0.8.1, fix bug with refresh tokens not being properly urlencoded for …

…v2 sso

CHANGELOG.md

@@ -1,3 +1,8 @@
+2019-01-21: 0.8.1
+-------------------------
+* Fixed serious bug where certain characters authorized via the new SSOv2 would show tokens as dying when they were in fact fine.
+* Node.js version bumped to v10.
+
 2019-01-14: 0.8.0
 -------------------------
 * Switch to SSO v2 for native applications for authorizing characters, characters entered previously continue to function as normal and can be gracefully upgraded to v2 by re-authorizing.

appveyor.yml

@@ -6,7 +6,7 @@ platform:
   - x64
 
 environment:
-  nodejs_version: "9"
+  nodejs_version: "10"
 
 init:
   - git config --global core.autocrlf true

package.json

@@ -1,7 +1,7 @@
 {
   "name": "eve-cerebral",
   "productName": "Cerebral",
-  "version": "0.8.0",
+  "version": "0.8.1",
   "description": "Character Manager for EVE Online",
   "author": "Prometheus Satyen",
   "license": "AGPL-3.0-only",

resources/properties.js

@@ -1,7 +1,7 @@
 'use strict';
 
 export default {
-    'version': '0.8.0',
+    'version': '0.8.1',
     'author_email': '[email protected]',
 
     'eve_sso_url': 'https://login.eveonline.com/oauth',

src/helpers/eve/SsoClientv2.js

@@ -71,7 +71,11 @@ export default class SsoClientv2 {
         let options = {
             method: 'POST',
             uri: this.constructUrl('token'),
-            body: `client_id=${this.clientId}&grant_type=refresh_token&refresh_token=${refreshToken}`,
+            body: queryString.stringify({
+                client_id: this.clientId,
+                grant_type: 'refresh_token',
+                refresh_token: refreshToken
+            }),
             headers: {
                 'User-Agent': `cerebral/${appProperties.version} ${appProperties.author_email}`,
                 'Content-Type': 'application/x-www-form-urlencoded'
@@ -95,7 +99,11 @@ export default class SsoClientv2 {
 
         switch(res.statusCode) {
             case 200:
-                log.verbose(`[SSOv2] Refresh successful, old refresh token = ${refreshToken}, new access token = ${body.access_token}, new refresh token = ${body.refresh_token}`);
+                if (refreshToken !== body.refresh_token) {
+                    log.info(`[SSOv2] Refresh successful, token changed, old refresh token = ${refreshToken}, new refresh token = ${body.refresh_token}`);
+                } else {
+                    log.verbose(`[SSOv2] Refresh successful, token unchanged, refresh token = ${refreshToken}`);
+                }
                 return {
                     accessToken: body.access_token,
                     accessTokenExpiry: new Date(new Date().getTime() + (body.expires_in * 1000)),
@@ -105,10 +113,10 @@ export default class SsoClientv2 {
             case 401:
             case 403:
                 if ((body.hasOwnProperty('error')) && (body.error !== undefined) && (body.error !== '')) {
-                    log.verbose(`[SSOv2] Refresh failed, refresh token = ${refreshToken}, error: ${body.error}`);
+                    log.warn(`[SSOv2] Refresh failed, refresh token = ${refreshToken}, error: ${body.error}`);
                     throw body;
                 } else {
-                    log.verbose(`[SSOv2] Refresh failed, refresh token = ${refreshToken}, unknown error`);
+                    log.warn(`[SSOv2] Refresh failed, refresh token = ${refreshToken}, unknown error`);
                     throw undefined;
                 }
             default:

src/index.js

@@ -22,8 +22,8 @@ if (isDevMode) {
     log.transports.console.level = 'verbose';
     log.transports.file.appName = 'Electron';
 } else {
-    log.transports.file.level = 'warn';
-    log.transports.console.level = 'warn';
+    log.transports.file.level = 'info';
+    log.transports.console.level = 'info';
 }
 
 const lockObtained = app.requestSingleInstanceLock();