redsunlib/src/oauth.rs

use std::{collections::HashMap, sync::atomic::Ordering, time::Duration};

use crate::{
	client::{CLIENT, OAUTH_CLIENT, OAUTH_IS_ROLLING_OVER, OAUTH_RATELIMIT_REMAINING},
	oauth_resources::ANDROID_APP_VERSION_LIST,
};
use base64::{engine::general_purpose, Engine as _};
use hyper::{client, Body, Method, Request};
use log::{info, trace};

use serde_json::json;

static REDDIT_ANDROID_OAUTH_CLIENT_ID: &str = "ohXpoqrZYub1kg";

static AUTH_ENDPOINT: &str = "https://accounts.reddit.com";

// Spoofed client for Android devices
#[derive(Debug, Clone, Default)]
pub struct Oauth {
	pub(crate) initial_headers: HashMap<String, String>,
	pub(crate) headers_map: HashMap<String, String>,
	pub(crate) token: String,
	expires_in: u64,
	device: Device,
}

impl Oauth {
	pub(crate) async fn new() -> Self {
		let mut oauth = Self::default();
		oauth.login().await;
		oauth
	}
	pub(crate) fn default() -> Self {
		// Generate a device to spoof
		let device = Device::new();
		let headers_map = device.headers.clone();
		let initial_headers = device.initial_headers.clone();
		// For now, just insert headers - no token request
		Self {
			headers_map,
			initial_headers,
			token: String::new(),
			expires_in: 0,
			device,
		}
	}
	async fn login(&mut self) -> Option<()> {
		// Construct URL for OAuth token
		let url = format!("{AUTH_ENDPOINT}/api/access_token");
		let mut builder = Request::builder().method(Method::POST).uri(&url);

		// Add headers from spoofed client
		for (key, value) in &self.initial_headers {
			builder = builder.header(key, value);
		}
		// Set up HTTP Basic Auth - basically just the const OAuth ID's with no password,
		// Base64-encoded. https://en.wikipedia.org/wiki/Basic_access_authentication
		// This could be constant, but I don't think it's worth it. OAuth ID's can change
		// over time and we want to be flexible.
		let auth = general_purpose::STANDARD.encode(format!("{}:", self.device.oauth_id));
		builder = builder.header("Authorization", format!("Basic {auth}"));

		// Set JSON body. I couldn't tell you what this means. But that's what the client sends
		let json = json!({
				"scopes": ["*","email"]
		});
		let body = Body::from(json.to_string());

		// Build request
		let request = builder.body(body).unwrap();

		// Send request
		let client: client::Client<_, Body> = CLIENT.clone();
		let resp = client.request(request).await.ok()?;

		// Parse headers - loid header _should_ be saved sent on subsequent token refreshes.
		// Technically it's not needed, but it's easy for Reddit API to check for this.
		// It's some kind of header that uniquely identifies the device.
		if let Some(header) = resp.headers().get("x-reddit-loid") {
			self.headers_map.insert("x-reddit-loid".to_owned(), header.to_str().ok()?.to_string());
		}

		// Same with x-reddit-session
		if let Some(header) = resp.headers().get("x-reddit-session") {
			self.headers_map.insert("x-reddit-session".to_owned(), header.to_str().ok()?.to_string());
		}

		// Serialize response
		let body_bytes = hyper::body::to_bytes(resp.into_body()).await.ok()?;
		let json: serde_json::Value = serde_json::from_slice(&body_bytes).ok()?;

		// Save token and expiry
		self.token = json.get("access_token")?.as_str()?.to_string();
		self.expires_in = json.get("expires_in")?.as_u64()?;
		self.headers_map.insert("Authorization".to_owned(), format!("Bearer {}", self.token));

		info!("[✅] Success - Retrieved token \"{}...\", expires in {}", &self.token[..32], self.expires_in);

		Some(())
	}
}

pub async fn token_daemon() {
	// Monitor for refreshing token
	loop {
		// Get expiry time - be sure to not hold the read lock
		let expires_in = { OAUTH_CLIENT.load_full().expires_in };

		// sleep for the expiry time minus 2 minutes
		let duration = Duration::from_secs(expires_in - 120);

		info!("[⏳] Waiting for {duration:?} seconds before refreshing OAuth token...");

		tokio::time::sleep(duration).await;

		info!("[⌛] {duration:?} Elapsed! Refreshing OAuth token...");

		// Refresh token - in its own scope
		{
			force_refresh_token().await;
		}
	}
}

pub async fn force_refresh_token() {
	if OAUTH_IS_ROLLING_OVER.compare_exchange(false, true, Ordering::SeqCst, Ordering::SeqCst).is_err() {
		trace!("Skipping refresh token roll over, already in progress");
		return;
	}

	trace!("Rolling over refresh token. Current rate limit: {}", OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst));
	let new_client = Oauth::new().await;
	OAUTH_CLIENT.swap(new_client.into());
	OAUTH_RATELIMIT_REMAINING.store(99, Ordering::SeqCst);
	OAUTH_IS_ROLLING_OVER.store(false, Ordering::SeqCst);
}

