diff --git a/AGENTS.md b/AGENTS.md
index b6bc1ef..7511243 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -26,3 +26,19 @@ BeatSaverDownloader, BeatSaverUpdater, BSML, BS_Utils, PlaylistManager, SiraUtil
- Plugin projects are .NET Framework 4.7.2 class libraries loaded by BSIPA; builds are CIL — Linux `dotnet build` output is valid for the Proton game instance.
- Point `BeatSaberDir` / game references at the BSManager instance path above when editing project user files or HintPaths.
+- **Plugin version bump on compile:** Whenever you run `dotnet build` on `Setlist/` as part of agent work, increment the **patch** segment (the `z` in `0.0.z`) in both `Setlist/manifest.json` (`version`) and `Setlist/Properties/AssemblyInfo.cs` (`AssemblyVersion` / `AssemblyFileVersion` as `0.0.z.0`) **before** that build so IPA’s `Setlist (Setlist): …` log line matches the new artifact. Skip bumping if you only build to reproduce a compile error without changing shipped bits (then fix and bump once before the successful build).
+
+## Smoketest (run game, check plugin log)
+
+Use this on the host when you need to verify the Setlist plugin after a build (full env + `steam-run` line is in `docs/notes.md` under Testing).
+
+Session / display: On Plasma + Wayland, the shell should have a sensible `DISPLAY` (often `:0`), `WAYLAND_DISPLAY` (e.g. `wayland-0`), and `XDG_RUNTIME_DIR` (e.g. `/run/user/$UID`). If they are empty, set them to match the logged-in desktop session before launching.
+
+Launch (important): Wrap the `steam-run` … `proton` … `Beat Saber.exe` … `--no-yeet fpfc` invocation in `timeout 20`–`timeout 30` and run it in the foreground (stdin/stdout attached). In Cursor’s integrated terminal, the same command started with `&` in the background has been observed to exit immediately (only Proton `fsync` in capture, no new `_latest.log` lines). A short foreground `timeout` keeps the Proton/game tree alive long enough to boot.
+
+1. `cd` to the BSManager instance path, export vars from `docs/notes.md` (and display vars above if needed).
+2. Run e.g. `timeout 25 steam-run …/proton run …/Beat Saber.exe --no-yeet fpfc` (optionally `2>&1 | tee /tmp/bs-smoke.log`). Expect Setlist lines in `Logs/_latest.log` within ~15 seconds of a successful boot.
+3. Confirm: `grep Setlist Logs/_latest.log | tail -1` — expect `hasSyncUrl=True, beatLeaderOwnerConfirmed=…` (or your current message shape).
+4. When done, `timeout` may already have stopped the run; if `Beat Saber.exe` / Wine is still running, kill that process tree.
+
+If `_latest.log` does not grow within ~15s of a foreground launch, treat as failure: read `/tmp/bs-smoke.log` (if used) and the timestamped file under `Logs/`, or rerun the same block from Konsole on the desktop if the IDE shell still misbehaves.
diff --git a/Setlist/BeatLeaderPlaylistOwnership.cs b/Setlist/BeatLeaderPlaylistOwnership.cs
new file mode 100644
index 0000000..cf7f976
--- /dev/null
+++ b/Setlist/BeatLeaderPlaylistOwnership.cs
@@ -0,0 +1,262 @@
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using BeatLeader.Utils;
+using Newtonsoft.Json;
+using UnityEngine;
+using UnityEngine.Networking;
+using IPALogger = IPA.Logging.Logger;
+
+namespace Setlist
+{
+ ///
+ /// Parses BeatLeader sync URLs and checks ownership via GET /user/playlists.
+ /// Reuses BeatLeader's sign-in by piggy-backing on Unity's process-wide
+ /// cookie cache (the shipped 0.9.x BeatLeader
+ /// signs in with ; cookies are global per host).
+ /// We block on BeatLeader's Authentication._signedIn via reflection so
+ /// we don't fire the request before the cookie is in the cache.
+ ///
+ internal static class BeatLeaderPlaylistOwnership
+ {
+ private const string AuthenticationTypeName = "BeatLeader.API.Authentication";
+ private const string SignedInFieldName = "_signedIn";
+ private const float LoginWaitTimeoutSeconds = 90f;
+ private const int RequestTimeoutSeconds = 30;
+
+ private sealed class UserPlaylistSummary
+ {
+ [JsonProperty("guid")]
+ public string Guid { get; set; }
+ }
+
+ internal static bool TryExtractBeatLeaderPlaylistGuid(string syncUrl, out string guid)
+ {
+ guid = string.Empty;
+ if (string.IsNullOrWhiteSpace(syncUrl))
+ {
+ return false;
+ }
+
+ if (!Uri.TryCreate(syncUrl.Trim(), UriKind.Absolute, out var uri))
+ {
+ return false;
+ }
+
+ if (!string.Equals(uri.Host, "api.beatleader.com", StringComparison.OrdinalIgnoreCase))
+ {
+ return false;
+ }
+
+ var segments = uri.AbsolutePath.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
+ if (segments.Length != 3)
+ {
+ return false;
+ }
+
+ if (!string.Equals(segments[0], "playlist", StringComparison.OrdinalIgnoreCase)
+ || !string.Equals(segments[1], "guid", StringComparison.OrdinalIgnoreCase))
+ {
+ return false;
+ }
+
+ var id = segments[2];
+ if (id.Length != 32 || !id.All(Uri.IsHexDigit))
+ {
+ return false;
+ }
+
+ guid = id;
+ return true;
+ }
+
+ ///
+ /// Spawns a hidden coroutine runner that waits for BeatLeader sign-in,
+ /// fetches /user/playlists, then logs the per-playlist ownership.
+ /// Must be called from the Unity main thread (BSIPA's OnApplicationStart is fine).
+ ///
+ internal static void ScheduleVerifyAndLog(
+ List<(string Title, bool HasSyncUrl, string BeatLeaderGuid)> entries,
+ IPALogger log)
+ {
+ var go = new GameObject("Setlist.OwnershipRunner");
+ UnityEngine.Object.DontDestroyOnLoad(go);
+ go.hideFlags = HideFlags.HideAndDontSave;
+ var runner = go.AddComponent();
+ runner.Initialize(entries, log);
+ }
+
+ ///
+ /// Component that drives the verification coroutine; self-destroys when finished.
+ ///
+ private sealed class OwnershipRunner : MonoBehaviour
+ {
+ private List<(string Title, bool HasSyncUrl, string BeatLeaderGuid)> _entries;
+ private IPALogger _log;
+
+ public void Initialize(
+ List<(string Title, bool HasSyncUrl, string BeatLeaderGuid)> entries,
+ IPALogger log)
+ {
+ _entries = entries;
+ _log = log;
+ StartCoroutine(Run());
+ }
+
+ private IEnumerator Run()
+ {
+ HashSet owned = null;
+ string failure = null;
+
+ FieldInfo signedInField;
+ try
+ {
+ signedInField = ResolveSignedInField(_log);
+ }
+ catch (Exception ex)
+ {
+ signedInField = null;
+ failure = "reflecting BeatLeader Authentication failed: " + ex.Message;
+ }
+
+ if (signedInField != null)
+ {
+ var waitedSeconds = 0f;
+ while (!IsSignedIn(signedInField))
+ {
+ if (waitedSeconds >= LoginWaitTimeoutSeconds)
+ {
+ failure = $"BeatLeader login did not complete within {LoginWaitTimeoutSeconds:F0}s; "
+ + "is the BeatLeader mod actually signing in (check BeatLeader log lines)?";
+ break;
+ }
+ yield return new WaitForSeconds(1f);
+ waitedSeconds += 1f;
+ }
+
+ if (failure == null)
+ {
+ var fetchEnumerator = FetchOwnedGuids(result =>
+ {
+ owned = result.OwnedGuids;
+ failure = result.Failure;
+ });
+ yield return StartCoroutine(fetchEnumerator);
+ }
+ }
+
+ if (owned == null && failure != null)
+ {
+ _log.Info("BeatLeader /user/playlists: " + failure);
+ }
+
+ foreach (var e in _entries)
+ {
+ _log.Info(Plugin.FormatPlaylistLogLine(e.Title, e.HasSyncUrl, e.BeatLeaderGuid, owned));
+ }
+
+ Destroy(gameObject);
+ }
+
+ private struct FetchResult
+ {
+ public HashSet OwnedGuids;
+ public string Failure;
+ }
+
+ private IEnumerator FetchOwnedGuids(Action onDone)
+ {
+ var url = BLConstants.BEATLEADER_API_URL + "/user/playlists";
+ using (var request = UnityWebRequest.Get(url))
+ {
+ request.timeout = RequestTimeoutSeconds;
+ request.SetRequestHeader("User-Agent", "Setlist/" + GetAssemblyVersion());
+
+ yield return request.SendWebRequest();
+
+ if (request.result == UnityWebRequest.Result.ConnectionError)
+ {
+ onDone(new FetchResult { Failure = "network error: " + request.error });
+ yield break;
+ }
+
+ if (request.result == UnityWebRequest.Result.ProtocolError)
+ {
+ onDone(new FetchResult
+ {
+ Failure = $"HTTP {request.responseCode} (cookie session not shared? "
+ + "check BeatLeader login completed)",
+ });
+ yield break;
+ }
+
+ var body = request.downloadHandler != null ? request.downloadHandler.text : null;
+ if (string.IsNullOrEmpty(body))
+ {
+ onDone(new FetchResult { OwnedGuids = new HashSet(StringComparer.OrdinalIgnoreCase) });
+ yield break;
+ }
+
+ HashSet set;
+ try
+ {
+ var summaries = JsonConvert.DeserializeObject>(body);
+ set = new HashSet(StringComparer.OrdinalIgnoreCase);
+ if (summaries != null)
+ {
+ foreach (var s in summaries)
+ {
+ if (!string.IsNullOrEmpty(s?.Guid))
+ {
+ set.Add(s.Guid);
+ }
+ }
+ }
+ }
+ catch (Exception ex)
+ {
+ onDone(new FetchResult { Failure = "JSON parse failed: " + ex.Message });
+ yield break;
+ }
+
+ onDone(new FetchResult { OwnedGuids = set });
+ }
+ }
+
+ private static FieldInfo ResolveSignedInField(IPALogger log)
+ {
+ var beatLeaderAssembly = typeof(BLConstants).Assembly;
+ var authType = beatLeaderAssembly.GetType(AuthenticationTypeName);
+ if (authType == null)
+ {
+ log.Info($"BeatLeader assembly has no {AuthenticationTypeName} type; cannot detect login state.");
+ return null;
+ }
+
+ var field = authType.GetField(SignedInFieldName, BindingFlags.NonPublic | BindingFlags.Static);
+ if (field == null)
+ {
+ log.Info($"{AuthenticationTypeName} has no static field '{SignedInFieldName}'; "
+ + "BeatLeader may have changed its API.");
+ return null;
+ }
+
+ return field;
+ }
+
+ private static bool IsSignedIn(FieldInfo signedInField)
+ {
+ var value = signedInField.GetValue(null);
+ return value is bool b && b;
+ }
+
+ private static string GetAssemblyVersion()
+ {
+ var asm = typeof(BeatLeaderPlaylistOwnership).Assembly;
+ return asm.GetName().Version?.ToString() ?? "0.0.0";
+ }
+ }
+ }
+}
diff --git a/Setlist/Plugin.cs b/Setlist/Plugin.cs
index 5672aa7..77d130e 100644
--- a/Setlist/Plugin.cs
+++ b/Setlist/Plugin.cs
@@ -1,4 +1,6 @@
using System;
+using System.Collections.Generic;
+using System.Linq;
using IPA;
using IPALogger = IPA.Logging.Logger;
@@ -45,15 +47,36 @@ namespace Setlist
return;
}
+ var entries = new List<(string Title, bool HasSyncUrl, string BeatLeaderGuid)>();
foreach (var playlist in playlists)
{
var hasSyncUrl = false;
+ string syncUrl = null;
if (playlist.TryGetCustomData("syncURL", out var syncObj) && syncObj is string url)
{
+ syncUrl = url;
hasSyncUrl = !string.IsNullOrWhiteSpace(url);
}
- Log.Info($"Playlist \"{playlist.Title}\": hasSyncUrl={hasSyncUrl}");
+ string blGuid = null;
+ if (hasSyncUrl && BeatLeaderPlaylistOwnership.TryExtractBeatLeaderPlaylistGuid(syncUrl, out var g))
+ {
+ blGuid = g;
+ }
+
+ entries.Add((playlist.Title, hasSyncUrl, blGuid));
+ }
+
+ if (entries.Any(e => e.BeatLeaderGuid != null))
+ {
+ BeatLeaderPlaylistOwnership.ScheduleVerifyAndLog(entries, Log);
+ }
+ else
+ {
+ foreach (var e in entries)
+ {
+ Log.Info(FormatPlaylistLogLine(e.Title, e.HasSyncUrl, e.BeatLeaderGuid, ownedGuids: null));
+ }
}
}
catch (Exception ex)
@@ -66,5 +89,36 @@ namespace Setlist
public void OnApplicationQuit()
{
}
+
+ internal static string FormatPlaylistLogLine(
+ string title,
+ bool hasSyncUrl,
+ string beatLeaderGuid,
+ HashSet ownedGuids)
+ {
+ string ownerPart;
+ if (!hasSyncUrl)
+ {
+ ownerPart = "beatLeaderOwnerConfirmed=n/a (no sync URL)";
+ }
+ else if (string.IsNullOrEmpty(beatLeaderGuid))
+ {
+ ownerPart = "beatLeaderOwnerConfirmed=n/a (sync URL is not a BeatLeader playlist)";
+ }
+ else if (ownedGuids == null)
+ {
+ ownerPart = "beatLeaderOwnerConfirmed=unknown (BeatLeader /user/playlists did not succeed; see prior log line)";
+ }
+ else if (ownedGuids.Contains(beatLeaderGuid))
+ {
+ ownerPart = "beatLeaderOwnerConfirmed=true";
+ }
+ else
+ {
+ ownerPart = "beatLeaderOwnerConfirmed=false";
+ }
+
+ return $"Playlist \"{title}\": hasSyncUrl={hasSyncUrl}, {ownerPart}";
+ }
}
}
diff --git a/Setlist/Properties/AssemblyInfo.cs b/Setlist/Properties/AssemblyInfo.cs
index e60cfb0..13c248b 100644
--- a/Setlist/Properties/AssemblyInfo.cs
+++ b/Setlist/Properties/AssemblyInfo.cs
@@ -11,5 +11,5 @@ using System.Runtime.InteropServices;
[assembly: AssemblyCulture("")]
[assembly: ComVisible(false)]
[assembly: Guid("50F53E6E-21D5-4780-8E67-273877DAA28C")]
-[assembly: AssemblyVersion("0.0.1.0")]
-[assembly: AssemblyFileVersion("0.0.1.0")]
+[assembly: AssemblyVersion("0.0.2.0")]
+[assembly: AssemblyFileVersion("0.0.2.0")]
diff --git a/Setlist/Setlist.csproj b/Setlist/Setlist.csproj
index cea99ef..a5f9fe2 100644
--- a/Setlist/Setlist.csproj
+++ b/Setlist/Setlist.csproj
@@ -45,6 +45,7 @@
+
$(BeatSaberDir)\Beat Saber_Data\Managed\Main.dll
False
@@ -85,16 +86,29 @@
$(BeatSaberDir)\Beat Saber_Data\Managed\UnityEngine.UIModule.dll
False
+
+ $(BeatSaberDir)\Beat Saber_Data\Managed\UnityEngine.UnityWebRequestModule.dll
+ False
+
$(BeatSaberDir)\Beat Saber_Data\Managed\UnityEngine.VRModule.dll
False
+
+ $(BeatSaberDir)\Libs\Newtonsoft.Json.dll
+ False
+
$(BeatSaberDir)\Libs\BeatSaberPlaylistsLib.dll
False
+
+ $(BeatSaberDir)\Plugins\BeatLeader.dll
+ False
+
+
diff --git a/Setlist/manifest.json b/Setlist/manifest.json
index 283c064..589f8a1 100644
--- a/Setlist/manifest.json
+++ b/Setlist/manifest.json
@@ -3,11 +3,12 @@
"id": "Setlist",
"name": "Setlist",
"author": "",
- "version": "0.0.1",
+ "version": "0.0.2",
"description": "Syncs playlists with external sources.",
"gameVersion": "1.40.8",
