Skip to content

[codex] Structure mobile DPoP failures#3307

Merged
juliusmarminge merged 7 commits into
codex/redact-dpop-request-targetfrom
codex/mobile-dpop-errors
Jun 20, 2026
Merged

[codex] Structure mobile DPoP failures#3307
juliusmarminge merged 7 commits into
codex/redact-dpop-request-targetfrom
codex/mobile-dpop-errors

Conversation

@juliusmarminge

@juliusmarminge juliusmarminge commented Jun 20, 2026
edited by macroscopeapp Bot
Loading

Copy link
Copy Markdown
Member

Summary

  • replace the generic message-bearing mobile DPoP error and constructor wrapper with structured Schema errors for storage, key generation, and proof creation
  • attach storage keys, proof request context, operation identifiers, and the exact underlying schema, parser, crypto, or signing cause
  • preserve separate structured causes for malformed public keys and mismatched stored key material
  • record only a shared redacted request target (scheme/host/path) plus URL length, never credentials, query parameters, or fragments

Stack dependency

Validation

  • vp test run apps/mobile/src/features/cloud/dpop.test.ts (8 tests)
  • vp run lint:mobile
  • vp check (passes with 20 pre-existing warnings)
  • vp run typecheck

Open PR overlap

Note

Medium Risk
Touches OAuth/DPoP signing and secure-store key handling, but behavior is largely preserved with safer diagnostics and stricter error typing rather than new auth flows.

Overview
Replaces the mobile cloud DPoP generic message-only error with Effect Schema tagged errors for storage, key generation, and proof signing, plus a CloudDpopError union and isCloudDpopError guard.

CloudDpopProofError now records operation, HTTP method, key thumbprint, and URL length, while requestTarget uses shared redactDpopRequestTarget (scheme/host/path only—no credentials, query, or fragment). Storage and restore paths emit CloudDpopStorageError with operation and storageKey; mismatched stored key coordinates surface on restore.

Shared dpop gains redactDpopRequestTarget (with tests). A new urlDiagnostics export provides length/protocol/hostname diagnostics for invalid URLs. Mobile tests assert structured fields, restore failures, and that proof error messages do not leak sensitive URL parts.

Reviewed by Cursor Bugbot for commit 3ba6a95. Bugbot is set up for automated code reviews on this repo. Configure here.

Note

Structure DPoP failures with typed error classes and redacted request context

  • Introduces CloudDpopStorageError, CloudDpopKeyError, and CloudDpopProofError typed error classes in dpop.ts, each carrying structured metadata (operation, storageKey, thumbprint, etc.) instead of generic messages.
  • Adds isCloudDpopError type guard and CloudDpopError union so callers can uniformly identify DPoP-related failures.
  • Adds redactDpopRequestTarget in dpop.ts that strips credentials, query, and fragment from URLs before including them in error context, falling back to "<invalid-url>" for unparseable input.
  • Adds getUrlDiagnostics in urlDiagnostics.ts to extract non-sensitive URL metadata (length, protocol, hostname) for error diagnostics.
  • Behavioral Change: HTU normalization in createDpopProof now strips query and fragment components, which changes the normalized URL compared to the previous behavior.

Macroscope summarized 3ba6a95.

@coderabbitai

coderabbitai Bot commented Jun 20, 2026
edited
Loading

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 29a5a17a-9fb0-49ef-9bce-c08f46370b3f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/mobile-dpop-errors

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions github-actions Bot added vouch:trusted PR author is trusted by repo permissions or the VOUCHED list. size:L 100-499 changed lines (additions + deletions). labels Jun 20, 2026
macroscopeapp[bot]
macroscopeapp Bot previously approved these changes Jun 20, 2026
View reviewed changes
@macroscopeapp

macroscopeapp Bot commented Jun 20, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Approvability

Verdict: Approved

This PR refactors error handling to use structured, typed error classes instead of a generic error class, with no changes to business logic or control flow. The redaction of sensitive URL components from error messages is a security improvement.

You can customize Macroscope's approvability policy. Learn more.