#[derive(Debug, Clone, Default)]
struct Device {
	oauth_id: String,
	initial_headers: HashMap<String, String>,
	headers: HashMap<String, String>,
}

impl Device {
	fn android() -> Self {
		// Generate uuid
		let uuid = uuid::Uuid::new_v4().to_string();

		// Generate random user-agent
		let android_app_version = choose(ANDROID_APP_VERSION_LIST).to_string();
		let android_version = fastrand::u8(9..=14);

		let android_user_agent = format!("Reddit/{android_app_version}/Android {android_version}");

		// Android device headers
		let headers = HashMap::from([
			("Client-Vendor-Id".into(), uuid.clone()),
			("X-Reddit-Device-Id".into(), uuid.clone()),
			("User-Agent".into(), android_user_agent),
		]);

		info!("[🔄] Spoofing Android client with headers: {headers:?}, uuid: \"{uuid}\", and OAuth ID \"{REDDIT_ANDROID_OAUTH_CLIENT_ID}\"");

		Self {
			oauth_id: REDDIT_ANDROID_OAUTH_CLIENT_ID.to_string(),
			headers: headers.clone(),
			initial_headers: headers,
		}
	}
	fn new() -> Self {
		// See https://github.com/redlib-org/redlib/issues/8
		Self::android()
	}
}

fn choose<T: Copy>(list: &[T]) -> T {
	*fastrand::choose_multiple(list.iter(), 1)[0]
}

#[tokio::test(flavor = "multi_thread")]
async fn test_oauth_client() {
	assert!(!OAUTH_CLIENT.load_full().token.is_empty());
}

#[tokio::test(flavor = "multi_thread")]
async fn test_oauth_client_refresh() {
	force_refresh_token().await;
}
#[tokio::test(flavor = "multi_thread")]
async fn test_oauth_token_exists() {
	assert!(!OAUTH_CLIENT.load_full().token.is_empty());
}

#[tokio::test(flavor = "multi_thread")]
async fn test_oauth_headers_len() {
	assert!(OAUTH_CLIENT.load_full().headers_map.len() >= 3);
}

#[test]
fn test_creating_device() {
	Device::new();
}
feat(oauth): roll over oauth key on rate limit 2024-06-27 11:19:30 +12:00			`use std::{collections::HashMap, sync::atomic::Ordering, time::Duration};`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`use crate::{`
fix(oauth): atomics to avoid simultaneous token rollover 2024-06-28 15:26:31 +12:00			`client::{CLIENT, OAUTH_CLIENT, OAUTH_IS_ROLLING_OVER, OAUTH_RATELIMIT_REMAINING},`
Update oauth.rs to use Android client only (fixes #8) 2023-12-31 11:28:19 +13:00			`oauth_resources::ANDROID_APP_VERSION_LIST,`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`};`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`use base64::{engine::general_purpose, Engine as _};`
			`use hyper::{client, Body, Method, Request};`
feat(oauth): roll over oauth key on rate limit 2024-06-27 11:19:30 +12:00			`use log::{info, trace};`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`use serde_json::json;`

			`static REDDIT_ANDROID_OAUTH_CLIENT_ID: &str = "ohXpoqrZYub1kg";`

			`static AUTH_ENDPOINT: &str = "https://accounts.reddit.com";`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
Update oauth.rs to use Android client only (fixes #8) 2023-12-31 11:28:19 +13:00			`// Spoofed client for Android devices`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00			`#[derive(Debug, Clone, Default)]`
Minor stylistic changes 2023-12-29 06:42:06 +13:00			`pub struct Oauth {`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`pub(crate) initial_headers: HashMap<String, String>,`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`pub(crate) headers_map: HashMap<String, String>,`
			`pub(crate) token: String,`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`expires_in: u64,`
			`device: Device,`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`}`

