From 5789739f042791d38f0d7f4219e5b0b823d8b3d6 Mon Sep 17 00:00:00 2001
From: Stefan Boberg <stefan.boberg@epicgames.com>
Date: Fri, 20 Feb 2026 09:07:00 +0100
Subject: fix MakeSafeAbsolutePathInPlace mis-spelling (#765)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

(was MakeSafeAbsolutePathÍnPlace - note accent)

Also fixed misleading comments on multiple functions in filesystem.h
---
 src/zen/authutils.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/zen/authutils.cpp')

diff --git a/src/zen/authutils.cpp b/src/zen/authutils.cpp
index 31db82efd..16427acf5 100644
--- a/src/zen/authutils.cpp
+++ b/src/zen/authutils.cpp
@@ -233,7 +233,7 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 	}
 	else if (!m_AccessTokenPath.empty())
 	{
-		MakeSafeAbsolutePathÍnPlace(m_AccessTokenPath);
+		MakeSafeAbsolutePathInPlace(m_AccessTokenPath);
 		std::string ResolvedAccessToken = ReadAccessTokenFromJsonFile(m_AccessTokenPath);
 		if (!ResolvedAccessToken.empty())
 		{
-- 
cgit v1.2.3


From 6926c04dc4d7c5c0f0310b66c17c9a4e94d2e341 Mon Sep 17 00:00:00 2001
From: Dan Engelbrecht <dan.engelbrecht@epicgames.com>
Date: Wed, 4 Mar 2026 16:07:14 +0100
Subject: more feedback during auth option parsing (#806)

* remove stray std::unique_ptr<AuthMgr> Auth; causing crashes
* add more feedback during parsing of auth options
---
 src/zen/authutils.cpp | 80 ++++++++++++++++++++++++++++++++-------------------
 1 file changed, 50 insertions(+), 30 deletions(-)

(limited to 'src/zen/authutils.cpp')

diff --git a/src/zen/authutils.cpp b/src/zen/authutils.cpp
index 16427acf5..23ac70965 100644
--- a/src/zen/authutils.cpp
+++ b/src/zen/authutils.cpp
@@ -154,21 +154,34 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 		ZEN_ASSERT(!SystemRootDir.empty());
 		if (!Auth)
 		{
-			if (m_EncryptionKey.empty())
+			static const std::string_view DefaultEncryptionKey("abcdefghijklmnopqrstuvxyz0123456");
+			static const std::string_view DefaultEncryptionIV("0123456789abcdef");
+			if (m_EncryptionKey.empty() && m_EncryptionIV.empty())
 			{
-				m_EncryptionKey = "abcdefghijklmnopqrstuvxyz0123456";
+				m_EncryptionKey = DefaultEncryptionKey;
+				m_EncryptionIV	= DefaultEncryptionIV;
 				if (!Quiet)
 				{
-					ZEN_CONSOLE_WARN("Using default encryption key");
+					ZEN_CONSOLE_WARN("Auth: Using default encryption key and initialization vector for auth storage");
 				}
 			}
-
-			if (m_EncryptionIV.empty())
+			else
 			{
-				m_EncryptionIV = "0123456789abcdef";
-				if (!Quiet)
+				if (m_EncryptionKey.empty())
+				{
+					m_EncryptionKey = DefaultEncryptionKey;
+					if (!Quiet)
+					{
+						ZEN_CONSOLE_WARN("Auth: Using default encryption key for auth storage");
+					}
+				}
+				if (m_EncryptionIV.empty())
 				{
-					ZEN_CONSOLE_WARN("Using default encryption initialization vector");
+					m_EncryptionIV = DefaultEncryptionIV;
+					if (!Quiet)
+					{
+						ZEN_CONSOLE_WARN("Auth: Using default encryption initialization vector for auth storage");
+					}
 				}
 			}
 
