bluesky-social / atproto

Social networking technology created by Bluesky
Other
7.44k stars 531 forks source link

[@atproto/api] `resumeSession` while already logged in sends request to currently logged in user's PDS, rather than `bsky.social` #1964

Open mozzius opened 11 months ago

mozzius commented 11 months ago

Describe the bug

For the account switch mechanism, I want to reuse the same agent, so I have been calling resumeSession on an already authenticated agent. However, post-federation, the service gets switched out to the currently logged in user's PDS after authentication, so futher authentication requests fail if you're not on the same PDS (shroommates?). I think it would make sense that when making authencation-related requests, it should use the originally passed service URL.

To Reproduce

Steps to reproduce the behavior:

  1. Log in
  2. Try to resumeSession with an account on a different PDS

Request is sent to the PDS of the original account, you should get Token could not be verified

Expected behavior

Request is sent to bsky.social or whatever it's been set to.

mozzius commented 11 months ago

Simple workaround, in case anyone else runs into this:

// reset service uri
agent.api.xrpc.uri = new URL("https://bsky.social");
const res = await agent.resumeSession(session);
snarfed commented 10 months ago

Dupe of #1848?

mozzius commented 10 months ago

Dupe of #1848?

Oh seems to be related, although weirdly the exact opposite problem