Fix frequent OAuth logouts: offline_access scope, transient error handling, fetchMe resilience

Fork: 0

root / navi-1

Browse code Fix frequent OAuth logouts: offline_access scope, transient error handling, fetchMe resilience - Add 'offline_access' to OAuth scopes so gnexus-auth issues offline refresh tokens instead of SSO-session-bound ones. - Distinguish TokenRefreshException (invalid/expired refresh token) from transient network errors during token refresh: * TokenRefreshException → logout (token genuinely dead) * Other exceptions → fallback to cached user or API token - Improve refresh failure logging with exc_type and error message. - Frontend fetchMe: swallow non-401 errors so transient 5xx/network failures don't flash the login screen. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> feature/navi-code master vmkdemo
1 parent b7697c8 commit 66a0feb55f823ba395383f8cd04a44d23caf8543 Eugene Sukhodolskiy authored 24 days ago

Browse code

- Add 'offline_access' to OAuth scopes so gnexus-auth issues offline
  refresh tokens instead of SSO-session-bound ones.
- Distinguish TokenRefreshException (invalid/expired refresh token)
  from transient network errors during token refresh:
  * TokenRefreshException → logout (token genuinely dead)
  * Other exceptions → fallback to cached user or API token
- Improve refresh failure logging with exc_type and error message.
- Frontend fetchMe: swallow non-401 errors so transient 5xx/network
  failures don't flash the login screen.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

feature/navi-code master vmkdemo

1 parent b7697c8 commit 66a0feb55f823ba395383f8cd04a44d23caf8543

Eugene Sukhodolskiy authored 24 days ago

Patch

Unified Split

Showing 3 changed files

Ignore Space Show notes View navi/api/routes/auth.py

Ignore Space Show notes View navi/auth/deps.py

Ignore Space Show notes View webclient/src/stores/auth.js

Show line notes below