Fix re-authentication in retry logic by resolving auth endpoint via Bag()#448
Open
Fix re-authentication in retry logic by resolving auth endpoint via Bag()#448
Conversation
The retry logic in purchase, download, get-version-metadata, and list-versions called Login() without an Endpoint when re-authenticating after a password token expiry. This caused silent failures because the auth endpoint was empty. - Add Bag() call before Login() in all retry blocks to resolve the auth endpoint dynamically - Fall back to hardcoded auth endpoint when bag.xml omits authenticateAccount - Detect "Your password has changed." customer message as a token expiry trigger alongside failure type 2034 - Increase download retry attempts to 3 to handle license-required then token-expired chain Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Fixes App Store CLI re-authentication during retries by resolving the auth endpoint from bag.xml before calling Login(), preventing silent re-auth failures when the endpoint is empty.
Changes:
- Add a hardcoded fallback auth endpoint and make
Bag()return it whenauthenticateAccountis missing/empty. - Update retry re-auth flows (purchase, download, get-version-metadata, list-versions) to call
Bag()and pass the resolved auth endpoint intoLogin(). - Treat
"Your password has changed."as a password-token-expiry signal and increase download retry attempts to 3.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/appstore/constants.go | Adds a password-changed customer message constant and a fallback authenticate endpoint constant. |
| pkg/appstore/appstore_purchase.go | Expands token-expiry detection to include the new customer message trigger. |
| pkg/appstore/appstore_bag.go | Falls back to the hardcoded authenticate endpoint when bag.xml omits it. |
| pkg/appstore/appstore_bag_test.go | Adds coverage for the empty-authenticateAccount fallback behavior. |
| cmd/purchase.go | Re-auth retry now resolves auth endpoint via Bag() before Login(). |
| cmd/list_versions.go | Re-auth retry now resolves auth endpoint via Bag() before Login(). |
| cmd/get_version_metadata.go | Re-auth retry now resolves auth endpoint via Bag() before Login(). |
| cmd/download.go | Re-auth retry now resolves auth endpoint via Bag() before Login(); increases retry attempts to 3. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…hanged test - Rename PrivateAppStoreAPIPathAuthenticate to store only the path (consistent with other *APIPath* constants), constructing the full URL in the Bag() fallback - Add test for CustomerMessagePasswordChanged triggering ErrPasswordTokenExpired in purchaseWithParams Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The retry logic in purchase, download, get-version-metadata, and list-versions called Login() without an Endpoint when re-authenticating after a password token expiry. This caused re-auth to silently fail because the auth endpoint was empty.
Add Bag() call before Login() in all retry blocks to resolve the auth endpoint dynamically
Fall back to hardcoded auth endpoint when bag.xml omits authenticateAccount
Detect "Your password has changed." customer message as a token expiry trigger alongside failure type 2034
Increase download retry attempts to 3 to handle license-required → token-expired chain