fix: normalize pubky session keys

Author: ben-kaufman

app/src/main/java/to/bitkit/repositories/PubkyRepo.kt

@@ -154,7 +154,7 @@ class PubkyRepo @Inject constructor(
                 is InitResult.Restored -> {
                     _publicKey.update { result.publicKey }
                     _authState.update { PubkyAuthState.Authenticated }
-                    Logger.info("Paykit session restored for '${result.publicKey}'", context = TAG)
+                    Logger.info("Restored paykit session for '${result.publicKey}'", context = TAG)
                     loadProfile()
                     loadContacts()
                 }
@@ -172,7 +172,7 @@ class PubkyRepo @Inject constructor(
     ): InitResult = withContext(ioDispatcher) {
         if (!savedSessionSecret.isNullOrEmpty()) {
             runCatching {
-                val publicKey = pubkyService.importSession(savedSessionSecret)
+                val publicKey = pubkyService.importSession(savedSessionSecret).ensurePubkyPrefix()
                 InitResult.Restored(publicKey)
             }.getOrElse {
                 Logger.warn("Failed to restore paykit session, attempting re-sign-in", it, context = TAG)
@@ -199,7 +199,7 @@ class PubkyRepo @Inject constructor(
                 val newSession = pubkyService.signIn(storedSecretKeyHex)
                 keychain.upsertString(Keychain.Key.PAYKIT_SESSION.name, newSession)
                 notifyBackupStateChanged()
-                val publicKey = pubkyService.importSession(newSession)
+                val publicKey = pubkyService.importSession(newSession).ensurePubkyPrefix()
                 Logger.info("Re-signed in and restored session for '$publicKey'", context = TAG)
                 InitResult.Restored(publicKey)
             }.getOrElse {
@@ -232,7 +232,7 @@ class PubkyRepo @Inject constructor(
         return runCatching {
             withContext(ioDispatcher) {
                 val sessionSecret = pubkyService.completeAuth()
-                val pk = pubkyService.importSession(sessionSecret)
+                val pk = pubkyService.importSession(sessionSecret).ensurePubkyPrefix()
 
                 runCatching { keychain.delete(Keychain.Key.PUBKY_SECRET_KEY.name) }
                 keychain.upsertString(Keychain.Key.PAYKIT_SESSION.name, sessionSecret)
@@ -245,15 +245,15 @@ class PubkyRepo @Inject constructor(
         }.onSuccess { pk ->
             _publicKey.update { pk }
             _authState.update { PubkyAuthState.Authenticated }
-            Logger.info("Pubky auth completed for '$pk'", context = TAG)
+            Logger.info("Completed pubky auth for '$pk'", context = TAG)
             loadProfile()
         }.map { }
     }
 
     suspend fun cancelAuthentication() {
         runCatching {
             withContext(ioDispatcher) { pubkyService.cancelAuth() }
-        }.onFailure { Logger.warn("Cancel auth failed", it, context = TAG) }
+        }.onFailure { Logger.warn("Failed to cancel auth", it, context = TAG) }
         _authState.update { PubkyAuthState.Idle }
     }
 
@@ -343,7 +343,7 @@ class PubkyRepo @Inject constructor(
             val session = runCatching {
                 pubkyService.signUp(secretKeyHex, homegate.homeserverPubky, homegate.signupCode)
             }.getOrElse {
-                Logger.warn("signUp failed (likely already registered), trying signIn", it, context = TAG)
+                Logger.warn("Retrying sign in after sign up failed", it, context = TAG)
                 pubkyService.signIn(secretKeyHex)
             }
 
@@ -357,7 +357,7 @@ class PubkyRepo @Inject constructor(
 
             _publicKey.update { publicKeyZ32 }
             _authState.update { PubkyAuthState.Authenticated }
-            Logger.info("Identity created for '$publicKeyZ32'", context = TAG)
+            Logger.info("Created identity for '$publicKeyZ32'", context = TAG)
             loadProfile()
             loadContacts()
         }

app/src/main/java/to/bitkit/ui/screens/contacts/AddContactScreen.kt

@@ -30,7 +30,6 @@ import androidx.compose.runtime.remember
 import androidx.compose.runtime.setValue
 import androidx.compose.ui.Alignment
 import androidx.compose.ui.Modifier
-import androidx.compose.ui.platform.testTag
 import androidx.compose.ui.draw.clip
 import androidx.compose.ui.draw.drawBehind
 import androidx.compose.ui.geometry.Offset
@@ -41,6 +40,7 @@ import androidx.compose.ui.graphics.StrokeCap
 import androidx.compose.ui.graphics.drawscope.Stroke
 import androidx.compose.ui.graphics.drawscope.rotate
 import androidx.compose.ui.platform.LocalContext
+import androidx.compose.ui.platform.testTag
 import androidx.compose.ui.res.painterResource
 import androidx.compose.ui.res.stringResource
 import androidx.compose.ui.text.input.KeyboardCapitalization

