From ea436162a2152fc79555cce9fe7c023944c6dfda Mon Sep 17 00:00:00 2001 From: olivier Dufour Date: Mon, 21 Oct 2024 22:02:57 +0200 Subject: [PATCH] get all tokens if other window refresh token --- addon/background.js | 19 ++++++++++++++++++- addon/inspector.js | 30 +++++++++++++++++------------- 2 files changed, 35 insertions(+), 14 deletions(-) diff --git a/addon/background.js b/addon/background.js index 1a2fdea2..21b7780c 100644 --- a/addon/background.js +++ b/addon/background.js @@ -20,7 +20,7 @@ chrome.runtime.onMessage.addListener((request, sender, sendResponse) => { return; } const [orgId] = cookie.value.split("!"); - const orderedDomains = ["salesforce.com", "cloudforce.com", "salesforce.mil", "cloudforce.mil", "sfcrmproducts.cn", "force.com", "salesforce-setup.com"]; + const orderedDomains = ["salesforce.com", "cloudforce.com", "salesforce.mil", "cloudforce.mil", "sfcrmproducts.cn", "force.com", "salesforce-setup.com", "visualforce.com", "sfcrmapps.cn", "force.mil", "visualforce.mil", "crmforce.mil"]; orderedDomains.forEach(currentDomain => { chrome.cookies.getAll({name: "sid", domain: currentDomain, secure: true, storeId: sender.tab.cookieStoreId}, cookies => { @@ -45,6 +45,23 @@ chrome.runtime.onMessage.addListener((request, sender, sendResponse) => { }); return true; // Tell Chrome that we want to call sendResponse asynchronously. } + if (request.message == "getAllSessions") { + chrome.cookies.get({url: "https://" + request.sfHost, name: "sid", storeId: sender.tab.cookieStoreId}, cookie => { + if (!cookie) { //Domain used by Microsoft Defender for Cloud Apps, where sid exists but cannot be read + sendResponse(null); + return; + } + const [orgId] = cookie.value.split("!"); + const orderedDomains = ["salesforce.com", "cloudforce.com", "salesforce.mil", "cloudforce.mil", "sfcrmproducts.cn", "force.com", "salesforce-setup.com", "visualforce.com", "sfcrmapps.cn", "force.mil", "visualforce.mil", "crmforce.mil"]; + + orderedDomains.forEach(currentDomain => { + chrome.cookies.getAll({name: "sid", domain: currentDomain, secure: true, storeId: sender.tab.cookieStoreId}, cookies => { + sendResponse(cookies.filter(c => c.value.startsWith(orgId + "!")).map(c => ({key: c.value, hostname: c.domain}))); + }); + }); + }); + return true; // Tell Chrome that we want to call sendResponse asynchronously. + } return false; }); chrome.runtime.onInstalled.addListener(({reason}) => { diff --git a/addon/inspector.js b/addon/inspector.js index c573f108..77d41870 100644 --- a/addon/inspector.js +++ b/addon/inspector.js @@ -106,20 +106,24 @@ export let sfConn = { let oldToken = localStorage.getItem(this.instanceHostname + ACCESS_TOKEN); if (oldToken){ sessionError = error; - let message = await new Promise(resolve => - chrome.runtime.sendMessage({message: "getSession", sfHost: this.instanceHostname}, resolve)); - if (message && message.key && message.key != oldToken) { - this.instanceHostname = getMyDomain(message.hostname); - this.sessionId = message.key; - localStorage.setItem(this.instanceHostname + ACCESS_TOKEN, message.key); - return await this.rest(url, {logErrors, method, api, body, bodyType, responseType, headers, progressHandler, withoutCache: true}); - } else { - showInvalidTokenBanner(); - let err = new Error(); - err.name = "Unauthorized"; - err.message = error; - throw err; + let cookies = await new Promise(resolve => + chrome.runtime.sendMessage({message: "getAllSessions", sfHost: this.instanceHostname}, resolve)); + if (cookies && cookies.length > 0) { + //first new token + //potentially 2 old tokens so not perfect + let message = cookies.find(c => c.key && c.key != oldToken); + if (message) { + this.instanceHostname = getMyDomain(message.hostname); + this.sessionId = message.key; + localStorage.setItem(this.instanceHostname + ACCESS_TOKEN, message.key); + return await this.rest(url, {logErrors, method, api, body, bodyType, responseType, headers, progressHandler, withoutCache: true}); + } } + showInvalidTokenBanner(); + let err = new Error(); + err.name = "Unauthorized"; + err.message = error; + throw err; } } else if (xhr.status == 431) { let err = new Error();