			`impl Oauth {`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00			`pub(crate) async fn new() -> Self {`
Minor stylistic changes 2023-12-29 06:42:06 +13:00			`let mut oauth = Self::default();`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00			`oauth.login().await;`
			`oauth`
			`}`
			`pub(crate) fn default() -> Self {`
Update oauth.rs to use Android client only (fixes #8) 2023-12-31 11:28:19 +13:00			`// Generate a device to spoof`
			`let device = Device::new();`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`let headers_map = device.headers.clone();`
			`let initial_headers = device.initial_headers.clone();`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`// For now, just insert headers - no token request`
Minor stylistic changes 2023-12-29 06:42:06 +13:00			`Self {`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`headers_map,`
			`initial_headers,`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`token: String::new(),`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`expires_in: 0,`
			`device,`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`}`
			`}`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`async fn login(&mut self) -> Option<()> {`
			`// Construct URL for OAuth token`
Add many Clippy's, fix many Clippy's 2024-01-20 14:16:17 +13:00			`let url = format!("{AUTH_ENDPOINT}/api/access_token");`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`let mut builder = Request::builder().method(Method::POST).uri(&url);`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Add headers from spoofed client`
Add many Clippy's, fix many Clippy's 2024-01-20 14:16:17 +13:00			`for (key, value) in &self.initial_headers {`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`builder = builder.header(key, value);`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`}`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`// Set up HTTP Basic Auth - basically just the const OAuth ID's with no password,`
			`// Base64-encoded. https://en.wikipedia.org/wiki/Basic_access_authentication`
			`// This could be constant, but I don't think it's worth it. OAuth ID's can change`
			`// over time and we want to be flexible.`
			`let auth = general_purpose::STANDARD.encode(format!("{}:", self.device.oauth_id));`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`builder = builder.header("Authorization", format!("Basic {auth}"));`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Set JSON body. I couldn't tell you what this means. But that's what the client sends`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`let json = json!({`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`"scopes": ["*","email"]`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`});`
			`let body = Body::from(json.to_string());`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Build request`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`let request = builder.body(body).unwrap();`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Send request`
Add many Clippy's, fix many Clippy's 2024-01-20 14:16:17 +13:00			`let client: client::Client<_, Body> = CLIENT.clone();`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`let resp = client.request(request).await.ok()?;`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Parse headers - loid header _should_ be saved sent on subsequent token refreshes.`
			`// Technically it's not needed, but it's easy for Reddit API to check for this.`
			`// It's some kind of header that uniquely identifies the device.`
			`if let Some(header) = resp.headers().get("x-reddit-loid") {`
			`self.headers_map.insert("x-reddit-loid".to_owned(), header.to_str().ok()?.to_string());`
			`}`

Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`// Same with x-reddit-session`
			`if let Some(header) = resp.headers().get("x-reddit-session") {`
			`self.headers_map.insert("x-reddit-session".to_owned(), header.to_str().ok()?.to_string());`
			`}`

Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`// Serialize response`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`let body_bytes = hyper::body::to_bytes(resp.into_body()).await.ok()?;`
			`let json: serde_json::Value = serde_json::from_slice(&body_bytes).ok()?;`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Save token and expiry`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`self.token = json.get("access_token")?.as_str()?.to_string();`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`self.expires_in = json.get("expires_in")?.as_u64()?;`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`self.headers_map.insert("Authorization".to_owned(), format!("Bearer {}", self.token));`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`info!("[✅] Success - Retrieved token \"{}...\", expires in {}", &self.token[..32], self.expires_in);`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`Some(())`
			`}`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`}`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00
Minor stylistic changes 2023-12-29 06:42:06 +13:00			`pub async fn token_daemon() {`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`// Monitor for refreshing token`
			`loop {`
			`// Get expiry time - be sure to not hold the read lock`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`let expires_in = { OAUTH_CLIENT.load_full().expires_in };`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// sleep for the expiry time minus 2 minutes`
			`let duration = Duration::from_secs(expires_in - 120);`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`info!("[⏳] Waiting for {duration:?} seconds before refreshing OAuth token...");`
Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`tokio::time::sleep(duration).await;`

Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`info!("[⌛] {duration:?} Elapsed! Refreshing OAuth token...");`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00
			`// Refresh token - in its own scope`
			`{`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`force_refresh_token().await;`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`}`
			`}`
			`}`
Add check for unauthorized - refresh token 2024-01-28 17:31:21 +13:00
			`pub async fn force_refresh_token() {`
chore(clippy): fix lint 2024-06-28 15:34:27 +12:00			`if OAUTH_IS_ROLLING_OVER.compare_exchange(false, true, Ordering::SeqCst, Ordering::SeqCst).is_err() {`
fix(oauth): handle extremely rare race condition by atomically compare_exchanging 2024-06-28 15:32:17 +12:00			`trace!("Skipping refresh token roll over, already in progress");`
			`return;`
			`}`

fix(oauth): strengthen sync guarantees 2024-06-27 15:41:26 +12:00			`trace!("Rolling over refresh token. Current rate limit: {}", OAUTH_RATELIMIT_REMAINING.load(Ordering::SeqCst));`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`let new_client = Oauth::new().await;`
			`OAUTH_CLIENT.swap(new_client.into());`
fix(oauth): atomics to avoid simultaneous token rollover 2024-06-28 15:26:31 +12:00			`OAUTH_RATELIMIT_REMAINING.store(99, Ordering::SeqCst);`
			`OAUTH_IS_ROLLING_OVER.store(false, Ordering::SeqCst);`
Add check for unauthorized - refresh token 2024-01-28 17:31:21 +13:00			`}`