app/src/test/java/to/bitkit/repositories/PubkyRepoTest.kt

@@ -97,30 +97,30 @@ class PubkyRepoTest : BaseUnitTest() {
     @Test
     fun `completeAuthentication should save session and update state`() = test {
         val testSecret = "session_secret"
-        val testPk = "completed_pk"
+        val testPk = VALID_SELF_KEY.removePrefix("pubky")
         whenever(pubkyService.completeAuth()).thenReturn(testSecret)
         whenever(pubkyService.importSession(testSecret)).thenReturn(testPk)
 
         val ffiProfile = mock<CorePubkyProfile>()
         whenever(ffiProfile.name).thenReturn("User")
-        whenever(pubkyService.getProfile(testPk)).thenReturn(ffiProfile)
+        whenever(pubkyService.getProfile(VALID_SELF_KEY)).thenReturn(ffiProfile)
 
         val result = sut.completeAuthentication()
 
         assertTrue(result.isSuccess)
-        assertEquals(testPk, sut.publicKey.value)
+        assertEquals(VALID_SELF_KEY, sut.publicKey.value)
         assertTrue(sut.isAuthenticated.value)
         verifyBlocking(keychain) { upsertString(Keychain.Key.PAYKIT_SESSION.name, testSecret) }
     }
 
     @Test
     fun `completeAuthentication should clear managed secret key`() = test {
         val testSecret = "session_secret"
-        val testPk = "completed_pk"
+        val testPk = VALID_SELF_KEY.removePrefix("pubky")
         whenever(pubkyService.completeAuth()).thenReturn(testSecret)
         whenever(pubkyService.importSession(testSecret)).thenReturn(testPk)
         val ffiProfile = createFfiProfile(name = "User")
-        whenever(pubkyService.getProfile(testPk)).thenReturn(ffiProfile)
+        whenever(pubkyService.getProfile(VALID_SELF_KEY)).thenReturn(ffiProfile)
 
         val result = sut.completeAuthentication()
 
@@ -131,11 +131,11 @@ class PubkyRepoTest : BaseUnitTest() {
     @Test
     fun `completeAuthentication should not load contacts automatically`() = test {
         val testSecret = "session_secret"
-        val testPk = "completed_pk"
+        val testPk = VALID_SELF_KEY.removePrefix("pubky")
         whenever(pubkyService.completeAuth()).thenReturn(testSecret)
         whenever(pubkyService.importSession(testSecret)).thenReturn(testPk)
         val ffiProfile = createFfiProfile(name = "User")
-        whenever(pubkyService.getProfile(testPk)).thenReturn(ffiProfile)
+        whenever(pubkyService.getProfile(VALID_SELF_KEY)).thenReturn(ffiProfile)
 
         val result = sut.completeAuthentication()
 
@@ -420,21 +420,37 @@ class PubkyRepoTest : BaseUnitTest() {
         assertNull(result.getOrNull())
     }
 
+    @Test
+    fun `initialize should restore saved session with prefixed public key`() = test {
+        val session = "saved_session"
+        val unprefixedPublicKey = VALID_SELF_KEY.removePrefix("pubky")
+        val ffiProfile = createFfiProfile(name = "Restored User")
+        whenever(keychain.loadString(Keychain.Key.PAYKIT_SESSION.name)).thenReturn(session)
+        whenever(keychain.loadString(Keychain.Key.PUBKY_SECRET_KEY.name)).thenReturn(null)
+        whenever(pubkyService.importSession(session)).thenReturn(unprefixedPublicKey)
+        whenever(pubkyService.getProfile(VALID_SELF_KEY)).thenReturn(ffiProfile)
+
+        sut.initialize()
+
+        assertEquals(VALID_SELF_KEY, sut.publicKey.value)
+        assertTrue(sut.isAuthenticated.value)
+    }
+
     @Test
     fun `initialize should restore session from local secret key when saved session is missing`() = test {
         val secretKey = "local_secret"
         val session = "new_session"
-        val publicKey = VALID_SELF_KEY
+        val publicKey = VALID_SELF_KEY.removePrefix("pubky")
         val ffiProfile = createFfiProfile(name = "Recovered User")
         whenever(keychain.loadString(Keychain.Key.PAYKIT_SESSION.name)).thenReturn(null)
         whenever(keychain.loadString(Keychain.Key.PUBKY_SECRET_KEY.name)).thenReturn(secretKey)
         whenever(pubkyService.signIn(secretKey)).thenReturn(session)
         whenever(pubkyService.importSession(session)).thenReturn(publicKey)
-        whenever(pubkyService.getProfile(publicKey)).thenReturn(ffiProfile)
+        whenever(pubkyService.getProfile(VALID_SELF_KEY)).thenReturn(ffiProfile)
 
