Keep auto-session tokens tied to auth freshness

cuipengfei · OmX · cuipengfei · commit 016266b1fd5c · 2026-05-10T20:50:02.000+08:00
Refresh near-expiry auto-session tokens before first covered-model use, invalidate cached sessions when the Copilot auth token changes, and retry Invalid auto-mode selector once after refreshing the session token at the Copilot service boundary.

Constraint: Copilot-Session-Token is bound to the auth token context and must not outlive auth token identity changes.

Rejected: Handling selector failures in route handlers | session-token injection and upstream workaround ownership belongs in src/services/copilot.

Confidence: high

Scope-risk: narrow

Directive: Keep auto-session retry single-attempt only; do not add generic retries around Copilot upstream errors.

Tested: bun run lint:all --fix; bun run build; bun test; bun run typecheck

Not-tested: Live Copilot backend probe with real credentials

Co-authored-by: OmX &lt;omx@oh-my-codex.dev&gt;
diff --git a/src/lib/auto-session.ts b/src/lib/auto-session.ts
@@ -2,18 +2,22 @@ import consola from "consola"
 
 import { getModelsSession } from "~/services/copilot/get-models-session"
 
+import { state } from "./state"
+
 interface AutoSessionCache {
   sessionToken?: string
   availableModels: Set<string>
   expiresAt: number
   hasBeenUsed: boolean
+  authToken?: string
 }
 
 const cache: AutoSessionCache = {
   sessionToken: undefined,
   availableModels: new Set(),
   expiresAt: 0,
   hasBeenUsed: false,
+  authToken: undefined,
 }
 
 const FIVE_MINUTES_MS = 5 * 60 * 1000
@@ -24,18 +28,31 @@ const refreshAutoSession = async () => {
   cache.availableModels = new Set(session.available_models)
   cache.expiresAt = session.expires_at
   cache.hasBeenUsed = false
+  cache.authToken = state.copilotToken
   consola.info(
     `[auto-session] refreshed token, models=${cache.availableModels.size}`,
   )
 }
 
+export const invalidateAutoSession = (): void => {
+  cache.sessionToken = undefined
+  cache.availableModels = new Set()
+  cache.expiresAt = 0
+  cache.hasBeenUsed = false
+  cache.authToken = undefined
+}
+
 const shouldRefresh = (): boolean => {
   if (!cache.sessionToken) {
     return true
   }
 
+  if (cache.authToken !== state.copilotToken) {
+    return true
+  }
+
   const expiresSoon = cache.expiresAt * 1000 - Date.now() < FIVE_MINUTES_MS
-  return expiresSoon && cache.hasBeenUsed
+  return expiresSoon
 }
 
 export const prewarmAutoSession = async (): Promise<void> => {
diff --git a/src/lib/token.ts b/src/lib/token.ts
@@ -3,6 +3,7 @@ import fs from "node:fs/promises"
 import { setTimeout as delay } from "node:timers/promises"
 
 import { isOpencodeOauthApp } from "~/lib/api-config"
+import { invalidateAutoSession } from "~/lib/auto-session"
 import { PATHS } from "~/lib/paths"
 import { getCopilotToken } from "~/services/github/get-copilot-token"
 import { getCopilotUsage } from "~/services/github/get-copilot-usage"
@@ -43,7 +44,11 @@ function applyCopilotTokenMetadata(
     telemetry,
   } = metadata
 
+  const previousToken = state.copilotToken
   state.copilotToken = token
+  if (previousToken !== token) {
+    invalidateAutoSession()
+  }
   state.copilotApiUrl = endpoints?.api
   state.copilotTrackingId = tracking_id
   state.copilotTelemetryEnabled = telemetry === "enabled"
@@ -75,7 +80,11 @@ export const setupCopilotToken = async () => {
   if (isOpencodeOauthApp()) {
     if (!state.githubToken) throw new Error(`opencode token not found`)
 
+    const previousToken = state.copilotToken
     state.copilotToken = state.githubToken
+    if (previousToken !== state.copilotToken) {
+      invalidateAutoSession()
+    }
 
