From de6b1ada5df0606202bac4ddd1e0348ad5fe552b Mon Sep 17 00:00:00 2001
From: jyy <jyy@woowahan.com>
Date: Tue, 27 Jan 2026 13:39:38 +0900
Subject: [PATCH] fix: case-insensitive auth_method comparison for IDC tokens

The background refresher was skipping token files with auth_method values
like 'IdC' or 'IDC' because the comparison was case-sensitive and only
matched lowercase 'idc'.

This fix normalizes the auth_method to lowercase before comparison in:
- token_repository.go: readTokenFile() when filtering tokens to refresh
- background_refresh.go: refreshSingle() when selecting refresh method

Fixes the issue where 'IdC' != 'idc' caused tokens to be skipped entirely.
---
 internal/auth/kiro/background_refresh.go | 8 ++++++--
 internal/auth/kiro/token_repository.go   | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/internal/auth/kiro/background_refresh.go b/internal/auth/kiro/background_refresh.go
index 1203ff47..bd1f048f 100644
--- a/internal/auth/kiro/background_refresh.go
+++ b/internal/auth/kiro/background_refresh.go
@@ -3,6 +3,7 @@ package kiro
 import (
 	"context"
 	"log"
+	"strings"
 	"sync"
 	"time"
 
@@ -58,7 +59,7 @@ type BackgroundRefresher struct {
 	wg               sync.WaitGroup
 	oauth            *KiroOAuth
 	ssoClient        *SSOOIDCClient
-	callbackMu       sync.RWMutex                                    // 保护回调函数的并发访问
+	callbackMu       sync.RWMutex                                   // 保护回调函数的并发访问
 	onTokenRefreshed func(tokenID string, tokenData *KiroTokenData) // 刷新成功回调
 }
 
@@ -163,7 +164,10 @@ func (r *BackgroundRefresher) refreshSingle(ctx context.Context, token *Token) {
 	var newTokenData *KiroTokenData
 	var err error
 
-	switch token.AuthMethod {
+	// Normalize auth method to lowercase for case-insensitive matching
+	authMethod := strings.ToLower(token.AuthMethod)
+
+	switch authMethod {
 	case "idc":
 		newTokenData, err = r.ssoClient.RefreshTokenWithRegion(
 			ctx,
diff --git a/internal/auth/kiro/token_repository.go b/internal/auth/kiro/token_repository.go
index f7ed76a8..815f1827 100644
--- a/internal/auth/kiro/token_repository.go
+++ b/internal/auth/kiro/token_repository.go
@@ -187,8 +187,9 @@ func (r *FileTokenRepository) readTokenFile(path string) (*Token, error) {
 		return nil, nil
 	}
 
-	// 检查 auth_method
+	// 检查 auth_method (case-insensitive comparison to handle "IdC", "IDC", "idc", etc.)
 	authMethod, _ := metadata["auth_method"].(string)
+	authMethod = strings.ToLower(authMethod)
 	if authMethod != "idc" && authMethod != "builder-id" {
 		return nil, nil // 只处理 IDC 和 Builder ID token
 	}