Commit fa6a063
authored
fix(codex): recover from refresh-token rotation races instead of dying (#20)
ChatGPT rotates the refresh token on every refresh, and the single-flight
guard only covers one process. When two openscience processes (CLI +
workspace server) race a refresh — common while requests retry against an
exhausted usage limit — the loser persists nothing and keeps a revoked
token, so every later refresh fails even after the usage limit resets.
The only way out was noticing yourself that you had to re-login.
The loader now treats a failed refresh as possibly-stale local state:
re-read persisted auth (the racing winner already stored the rotated
pair), adopt a still-valid access token or retry the refresh with the
rotated refresh token, and only then fail — with an actionable
'reconnect with openscience auth login' message instead of a raw
'Token refresh failed: 400'.1 parent 0606844 commit fa6a063
1 file changed
Lines changed: 43 additions & 14 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
431 | 431 | | |
432 | 432 | | |
433 | 433 | | |
434 | | - | |
435 | | - | |
436 | | - | |
437 | | - | |
438 | | - | |
439 | | - | |
440 | | - | |
441 | | - | |
442 | | - | |
443 | | - | |
444 | | - | |
445 | | - | |
446 | | - | |
447 | | - | |
| 434 | + | |
| 435 | + | |
| 436 | + | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
| 440 | + | |
| 441 | + | |
| 442 | + | |
| 443 | + | |
| 444 | + | |
| 445 | + | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
| 451 | + | |
| 452 | + | |
| 453 | + | |
| 454 | + | |
| 455 | + | |
| 456 | + | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
| 465 | + | |
| 466 | + | |
| 467 | + | |
| 468 | + | |
| 469 | + | |
| 470 | + | |
| 471 | + | |
| 472 | + | |
| 473 | + | |
| 474 | + | |
| 475 | + | |
| 476 | + | |
448 | 477 | | |
449 | 478 | | |
450 | 479 | | |
| |||
0 commit comments