) {
 			case CertificateError.ActionOK:
+			case undefined:
 				return;
 			case CertificateError.ActionAllowInsecure:
 				await this.allowInsecure();

src/extension.ts

@@ -10,6 +10,7 @@ import { CoderApi } from "./api/coderApi";
 import { needToken } from "./api/utils";
 import { Commands } from "./commands";
 import { ServiceContainer } from "./core/container";
+import { AuthAction } from "./core/secretsManager";
 import { CertificateError, getErrorDetail } from "./error";
 import { Remote } from "./remote/remote";
 import { toSafeHost } from "./util";
@@ -333,19 +334,21 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
 
 	ctx.subscriptions.push(
 		secretsManager.onDidChangeLoginState(async (state) => {
-			if (state === undefined) {
-				return;
-			}
-
-			if (state === "login") {
-				const token = await secretsManager.getSessionToken();
-				const url = mementoManager.getUrl();
-				// Should login the user directly if the URL+Token are valid
-				await commands.login({ url, token });
-				// Resolve any pending login detection promises
-				remote.resolveLoginDetected();
-			} else {
-				await commands.forceLogout();
+			switch (state) {
+				case AuthAction.LOGIN: {
+					const token = await secretsManager.getSessionToken();
+					const url = mementoManager.getUrl();
+					// Should login the user directly if the URL+Token are valid
+					await commands.login({ url, token });
+					// Resolve any pending login detection promises
+					remote.resolveLoginDetected();
+					break;
+				}
+				case AuthAction.LOGOUT:
+					await commands.forceLogout();
+					break;
+				case AuthAction.INVALID:
+					break;
 			}
 		}),
 	);

test/unit/core/secretsManager.test.ts

@@ -1,6 +1,6 @@
 import { beforeEach, describe, expect, it, vi } from "vitest";
 
-import { SecretsManager } from "@/core/secretsManager";
+import { AuthAction, SecretsManager } from "@/core/secretsManager";
 
 import { InMemorySecretStorage } from "../../mocks/testHelpers";
 
@@ -42,30 +42,30 @@ describe("SecretsManager", () => {
 
 	describe("login state", () => {
 		it("should trigger login events", async () => {
-			const events: Array<string | undefined> = [];
+			const events: Array<AuthAction> = [];
 			secretsManager.onDidChangeLoginState((state) => {
 				events.push(state);
 				return Promise.resolve();
 			});
 
 			await secretsManager.triggerLoginStateChange("login");
-			expect(events).toEqual(["login"]);
+			expect(events).toEqual([AuthAction.LOGIN]);
 		});
 
 		it("should trigger logout events", async () => {
-			const events: Array<string | undefined> = [];
+			const events: Array<AuthAction> = [];
 			secretsManager.onDidChangeLoginState((state) => {
 				events.push(state);
 				return Promise.resolve();
 			});
 
 			await secretsManager.triggerLoginStateChange("logout");
-			expect(events).toEqual(["logout"]);
+			expect(events).toEqual([AuthAction.LOGOUT]);
 		});
 
 		it("should fire same event twice in a row", async () => {
 			vi.useFakeTimers();
-			const events: Array<string | undefined> = [];
+			const events: Array<AuthAction> = [];
 			secretsManager.onDidChangeLoginState((state) => {
 				events.push(state);
 				return Promise.resolve();
@@ -75,7 +75,7 @@ describe("SecretsManager", () => {
 			vi.advanceTimersByTime(5);
 			await secretsManager.triggerLoginStateChange("login");
 
-			expect(events).toEqual(["login", "login"]);
+			expect(events).toEqual([AuthAction.LOGIN, AuthAction.LOGIN]);
 			vi.useRealTimers();
 		});
 	});