fix: saved credentials not working

crates/gpapi/src/credential.rs

@@ -111,11 +111,11 @@ impl AuthCookieCredential {
 pub struct CachedCredential {
   username: String,
   password: Option<String>,
-  auth_cookie: AuthCookieCredential,
+  auth_cookie: Option<AuthCookieCredential>,
 }
 
 impl CachedCredential {
-  pub fn new(username: String, password: Option<String>, auth_cookie: AuthCookieCredential) -> Self {
+  pub fn new(username: String, password: Option<String>, auth_cookie: Option<AuthCookieCredential>) -> Self {
     Self {
       username,
       password,
@@ -131,12 +131,12 @@ impl CachedCredential {
     self.password.as_deref()
   }
 
-  pub fn auth_cookie(&self) -> &AuthCookieCredential {
+  pub fn auth_cookie(&self) -> Option<&AuthCookieCredential> {
-    &self.auth_cookie
+    self.auth_cookie.as_ref()
   }
 
   pub fn set_auth_cookie(&mut self, auth_cookie: AuthCookieCredential) {
-    self.auth_cookie = auth_cookie;
+    self.auth_cookie = Some(auth_cookie);
   }
 
   pub fn set_username(&mut self, username: String) {
@@ -150,11 +150,7 @@ impl CachedCredential {
 
 impl From<PasswordCredential> for CachedCredential {
   fn from(value: PasswordCredential) -> Self {
-    Self::new(
+    Self::new(value.username().to_owned(), Some(value.password().to_owned()), None)
-      value.username().to_owned(),
-      Some(value.password().to_owned()),
-      AuthCookieCredential::new("", "", ""),
-    )
   }
 }
 #[derive(Debug, Serialize, Deserialize, Type, Clone)]
@@ -198,11 +194,12 @@ impl Credential {
         Some(cred.prelogon_user_auth_cookie()),
         None,
       ),
+      // Use the empty string as the password if auth_cookie is present
       Credential::Cached(cred) => (
         cred.password(),
         None,
-        Some(cred.auth_cookie.user_auth_cookie()),
+        cred.auth_cookie.as_ref().map(|c| c.user_auth_cookie()),
-        Some(cred.auth_cookie.prelogon_user_auth_cookie()),
+        cred.auth_cookie.as_ref().map(|c| c.prelogon_user_auth_cookie()),
         None,
       ),
     };

crates/gpapi/src/portal/config.rs

@@ -103,6 +103,20 @@ pub async fn retrieve_config(portal: &str, cred: &Credential, gp_params: &GpPara
   let client = Client::try_from(gp_params)?;
 
   let mut params = cred.to_params();
+  // Avoid sending the auth cookies for the portal config API if the password is cached
+  // Otherwise, the portal will return an error even if the password is correct, because
+  // the auth cookies could have been invalidated and the portal server takes precedence
+  // over the password
+  if let Credential::Cached(cache_cred) = cred {
+    if cache_cred.password().is_some() {
+      info!("Using cached credentials, excluding auth cookies from the portal config request");
+
+      params.remove("prelogin-cookie");
+      params.remove("portal-userauthcookie");
+      params.remove("portal-prelogonuserauthcookie");
+    }
+  }
+
   let extra_params = gp_params.to_params();
 
   params.extend(extra_params);

flake.nix

@@ -42,6 +42,8 @@
 
         overrideMain = {...}: {
           postPatch  = ''
+            substituteInPlace crates/common/src/vpn_utils.rs \
+              --replace-fail /etc/vpnc/vpnc-script ${pkgs.vpnc-scripts}/bin/vpnc-script
             substituteInPlace crates/gpapi/src/lib.rs \
               --replace-fail /usr/bin/gpclient $out/bin/gpclient \
               --replace-fail /usr/bin/gpservice $out/bin/gpservice \