Register a new in-flight flow.
(flowId: string, entry: OAuthFlowEntry)
| 48 | |
| 49 | /** Register a new in-flight flow. */ |
| 50 | register(flowId: string, entry: OAuthFlowEntry): void { |
| 51 | // If a flow ID is re-used before the completed-flow TTL expires, ensure the |
| 52 | // old cleanup timer can't delete the new result. |
| 53 | this.clearCompleted(flowId); |
| 54 | |
| 55 | const existing = this.flows.get(flowId); |
| 56 | if (existing) { |
| 57 | // Defensive: avoid silently overwriting an active flow entry. |
| 58 | // |
| 59 | // This can happen if a provider accidentally re-uses a flow ID, or if a |
| 60 | // stale in-flight start attempt races a newer one. Best-effort cleanup to |
| 61 | // avoid leaking timeouts, deferred promises, or loopback servers. |
| 62 | log.debug(`[OAuthFlowManager] Duplicate register — replacing active flow (flowId=${flowId})`); |
| 63 | |
| 64 | if (existing.timeoutHandle !== null) { |
| 65 | clearTimeout(existing.timeoutHandle); |
| 66 | } |
| 67 | |
| 68 | try { |
| 69 | existing.resultDeferred.resolve(Err("OAuth flow replaced")); |
| 70 | |
| 71 | if (existing.server) { |
| 72 | // Stop accepting new connections. |
| 73 | void closeServer(existing.server); |
| 74 | } |
| 75 | } catch (error) { |
| 76 | log.debug("Failed to clean up replaced OAuth flow:", error); |
| 77 | } |
| 78 | } |
| 79 | |
| 80 | this.flows.set(flowId, entry); |
| 81 | } |
| 82 | |
| 83 | private clearCompleted(flowId: string): void { |
| 84 | const existing = this.completed.get(flowId); |
no test coverage detected