Skip to content

Use caller-supplied HttpClient for token refresh (#324)#379

Merged
AndreyVMarkelov merged 1 commit into
mainfrom
fix/324-refresh-httpclient
Jul 7, 2026
Merged

Use caller-supplied HttpClient for token refresh (#324)#379
AndreyVMarkelov merged 1 commit into
mainfrom
fix/324-refresh-httpclient

Conversation

@AndreyVMarkelov

Copy link
Copy Markdown
Contributor

Fixes #324.

RefreshAccessToken sent the OAuth token request through the SDK's internal default HttpClient, ignoring a caller-supplied client. In high-traffic apps this leaked connections and exhausted ports.

  • Route the refresh through GetHttpClient(HostType.Api), same as normal requests.
  • Add a regression test asserting the refresh flows through the supplied HttpClient (verified it fails when the fix is reverted).

@codecov

codecov Bot commented Jul 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.09%. Comparing base (cde11d5) to head (bcdd4e0).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #379      +/-   ##
==========================================
+ Coverage   53.81%   54.09%   +0.28%     
==========================================
  Files          16       16              
  Lines        1403     1403              
  Branches      134      134              
==========================================
+ Hits          755      759       +4     
+ Misses        608      604       -4     
  Partials       40       40              
Flag Coverage Δ
integration 50.60% <100.00%> (+0.28%) ⬆️
unit 10.54% <0.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@AndreyVMarkelov AndreyVMarkelov force-pushed the fix/324-refresh-httpclient branch from a251eec to 2c2d816 Compare July 7, 2026 22:32
RefreshAccessToken sent the OAuth token request through the SDK's
internal default HttpClient, ignoring a caller-supplied client. In
high-traffic apps this leaked connections and exhausted ports. Route
the refresh through GetHttpClient(HostType.Api) like normal requests,
and add a regression test asserting the refresh uses the supplied client.
@AndreyVMarkelov AndreyVMarkelov force-pushed the fix/324-refresh-httpclient branch from 2c2d816 to bcdd4e0 Compare July 7, 2026 22:34
@AndreyVMarkelov AndreyVMarkelov merged commit c25d774 into main Jul 7, 2026
25 of 31 checks passed
@AndreyVMarkelov AndreyVMarkelov deleted the fix/324-refresh-httpclient branch July 7, 2026 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Dropbox Client uses wrong httpclient which causes port exhaustion

2 participants