"Unauthorized" error when credentials expire

[nolanmar511]

The call to the request to create a profile can hang for up to an hour. If the credentials expire while this request is hanging, then an 'Unauthorized' error is returned.

To reduce the frequency of this error, we want to refresh the token before it has expired when making requests.

[nigon1]

on issue

[nolanmar511]

Added the ability to refresh before the token expires to google-auth-library-nodejs.
Still need to modify @google-cloud/common (repository here) and google-auto-auth (repository here).

The change to google-auth-library has not yet been published to npm.

[aalexand]

@nolanmar511 Please update with the status.

[nolanmar511]

We are using google-auth-library 1.3.1 for development (based on our package-lock.json), so the token will be refreshed 5 minutes before it expires (rather than once it has expired). This should reduce the probability of these errors
However, it is my understanding that if a token expires during a request, google-auth-library does not refresh the token and retry, so we may still see unauthorized errors.

[JustinBeckwith]

Of course we do! If the request fails with a 401 or 403, under many conditions we will try to refresh the token. We are changing some of this behavior in 2.0 to only retry if a refresh_token is present. Check this out:
https://github.com/google/google-auth-library-nodejs/blob/master/src/auth/oauth2client.ts#L696

If there's another place you want retry logic, please do let me know!

[nolanmar511]

@JustinBeckwith -- Thanks! Is this logic new with 1.0? Prior to upgrading to 1.0, we'd seen the "Unauthorized" Error in our code.

[JustinBeckwith]

Nope, this has been around for a while. I think the code you added to add a higher expiry window likely cleaned a lot of these up.

[ofrobots]

@nolanmar511 can you check if this is still an issue?

[nolanmar511]

Marking this as closed.
Ran 20 programs with matching deployment labels for 3 hours. The "Unauthorized" error did not appear in the output from these.