"dependsOn": {
"BSIPA": "^4.3.0",
- "BeatSaberPlaylistsLib": "^1.7.0"
+ "BeatSaberPlaylistsLib": "^1.7.0",
+ "BeatLeader": "^0.9.0"
}
}
diff --git a/docs/beatleader-playlist-api.md b/docs/beatleader-playlist-api.md
index eb1d5ba..fb9677a 100644
--- a/docs/beatleader-playlist-api.md
+++ b/docs/beatleader-playlist-api.md
@@ -87,4 +87,26 @@ if (result.RequestState == WebRequests.RequestState.Finished && result.Result !=
That’s all that’s required on the **client** side for “fetch my playlists”: **GET + existing cookie session**. No extra headers beyond what `WebRequestFactory` already applies (`User-Agent` + cookies).
-**Troubleshooting:** right after implementing, compare behavior to `UserRequest` (`GET /user/modinterface`): if one returns `Finished` with data and the other gets `401`, the issue is session/host/HTTPS, not playlist-specific logic.
\ No newline at end of file
+**Troubleshooting:** right after implementing, compare behavior to `UserRequest` (`GET /user/modinterface`): if one returns `Finished` with data and the other gets `401`, the issue is session/host/HTTPS, not playlist-specific logic.
+
+## Field notes (Setlist / BS 1.40.8, 2026)
+
+These observations are from running a **second plugin** (Setlist) alongside the **shipped** BeatLeader 0.9.x DLL on a **BSManager** 1.40.8 install. Treat them as the operational replacement for the `WebRequestFactory` recipe above when targeting that build.
+
+- **Server:** `GET ~/user/playlists` returns **401** with no authenticated user in context. See `PlaylistController.GetAllPlaylists` in beatleader-server (`CurrentUserID` then `Unauthorized()`).
+- **beatleader-mod _source_** uses `WebRequestFactory` (a static `HttpClient` over a `CookieContainer`). That is what the main sections of this file describe.
+- **Shipped `BeatLeader.dll` (0.9.x in 1.40.8) is _older_ than that source** and the layout is different. Verified with `ilspycmd -l class`:
+ - `BeatLeader.WebRequests.WebRequestFactory` does **not** exist.
+ - The networking stack is `BeatLeader.API.NetworkingUtils` + `BeatLeader.API.RequestDescriptors.JsonGetRequestDescriptor` + `BeatLeader.API.RequestHandlers.PersistentSingletonRequestHandler` + `BeatLeader.API.Methods.*` (e.g. `UserRequest`, `PlaylistRequest`).
+ - Every call funnels through `UnityWebRequest` (`UnityWebRequest.Get(url)` from `JsonGetRequestDescriptor.CreateWebRequest`).
+ - Sign-in is `BeatLeader.API.Authentication`: a coroutine `EnsureLoggedIn(Action onSuccess, Action onFail)` that posts `BLConstants.SIGNIN_WITH_TICKET` via `UnityWebRequest.Post`. `ResetLogin()` clears with `UnityWebRequest.ClearCookieCache(...)` — confirming the session cookie lives in **Unity's cookie cache**, not in any `HttpClient`/`CookieContainer`.
+- **Cookie sharing on this build _does_ work via `UnityWebRequest`.** Unity's `UnityWebRequest` cookie cache is **process-wide per host**, so a second plugin issuing `UnityWebRequest.Get("https://api.beatleader.com/user/playlists")` after BeatLeader's sign-in inherits the ASP.NET cookie automatically. (The earlier "UnityWebRequest tends to 401" observation was from racing BeatLeader's login — not from a separate cookie store.)