@@ -187,9 +200,9 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 			{
 				ExtendableStringBuilder<128> SB;
 				SB << "\n    RootDirectory: " << AuthMgrConfig.RootDirectory.string();
-				SB << "\n    EncryptionKey: " << m_EncryptionKey;
-				SB << "\n    EncryptionIV:  " << m_EncryptionIV;
-				ZEN_CONSOLE("Creating auth manager with:{}", SB.ToString());
+				SB << "\n    EncryptionKey: " << HideSensitiveString(m_EncryptionKey);
+				SB << "\n    EncryptionIV:  " << HideSensitiveString(m_EncryptionIV);
+				ZEN_CONSOLE("Auth: Creating auth manager with:{}", SB.ToString());
 			}
 			Auth = AuthMgr::Create(AuthMgrConfig);
 		}
@@ -204,13 +217,18 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 			ExtendableStringBuilder<128> SB;
 			SB << "\n    Name:     " << ProviderName;
 			SB << "\n    Url:      " << m_OpenIdProviderUrl;
-			SB << "\n    ClientId: " << m_OpenIdClientId;
-			ZEN_CONSOLE("Adding openid auth provider:{}", SB.ToString());
+			SB << "\n    ClientId: " << HideSensitiveString(m_OpenIdClientId);
+			ZEN_CONSOLE("Auth: Adding Open ID auth provider:{}", SB.ToString());
 		}
 		Auth->AddOpenIdProvider({.Name = ProviderName, .Url = m_OpenIdProviderUrl, .ClientId = m_OpenIdClientId});
 		if (!m_OpenIdRefreshToken.empty())
 		{
-			ZEN_CONSOLE("Adding open id refresh token {} to provider {}", m_OpenIdRefreshToken, ProviderName);
+			if (!Quiet)
+			{
+				ZEN_CONSOLE("Auth: Adding open id refresh token {} to provider {}",
+							HideSensitiveString(m_OpenIdRefreshToken),
+							ProviderName);
+			}
 			Auth->AddOpenIdToken({.ProviderName = ProviderName, .RefreshToken = m_OpenIdRefreshToken});
 		}
 	}
@@ -225,9 +243,9 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 
 	if (!m_AccessToken.empty())
 	{
-		if (Verbose)
+		if (!Quiet)
 		{
-			ZEN_CONSOLE("Adding static auth token: {}", m_AccessToken);
+			ZEN_CONSOLE("Auth: Using static auth token: {}", HideSensitiveString(m_AccessToken));
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(m_AccessToken);
 	}
@@ -237,9 +255,9 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 		std::string ResolvedAccessToken = ReadAccessTokenFromJsonFile(m_AccessTokenPath);
 		if (!ResolvedAccessToken.empty())
 		{
-			if (Verbose)
+			if (!Quiet)
 			{
-				ZEN_CONSOLE("Adding static auth token from {}: {}", m_AccessTokenPath, ResolvedAccessToken);
+				ZEN_CONSOLE("Auth: Adding static auth token from {}: {}", m_AccessTokenPath, HideSensitiveString(ResolvedAccessToken));
 			}
 			ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(ResolvedAccessToken);
 		}
@@ -250,9 +268,9 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 		{
 			ExtendableStringBuilder<128> SB;
 			SB << "\n    Url:          " << m_OAuthUrl;
-			SB << "\n    ClientId:     " << m_OAuthClientId;
-			SB << "\n    ClientSecret: " << m_OAuthClientSecret;
-			ZEN_CONSOLE("Adding oauth provider:{}", SB.ToString());
+			SB << "\n    ClientId:     " << HideSensitiveString(m_OAuthClientId);
+			SB << "\n    ClientSecret: " << HideSensitiveString(m_OAuthClientSecret);
+			ZEN_CONSOLE("Auth: Adding oauth provider:{}", SB.ToString());
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromOAuthClientCredentials(
 			{.Url = m_OAuthUrl, .ClientId = m_OAuthClientId, .ClientSecret = m_OAuthClientSecret});
@@ -260,25 +278,27 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 	else if (!m_OpenIdProviderName.empty())
 	{
 		CreateAuthMgr();
-		if (Verbose)
+		if (!Quiet)
 		{
-			ZEN_CONSOLE("Using openid provider: {}", m_OpenIdProviderName);
+			ZEN_CONSOLE("Auth: Using OpenId provider: {}", m_OpenIdProviderName);
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromOpenIdProvider(*Auth, m_OpenIdProviderName);
 	}
 	else if (std::string ResolvedAccessToken = GetEnvAccessToken(m_AccessTokenEnv); !ResolvedAccessToken.empty())
 	{
-		if (Verbose)
+		if (!Quiet)
 		{
-			ZEN_CONSOLE("Using environment variable '{}' as access token '{}'", m_AccessTokenEnv, ResolvedAccessToken);
+			ZEN_CONSOLE("Auth: Resolved environment variable '{}' to access token '{}'",
+						m_AccessTokenEnv,
+						HideSensitiveString(ResolvedAccessToken));
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(ResolvedAccessToken);
 	}
-	else if (std::filesystem::path OidcTokenExePath = FindOidcTokenExePath(m_OidcTokenAuthExecutablePath); !OidcTokenExePath.empty())
+	else if (std::filesystem::path OidcTokenExePath = FindOidcTokenExePath(m_OidcTokenAuthExecutablePath); OidcTokenExePath.empty())
 	{
-		if (Verbose)
+		if (!Quiet)
 		{
-			ZEN_CONSOLE("Running oidctoken exe from path '{}'", m_OidcTokenAuthExecutablePath);
+			ZEN_CONSOLE("Auth: Using oidctoken exe from path '{}'", OidcTokenExePath);
 		}
 		ClientSettings.AccessTokenProvider =
 			httpclientauth::CreateFromOidcTokenExecutable(OidcTokenExePath, HostUrl, Quiet, m_OidcTokenUnattended, Hidden);
@@ -291,9 +311,9 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 	if (!ClientSettings.AccessTokenProvider)
 	{
 		CreateAuthMgr();
-		if (Verbose)
+		if (!Quiet)
 		{
-			ZEN_CONSOLE("Using default openid provider");
+			ZEN_CONSOLE("Auth: Using default Open ID provider");
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromDefaultOpenIdProvider(*Auth);
 	}
-- 
cgit v1.2.3


From 2275a88da7d0dbcfbc70c6050b7a1417036ea98d Mon Sep 17 00:00:00 2001
From: Dan Engelbrecht <dan.engelbrecht@epicgames.com>
Date: Fri, 6 Mar 2026 07:45:02 +0100
Subject: fix oidctoken exe lookup check (#811)

---
 src/zen/authutils.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/zen/authutils.cpp')

diff --git a/src/zen/authutils.cpp b/src/zen/authutils.cpp
index 23ac70965..534f7952b 100644
--- a/src/zen/authutils.cpp
+++ b/src/zen/authutils.cpp
@@ -294,7 +294,7 @@ AuthCommandLineOptions::ParseOptions(cxxopts::Options&			  Ops,
 		}
 		ClientSettings.AccessTokenProvider = httpclientauth::CreateFromStaticToken(ResolvedAccessToken);
 	}
-	else if (std::filesystem::path OidcTokenExePath = FindOidcTokenExePath(m_OidcTokenAuthExecutablePath); OidcTokenExePath.empty())
+	else if (std::filesystem::path OidcTokenExePath = FindOidcTokenExePath(m_OidcTokenAuthExecutablePath); !OidcTokenExePath.empty())
 	{
 		if (!Quiet)
 		{
-- 
cgit v1.2.3