HyperSpaceOut/IRC-kosmi-relay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync

Browse Source
This commit is contained in:
cottongin
2025-11-01 21:00:16 -04:00
parent bd9513b86c
commit dd398c9a8c
31 changed files with 5211 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
AUTHENTICATION_ISSUE.md Normal file
View File

@@ -0,0 +1,104 @@
# Authentication Issue - Bot Appears as Anonymous
## Problem
The bot successfully authenticates via browser automation and joins the Kosmi room, but appears in the user list as an **anonymous user** (e.g., "Anonymous Donkey") instead of as the authenticated account.
## What We Know
### ✅ Working Correctly
1. **Browser authentication**: Successfully logs in and obtains JWT token
2. **Token format**: Valid JWT with correct structure and claims
3. **Token transmission**: Correct token is sent in `connection_init`
4. **Server acceptance**: Server accepts the token (returns `connection_ack`)
5. **Room joining**: Successfully joins the room (`joinRoom` mutation returns `ok: true`)
### 🔍 Investigation Results
#### Token Claims Analysis
The authenticated JWT token contains:
```json
{
"aud": "kosmi",
"exp": 1761874131,
"iat": 1730338131,
"iss": "kosmi",
"sub": "e410acc0-e4bd-4694-8498-f20b9aa033fc",
"typ": "access"
}
```
**Key finding**: The token **only contains the user ID** (`sub`), but **NO display name, username, or email**. This is just an authentication token, not a profile token.
#### GraphQL API Queries
Tested the following queries with the authenticated token:
- `query { me { ... } }` - ❌ Field doesn't exist
- `query { currentUser { ... } }` - ❌ Field doesn't exist
- `query { user { ... } }` - ❌ Field doesn't exist
- `query { viewer { ... } }` - ❌ Field doesn't exist
**Conclusion**: There's no GraphQL query to fetch the current user's profile.
#### WebSocket Flow
Current flow:
1. `connection_init` with authenticated token → Server accepts
2. `connection_ack` → Server acknowledges
3. Subscribe to `newMessage` → Working
4. `joinRoom` mutation → Returns `ok: true`
5. Bot appears in user list as "Anonymous [Animal]"
## Hypotheses
### 1. Missing Profile Fetch
The server might need a separate API call (REST or GraphQL) to fetch the user profile using the user ID from the token.
### 2. Missing Display Name Mutation
There might be a GraphQL mutation to set the display name after joining:
- `mutation { setDisplayName(name: "...") }`
- `mutation { updateProfile(displayName: "...") }`
### 3. Server-Side Bug
The server might not be correctly associating the authenticated token with the user profile when joining via WebSocket.
### 4. Additional WebSocket Message
The browser might be sending an additional WebSocket message after `joinRoom` that we're not aware of.
## Next Steps
1. **Check `connection_ack` payload**: See if the server returns user info
2. **Monitor browser WebSocket traffic**: Watch what messages the browser sends after successful login and room join
3. **Test GraphQL introspection**: Query the schema to see all available mutations
4. **Compare anonymous vs authenticated flow**: See if there are any differences in the WebSocket message sequence
## Logs
### Successful Authentication and Join
```
time="2025-11-01T14:48:51-04:00" level=info msg="✅ Successfully obtained token via browser automation" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" Email used: d2bkvqnh0@mozmail.com" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" Token (first 50 chars): eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJrb..." prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" Token user ID (sub): e410acc0-e4bd-4694-8498-f20b9aa033fc" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" Token type (typ): access" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg="✓ getToken: Using manually provided token" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" Length: 371" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg=" First 50: eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJrb..." prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg="Sending connection_init with token (length: 371, first 20 chars: eyJhbGciOiJIUzUxMiIs...)" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg="✅ WebSocket connection established and authenticated" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg="✅ Successfully joined room" prefix=kosmi
time="2025-11-01T14:48:51-04:00" level=info msg="Join response payload: {"data":{"joinRoom":{"ok":true}}}" prefix=kosmi
```
**Result**: Bot appears as "Anonymous [Animal]" in the user list despite successful authentication.
## Files Modified for Debugging
- `bridge/kosmi/browser_auth.go`: Added comprehensive token logging
- `bridge/kosmi/kosmi.go`: Added token setting confirmation
- `bridge/kosmi/graphql_ws_client.go`: Added token source and `connection_ack` payload logging
- `cmd/decode-token/main.go`: Tool to decode and analyze JWT tokens
- `cmd/test-profile-query/main.go`: Tool to test GraphQL profile queries