+- **Detecting "BeatLeader is signed in" without a public hook on this build:** `BeatLeader.API.Authentication` is `internal` and its successful-login state is the private static field `_signedIn`. Reflect into `typeof(BLConstants).Assembly.GetType("BeatLeader.API.Authentication").GetField("_signedIn", BindingFlags.NonPublic | BindingFlags.Static)` and poll until `true`, then issue the `UnityWebRequest`. (Triggering `EnsureLoggedIn` ourselves is brittle: it depends on `Resources.FindObjectsOfTypeAll()` having returned by the time we call it — easier to wait for BeatLeader's own login coroutine to finish.)
+- **Concrete recipe used by Setlist (`Setlist/BeatLeaderPlaylistOwnership.cs`):**
+ 1. Spawn a hidden `MonoBehaviour` via `new GameObject(...).AddComponent<>()` from `OnApplicationStart` (BSIPA's `[OnStart]` runs on the Unity main thread).
+ 2. In a coroutine, poll `Authentication._signedIn` (with a generous timeout, e.g. 90 s; sign-in only happens once the menu scene loads and platform tickets resolve).
+ 3. `UnityWebRequest.Get(BLConstants.BEATLEADER_API_URL + "/user/playlists")`, set a `User-Agent`, `yield return SendWebRequest()`.
+ 4. Check `request.result == UnityWebRequest.Result.Success`, then `JsonConvert.DeserializeObject>(request.downloadHandler.text)`.
+ 5. Build a `HashSet` of `guid` values; per-playlist ownership is just `set.Contains(extractedGuid)`.
+- **JSON shape** matches the model in §1: camelCase, only `guid` is required for ownership; `id`, `ownerId`, `isShared`, `link`, `hash`, `deleted` are optional metadata.
+- **Reference reading on disk:** `~/src/beatleader/beatleader-mod/Source/2_Core/API/{WebRequestFactory,Authentication,PersistentWebRequest}.cs` (newer source); `ilspycmd -p -o /tmp/bl-dec /home/pleb/.local/share/BSManager/BSInstances/1.40.8/Plugins/BeatLeader.dll` to inspect the **shipped** types (`BeatLeader.API.{Authentication,NetworkingUtils}` + `RequestHandlers.PersistentSingletonRequestHandler`).
diff --git a/docs/notes.md b/docs/notes.md
index 514ea5a..5a48c8e 100644
--- a/docs/notes.md
+++ b/docs/notes.md
@@ -17,3 +17,30 @@ tail -f Logs/_latest.log
Press `g` to release the mouse input from the game
Mouse input is broken because Wayland is not yet supported.
+
+## Testing
+
+To run beat saber, you can mimic the launch execution that bs-manager performs with the following:
+
+```sh
+cd "/home/pleb/.local/share/BSManager/BSInstances/1.40.8"
+
+export SteamAppId=620980 SteamOverlayGameId=620980 SteamGameId=620980
+export WINEDLLOVERRIDES='winhttp=n,b'
+export STEAM_COMPAT_DATA_PATH="$HOME/.local/share/BSManager/SharedContent/compatdata"
+export STEAM_COMPAT_INSTALL_PATH="$PWD"
+export STEAM_COMPAT_CLIENT_INSTALL_PATH="/home/pleb/.local/share/Steam"
+export STEAM_COMPAT_APP_ID=620980
+export SteamEnv=1
+export OXR_PARALLEL_VIEWS=1
+
+steam-run "/home/pleb/.local/share/Steam/steamapps/common/Proton - Experimental/proton" run "$PWD/Beat Saber.exe" --no-yeet fpfc
+```
+
+Then, after a few seconds you can read the log messages after BS starts up
+
+```
+cat ~/.local/share/BSManager/BSInstances/1.40.8/Logs/_latest.log | grep Setlist
+```
+
+Thereafter, kill the process.