Skip to content

Add hasRefreshToken guard to token refresh middleware#13858

Merged
rickyrombo merged 2 commits intomjp-oauth-standalonefrom
copilot/sub-pr-13805-again
Mar 9, 2026
Merged

Add hasRefreshToken guard to token refresh middleware#13858
rickyrombo merged 2 commits intomjp-oauth-standalonefrom
copilot/sub-pr-13805-again

Conversation

Copy link
Contributor

Copilot AI commented Mar 9, 2026
edited
Loading

addTokenRefreshMiddleware was calling oauth.refreshAccessToken() on every 401, including unauthenticated requests, causing _surfaceError('No refresh token available.') to fire as noise on normal 401 responses.

Changes

  • OAuth.hasRefreshToken getter — cheap boolean check on tokenStore?.refreshToken
  • Middleware guard — short-circuits on 401 before attempting refresh when hasRefreshToken is false, avoiding the noisy error callback entirely
  • Test coverage — asserts refreshAccessToken is never called when hasRefreshToken is false
// Before: refreshAccessToken() called on every 401 → _surfaceError fired for unauthenticated clients
// After: guard skips refresh entirely when no token is stored
if (!oauth.hasRefreshToken) {
  return context.response
}

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Copilot AI mentioned this pull request Mar 9, 2026
Merged
@changeset-bot
Copy link

changeset-bot bot commented Mar 9, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: bd92609

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@rickyrombo
Add hasRefreshToken guard to avoid noisy 401 error callbacks
bd92609 
Co-authored-by: rickyrombo <3690498+rickyrombo@users.noreply.github.com>
@pull-request-size pull-request-size bot added size/M and removed size/XS labels Mar 9, 2026
Copy link
Contributor Author

Copilot AI commented Mar 9, 2026

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • api.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.name de/node/bin/node (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js credential.username bin/as (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js et/addon/src/ bin/sh (dns block)
  • healthy-aao.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js pull.rebase les/.bin/python3 (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.name ivelabs/indexer-proto-ts/node_modules/protobufjs/node_modules/.bin/sh (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js --reporter=verbose 0/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/sh (dns block)
  • node-a.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js credential.helper _modules/@injectivelabs/sdk-ts/node_modules/node_modules/.bin/node (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.email e_modules/.bin/node (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js (dns block)
  • node-b.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js credential.helper _modules/@injectivelabs/sdk-ts/node_modules/node_modules/.bin/node (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.email e_modules/.bin/node (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js (dns block)
  • offline-aao.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js pull.rebase les/.bin/python3 (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.name ivelabs/indexer-proto-ts/node_modules/protobufjs/node_modules/.bin/sh (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js --reporter=verbose 0/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/sh (dns block)
  • unhealthy-aao.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js pull.rebase les/.bin/python3 (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.name ivelabs/indexer-proto-ts/node_modules/protobufjs/node_modules/.bin/sh (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js --reporter=verbose 0/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/sh (dns block)
  • unregistered-aao.audius.co
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js pull.rebase les/.bin/python3 (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js user.name ivelabs/indexer-proto-ts/node_modules/protobufjs/node_modules/.bin/sh (dns block)
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --conditions node --conditions development /home/REDACTED/work/apps/apps/packages/sdk/node_modules/tinypool/dist/entry/process.js --reporter=verbose 0/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/sh (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title [WIP] Address feedback on simplifying OAuth refreshToken middleware Add hasRefreshToken guard to token refresh middleware Mar 9, 2026
@rickyrombo rickyrombo marked this pull request as ready for review March 9, 2026 18:42
@rickyrombo rickyrombo merged commit 80ffefc into mjp-oauth-standalone Mar 9, 2026
3 checks passed
@rickyrombo rickyrombo deleted the copilot/sub-pr-13805-again branch March 9, 2026 18:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@rickyrombo rickyrombo

Copilot code review Copilot

Labels

size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rickyrombo