@juliusmarminge juliusmarminge mentioned this pull request Jun 20, 2026
Closed
@macroscopeapp macroscopeapp Bot dismissed their stale review June 20, 2026 15:35

Dismissing prior approval to re-evaluate 04e0d39

macroscopeapp[bot]
macroscopeapp Bot previously approved these changes Jun 20, 2026
View reviewed changes
@macroscopeapp macroscopeapp Bot dismissed their stale review June 20, 2026 15:40

Dismissing prior approval to re-evaluate fb138fb

macroscopeapp[bot]
macroscopeapp Bot previously approved these changes Jun 20, 2026
View reviewed changes
@juliusmarminge @codex
Share redacted DPoP request targets
922123f 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge juliusmarminge force-pushed the codex/mobile-dpop-errors branch from fb138fb to 283d96f Compare June 20, 2026 15:56
@macroscopeapp macroscopeapp Bot dismissed their stale review June 20, 2026 15:56

Dismissing prior approval to re-evaluate 283d96f

@juliusmarminge juliusmarminge changed the base branch from main to codex/redact-dpop-request-target June 20, 2026 15:56
macroscopeapp[bot]
macroscopeapp Bot previously approved these changes Jun 20, 2026
View reviewed changes
juliusmarminge and others added 5 commits June 20, 2026 09:15
@juliusmarminge @codex
Share safe URL diagnostics
ef9ed1e 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge @codex
refactor(mobile): structure DPoP failures
ef7c2d5 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge @codex
fix(mobile): structure DPoP key validation causes
ef61a9b 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge @codex
Redact mobile DPoP error targets
a504252 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge @codex
Reuse shared DPoP request redaction
22e7600 
Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge juliusmarminge force-pushed the codex/mobile-dpop-errors branch from 283d96f to 22e7600 Compare June 20, 2026 16:18
@juliusmarminge juliusmarminge marked this pull request as draft June 20, 2026 16:26
@juliusmarminge juliusmarminge marked this pull request as ready for review June 20, 2026 16:26
@macroscopeapp macroscopeapp Bot dismissed their stale review June 20, 2026 16:26

Dismissing prior approval to re-evaluate 22e7600

macroscopeapp[bot]
macroscopeapp Bot previously approved these changes Jun 20, 2026
View reviewed changes
@juliusmarminge juliusmarminge force-pushed the codex/redact-dpop-request-target branch from b87e64a to 3167aeb Compare June 20, 2026 19:21
@juliusmarminge @codex
test(mobile): focus DPoP coverage on behavior
3ba6a95 
Co-authored-by: codex <codex@users.noreply.github.com>
@macroscopeapp macroscopeapp Bot dismissed their stale review June 20, 2026 20:12

Dismissing prior approval to re-evaluate 3ba6a95

@juliusmarminge juliusmarminge merged commit a2c3536 into codex/redact-dpop-request-target Jun 20, 2026
16 checks passed
@juliusmarminge juliusmarminge deleted the codex/mobile-dpop-errors branch June 20, 2026 20:16
juliusmarminge added a commit that referenced this pull request Jun 20, 2026
@juliusmarminge @codex
[codex] Structure mobile DPoP failures (#3307)
f83cc14 
Co-authored-by: codex <codex@users.noreply.github.com>
juliusmarminge added a commit that referenced this pull request Jun 20, 2026
@juliusmarminge @codex
[codex] Structure mobile DPoP failures (#3307)
3c64c7d 
Co-authored-by: codex <codex@users.noreply.github.com>
juliusmarminge added a commit that referenced this pull request Jun 20, 2026
@juliusmarminge @codex
[codex] Structure mobile DPoP failures (#3307)
d51cad2 
Co-authored-by: codex <codex@users.noreply.github.com>
juliusmarminge added a commit that referenced this pull request Jun 20, 2026
@juliusmarminge @codex
[codex] Structure mobile DPoP failures (#3307)
b09410f 
Co-authored-by: codex <codex@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@macroscopeapp macroscopeapp[bot] macroscopeapp[bot] approved these changes

Assignees

No one assigned

Labels

size:L 100-499 changed lines (additions + deletions). vouch:trusted PR author is trusted by repo permissions or the VOUCHED list.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@juliusmarminge