         sut.initialize()
 
-        assertEquals(publicKey, sut.publicKey.value)
+        assertEquals(VALID_SELF_KEY, sut.publicKey.value)
         assertTrue(sut.isAuthenticated.value)
         verifyBlocking(keychain) { upsertString(Keychain.Key.PAYKIT_SESSION.name, session) }
     }
@@ -559,14 +575,14 @@ class PubkyRepoTest : BaseUnitTest() {
         whenever(keychain.loadString(Keychain.Key.PAYKIT_SESSION.name)).thenReturn(newSecret)
         whenever(pubkyService.sessionList(newSecret, Env.contactsBasePath)).thenReturn(emptyList())
         val staleProfile = createFfiProfile(name = "Stale Old")
-        whenever(pubkyService.getProfile(oldPublicKey)).thenAnswer {
+        whenever(pubkyService.getProfile(oldPublicKey.ensurePubkyPrefixForTest())).thenAnswer {
             runBlocking { sut.completeAuthentication() }
             staleProfile
         }
 
         sut.loadProfile()
 
-        assertEquals(newPublicKey, sut.publicKey.value)
+        assertEquals(newPublicKey.ensurePubkyPrefixForTest(), sut.publicKey.value)
         assertEquals("Initial Old", sut.profile.value?.name)
     }
 
@@ -599,7 +615,7 @@ class PubkyRepoTest : BaseUnitTest() {
         whenever(pubkyService.completeAuth()).thenReturn(newSecret)
         whenever(pubkyService.importSession(newSecret)).thenReturn(newPublicKey)
         val newProfile = createFfiProfile(name = "New User")
-        whenever(pubkyService.getProfile(newPublicKey)).thenReturn(newProfile)
+        whenever(pubkyService.getProfile(newPublicKey.ensurePubkyPrefixForTest())).thenReturn(newProfile)
         whenever(keychain.loadString(Keychain.Key.PAYKIT_SESSION.name)).thenReturn(oldSecret)
         whenever(pubkyService.sessionList(oldSecret, Env.contactsBasePath)).thenReturn(listOf(staleContactPath))
         whenever(pubkyService.fetchFileString(staleContactUri)).thenAnswer {
@@ -610,7 +626,7 @@ class PubkyRepoTest : BaseUnitTest() {
         sut.loadContacts()
 
         val contacts = sut.contacts.value
-        assertEquals(newPublicKey, sut.publicKey.value)
+        assertEquals(newPublicKey.ensurePubkyPrefixForTest(), sut.publicKey.value)
         assertEquals(1, contacts.size)
         assertEquals(existingContact.publicKey, contacts.first().publicKey)
         assertEquals(existingContact.name, contacts.first().name)
@@ -855,10 +871,11 @@ class PubkyRepoTest : BaseUnitTest() {
         secret: String = "test_secret",
         profileName: String = "Test",
     ) {
+        val prefixedPublicKey = publicKey.ensurePubkyPrefixForTest()
         whenever { pubkyService.completeAuth() }.thenReturn(secret)
         whenever { pubkyService.importSession(secret) }.thenReturn(publicKey)
         val ffiProfile = createFfiProfile(name = profileName)
-        whenever { pubkyService.getProfile(publicKey) }.thenReturn(ffiProfile)
+        whenever { pubkyService.getProfile(prefixedPublicKey) }.thenReturn(ffiProfile)
         whenever(keychain.loadString(Keychain.Key.PAYKIT_SESSION.name)).thenReturn(secret)
         whenever { pubkyService.sessionList(secret, Env.contactsBasePath) }.thenReturn(emptyList())
 
@@ -874,3 +891,6 @@ class PubkyRepoTest : BaseUnitTest() {
         return ffiProfile
     }
 }
+
+private fun String.ensurePubkyPrefixForTest(): String =
+    if (startsWith("pubky")) this else "pubky$this"