Improve OAuth refresh, logging 2023-06-09 06:33:54 +12:00			`#[derive(Debug, Clone, Default)]`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`struct Device {`
			`oauth_id: String,`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`initial_headers: HashMap<String, String>,`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`headers: HashMap<String, String>,`
			`}`

			`impl Device {`
			`fn android() -> Self {`
Documentation 2023-06-07 07:26:31 +12:00			`// Generate uuid`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`let uuid = uuid::Uuid::new_v4().to_string();`
Documentation 2023-06-07 07:26:31 +12:00
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`// Generate random user-agent`
			`let android_app_version = choose(ANDROID_APP_VERSION_LIST).to_string();`
			`let android_version = fastrand::u8(9..=14);`

			`let android_user_agent = format!("Reddit/{android_app_version}/Android {android_version}");`
Documentation 2023-06-07 07:26:31 +12:00
			`// Android device headers`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`let headers = HashMap::from([`
			`("Client-Vendor-Id".into(), uuid.clone()),`
			`("X-Reddit-Device-Id".into(), uuid.clone()),`
			`("User-Agent".into(), android_user_agent),`
			`]);`
Documentation 2023-06-07 07:26:31 +12:00
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`info!("[🔄] Spoofing Android client with headers: {headers:?}, uuid: \"{uuid}\", and OAuth ID \"{REDDIT_ANDROID_OAUTH_CLIENT_ID}\"");`
Documentation 2023-06-07 07:26:31 +12:00
Minor stylistic changes 2023-12-29 06:42:06 +13:00			`Self {`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`oauth_id: REDDIT_ANDROID_OAUTH_CLIENT_ID.to_string(),`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`headers: headers.clone(),`
			`initial_headers: headers,`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`}`
			`}`
Update oauth.rs to use Android client only (fixes #8) 2023-12-31 11:28:19 +13:00			`fn new() -> Self {`
			`// See https://github.com/redlib-org/redlib/issues/8`
			`Self::android()`
Improve spoofing of devices, handle token refreshes 2023-06-07 07:05:20 +12:00			`}`
Initial PoC of spoofing Android OAuth 2023-06-06 12:31:25 +12:00			`}`
Add tests to check fetching sub/user/oauth 2023-06-07 07:28:36 +12:00
Abstract out random choosing 2023-06-09 08:27:36 +12:00			`fn choose<T: Copy>(list: &[T]) -> T {`
Fix clippy warning 2023-12-27 17:15:06 +13:00			`*fastrand::choose_multiple(list.iter(), 1)[0]`
Abstract out random choosing 2023-06-09 08:27:36 +12:00			`}`

Change Tokio tests - fix GHA runner (again) 2023-12-31 15:33:27 +13:00			`#[tokio::test(flavor = "multi_thread")]`
Add tests to check fetching sub/user/oauth 2023-06-07 07:28:36 +12:00			`async fn test_oauth_client() {`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`assert!(!OAUTH_CLIENT.load_full().token.is_empty());`
Add tests to check fetching sub/user/oauth 2023-06-07 07:28:36 +12:00			`}`

Change Tokio tests - fix GHA runner (again) 2023-12-31 15:33:27 +13:00			`#[tokio::test(flavor = "multi_thread")]`
Add tests to check fetching sub/user/oauth 2023-06-07 07:28:36 +12:00			`async fn test_oauth_client_refresh() {`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`force_refresh_token().await;`
Add tests to check fetching sub/user/oauth 2023-06-07 07:28:36 +12:00			`}`
Change Tokio tests - fix GHA runner (again) 2023-12-31 15:33:27 +13:00			`#[tokio::test(flavor = "multi_thread")]`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`async fn test_oauth_token_exists() {`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`assert!(!OAUTH_CLIENT.load_full().token.is_empty());`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`}`

Change Tokio tests - fix GHA runner (again) 2023-12-31 15:33:27 +13:00			`#[tokio::test(flavor = "multi_thread")]`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`async fn test_oauth_headers_len() {`
fix(oauth): arc_swap 2024-06-29 10:14:47 +12:00			`assert!(OAUTH_CLIENT.load_full().headers_map.len() >= 3);`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`}`

			`#[test]`
			`fn test_creating_device() {`
Update oauth.rs to use Android client only (fixes #8) 2023-12-31 11:28:19 +13:00			`Device::new();`
Improve spoofing - match headers more closely, pull in real versions/builds 2023-12-29 09:37:02 +13:00			`}`