Skip to content

JWT: Resolve IAM conditions after user create to allow fetching of IAMs #2337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conversation

nan-li
Copy link
Contributor

@nan-li nan-li commented Jul 7, 2025

Description

One Line Summary

Resolve fetch IAM conditions after the user create call, not just in user update call, in order to allow fetching IAMs after the first usage of login.

Details

When Identity Verification is enabled, the initial anonymous user create is dropped. As a result, we will never make this call. Then, when login is invoked, we send a create user request with no subsequent update user calls to be made. Thus, the fetch IAM condition was never resolving. Since create user returns ryw data from the server, we can safely resolve the condition with this data when the create user returns successfully. Additionally, this is appropriate and safe to do so as a create user call effectively serves the same role as a user update call for purposes of read-your-write consistency.

Motivation

Scope

Testing

Unit testing

Unit tests are updated only

Manual testing

Android emulator on API 35
Reproduced the issue that IAMs are not fetched after the first login call. After fix, IAMs are fetched.

Testing with identity verification enabled:

  1. New install, then login, iams fetched
  2. Quit and reopen app, patch user call is made for new session, iams fetched
  3. Now login to another user, iams are fetched again if enough time has passed since the last fetch

Testing with identity verification disabled:

  1. New install, iams are fetched for the anonymous user
  2. Now login to another user, iams are fetched again if enough tie has passed since the last fetch
  3. Now logout (blocked: logout appears broken when identity verification is disabled)

Affected code checklist

  • Notifications
    • Display
    • Open
    • Push Processing
    • Confirm Deliveries
  • Outcomes
  • Sessions
  • In-App Messaging
  • REST API requests
  • Public API changes

Checklist

Overview

  • I have filled out all REQUIRED sections above
  • PR does one thing
  • Any Public API changes are explained in the PR details and conform to existing APIs

Testing

  • I have included test coverage for these changes, or explained why they are not needed
  • All automated tests pass, or I explained why that is not possible
  • I have personally tested this on my device, or explained why that is not possible

Final pass

  • Code is as readable as possible.
  • I have reviewed this PR myself, ensuring it meets each checklist item

This change is Reviewable

@nan-li nan-li force-pushed the jwt/resolve_iam_conditions_after_user_create branch 4 times, most recently from 91da5b8 to ba0a3de Compare July 7, 2025 23:33
@nan-li nan-li changed the title JWT: Resolve IAM conditions after user create JWT: Resolve IAM conditions after user create to allow fetching of IAMs Jul 8, 2025
@nan-li nan-li requested review from jkasten2 and jinliu9508 July 8, 2025 00:38
@nan-li nan-li force-pushed the jwt/resolve_iam_conditions_after_user_create branch from ba0a3de to 159a408 Compare July 8, 2025 00:45
nan-li added 3 commits July 8, 2025 10:47
* this chunk of code was removed in #2287 and got lost in the rebase with the main branch
* The create user call returns ryw data from the server, so we should use this to resolve any conditions. When Identity Verification is enabled, the anonymous user and its operations are dropped, and no user updates will be made for it nor the next user that logs in. In this scenario, create user should resolve the condition to allow IAMs to be fetched.
No actual logic changes to tests
@nan-li nan-li force-pushed the jwt/resolve_iam_conditions_after_user_create branch from 159a408 to aeb4553 Compare July 8, 2025 17:48
@nan-li nan-li merged commit 46607fb into identity_verification_beta Jul 8, 2025
2 checks passed
@nan-li nan-li deleted the jwt/resolve_iam_conditions_after_user_create branch July 8, 2025 19:41
@nan-li nan-li mentioned this pull request Jul 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants