Self-heal expired Google cookies natively + alert on dead platforms#74
Merged
Conversation
Two changes that together stop the recurring "SMS silently stopped
syncing N days ago" failure without any manual cookie surgery.
1. Native in-process Google cookie refresh (internal/googlecookies).
When the Google Messages session's cookies expire (HTTP 401 on token
refresh), the reconnect watchdog can now rewrite auth_data.cookies
from the user's signed-in Chrome profile and reconnect — no external
script, no Python, no re-pairing. Previously this only worked if the
operator had wired OPENMESSAGE_COOKIE_REFRESH_SCRIPT (never set on the
macOS app), so an expired session just parked as needs_repair.
- Reads the Chrome Safe Storage key from the login keychain (macOS),
derives the AES-128-CBC key (PBKDF2-HMAC-SHA1), decrypts cookies,
handles the Chrome 130+ SHA256(host) plaintext prefix, and picks the
highest-priority host per cookie name.
- Snapshots the cookie DB (+WAL) before reading so freshly rotated
cookies are visible even while Chrome holds the live file.
- serve.go's refreshGoogleSessionCookies now falls back to this native
path when no script is configured; canRefreshGoogleCookies() gates
planGoogleReconnect so a recoverable session refreshes instead of
parking. darwin-only for now (Linux keeps the script path).
- Verified end-to-end against the real Chrome profile: 52 cookies
written, all 6 required session cookies present, other session
fields preserved.
2. Health notifications (NotificationManager.swift). The app now alerts
once, on the rising edge, when Google Messages flips to needs_repair
or WhatsApp logs out — re-arming after recovery. The motivating
failure was Google going stale for 15 days with no signal beyond a
subtle in-app badge. Checked on both the status SSE event and the
post-reconnect catch-up so a flag flip isn't missed while the stream
is down.
Also ships scripts/refresh-google-session-cookies-macos.py as the macOS
reference implementation / OPENMESSAGE_COOKIE_REFRESH_SCRIPT override,
mirroring the existing Linux script.
Tests: new googlecookies unit tests (decrypt round-trip incl. host-hash
prefix, session-field preservation, required-cookie enforcement, host
priority); serve_test updated for the new signature. go build/vet/test
green; swift build green.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Max's Google Messages (SMS/RCS) sync has repeatedly died silently. The session cookies Google issues rotate ~30 min; when the backend is offline long enough (sleep, travel), they expire and every token refresh returns
HTTP 401. Today that parks the session asneeds_repairand waits for a manual cookie-surgery re-pair — which is exactly the ordeal documented indocs/agent-runbook.md. In the latest incident the session was stale for 15 days with no notification.The reconnect watchdog already had a self-heal path (
OPENMESSAGE_COOKIE_REFRESH_SCRIPT), but it was never wired on the macOS app, and the only implementation was Linux/KWallet-specific.Changes
1. Native in-process cookie refresh —
internal/googlecookiesNo external script, no Python, no re-pair. When cookies expire, the watchdog rewrites
auth_data.cookiesfrom the signed-in Chrome profile and reconnects.SHA256(host)plaintext prefix; highest-priority host wins per cookie name.refreshGoogleSessionCookiesfalls back to the native path when no script is set;canRefreshGoogleCookies()gatesplanGoogleReconnectso a recoverable session refreshes instead of parking.Verified end-to-end against the real Chrome profile: 52 cookies written, all 6 required session cookies present,
phone_id/tachyon_tokenpreserved, stale cookies dropped.2. Health notifications —
NotificationManager.swiftAlerts once, on the rising edge, when Google Messages flips to
needs_repairor WhatsApp logs out; re-arms after recovery. Checked on both thestatusSSE event and the post-reconnect catch-up, so a flag flip isn't missed while the stream is down. This is the piece that would have surfaced the 15-day outage on day one.3.
scripts/refresh-google-session-cookies-macos.pymacOS reference implementation /
OPENMESSAGE_COOKIE_REFRESH_SCRIPToverride, mirroring the existing Linux script (keychain instead of KWallet,opensslfor AES so it ships dependency-free).Testing
internal/googlecookiesunit tests: decrypt round-trip (incl. host-hash prefix), non-v10 passthrough, session-field preservation, required-cookie enforcement, host-priority dedup.serve_test.goupdated for the new signature; native path made deterministic viaOPENMESSAGE_CHROME_PROFILE.go build/go vet/go test ./...green;swift buildgreen.Notes
🤖 Generated with Claude Code