     consola.debug("GitHub Copilot token set from opencode auth token")
     if (state.showToken) {
diff --git a/src/services/copilot/auto-session-retry.ts b/src/services/copilot/auto-session-retry.ts
@@ -0,0 +1,47 @@
+import consola from "consola"
+
+import {
+  getAutoSessionTokenForModel,
+  invalidateAutoSession,
+} from "~/lib/auto-session"
+
+const INVALID_AUTO_MODE_SELECTOR = "Invalid auto-mode selector"
+
+export const isInvalidAutoModeSelectorResponse = async (
+  response: Response,
+): Promise<boolean> => {
+  if (response.status !== 401) {
+    return false
+  }
+
+  const body = await response
+    .clone()
+    .text()
+    .catch(() => "")
+
+  return body.includes(INVALID_AUTO_MODE_SELECTOR)
+}
+
+export const retryAfterInvalidAutoModeSelector = async (
+  response: Response,
+  headers: Record<string, string>,
+  model: string,
+  retry: () => Promise<Response>,
+): Promise<Response> => {
+  if (!(await isInvalidAutoModeSelectorResponse(response))) {
+    return response
+  }
+
+  consola.warn(
+    "[auto-session] invalid selector, refreshing session and retrying",
+  )
+  invalidateAutoSession()
+  delete headers["Copilot-Session-Token"]
+
+  const autoToken = await getAutoSessionTokenForModel(model)
+  if (autoToken) {
+    headers["Copilot-Session-Token"] = autoToken
+  }
+
+  return retry()
+}
diff --git a/src/services/copilot/create-chat-completions.ts b/src/services/copilot/create-chat-completions.ts
@@ -28,6 +28,8 @@ import {
   trackGhostTextShown,
 } from "~/services/telemetry/telemetry"
 
+import { retryAfterInvalidAutoModeSelector } from "./auto-session-retry"
+
 /**
  * Check if error response indicates a thinking block issue that can be
  * resolved by stripping thinking/reasoning fields and retrying.
@@ -235,11 +237,20 @@ export const createChatCompletions = async (
 
   // First attempt: passthrough unchanged
   consola.debug(`<-- model: ${payload.model}`)
-  const response = await fetch(`${copilotBaseUrl(state)}/chat/completions`, {
-    method: "POST",
+  const url = `${copilotBaseUrl(state)}/chat/completions`
+  const sendRequest = () =>
+    fetch(url, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(payload),
+    })
+
+  const response = await retryAfterInvalidAutoModeSelector(
+    await sendRequest(),
     headers,
-    body: JSON.stringify(payload),
-  })
+    payload.model,
+    sendRequest,
+  )
 
   logCopilotRateLimits(response.headers)
 
diff --git a/src/services/copilot/create-messages.ts b/src/services/copilot/create-messages.ts
@@ -34,6 +34,8 @@ import {
   trackGhostTextShown,
 } from "~/services/telemetry/telemetry"
 
+import { retryAfterInvalidAutoModeSelector } from "./auto-session-retry"
+
 export interface CreateMessagesOptions {
   initiator?: "user" | "agent"
   anthropicBeta?: string
@@ -297,11 +299,19 @@ const sendWithSignatureRetry = async (
   headers: Record<string, string>,
   enhancedPayload: ReturnType<typeof buildEnhancedPayload>,
 ): Promise<Response> => {
-  const response = await fetch(url, {
-    method: "POST",
+  const sendRequest = () =>
+    fetch(url, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(enhancedPayload),
+    })
+
+  const response = await retryAfterInvalidAutoModeSelector(
+    await sendRequest(),
     headers,
-    body: JSON.stringify(enhancedPayload),
-  })
+    enhancedPayload.model,
+    sendRequest,
+  )
 
   if (response.ok) return response
 
diff --git a/src/services/copilot/create-responses.ts b/src/services/copilot/create-responses.ts
@@ -28,6 +28,8 @@ import {
   trackGhostTextShown,
 } from "~/services/telemetry/telemetry"
 
+import { retryAfterInvalidAutoModeSelector } from "./auto-session-retry"
+
 export interface ResponsesPayload {
   model: string
   instructions?: string | null
@@ -442,11 +444,20 @@ export const createResponses = async (
 
   consola.debug(`<-- model: ${payload.model}`)
 
-  const response = await fetch(`${copilotBaseUrl(state)}/responses`, {
-    method: "POST",
+  const url = `${copilotBaseUrl(state)}/responses`
+  const sendRequest = () =>
+    fetch(url, {
+      method: "POST",
+      headers,
+      body: JSON.stringify(payload),
+    })
+
+  const response = await retryAfterInvalidAutoModeSelector(
+    await sendRequest(),
     headers,
-    body: JSON.stringify(payload),
-  })
+    payload.model,
+    sendRequest,
+  )
 
   logCopilotRateLimits(response.headers)
 
diff --git a/tests/auto-session-chains.test.ts b/tests/auto-session-chains.test.ts
diff --git a/tests/auto-session.test.ts b/tests/auto-session.test.ts
diff --git a/tests/create-messages.test.ts b/tests/create-messages.test.ts
