Skip to content

fix: OAuth token refresh retry and error handling for idle timeout#133

Merged
anandgupta42 merged 1 commit intomainfrom
fix/oauth-token-refresh-idle-timeout
Mar 14, 2026
Merged

fix: OAuth token refresh retry and error handling for idle timeout#133
anandgupta42 merged 1 commit intomainfrom
fix/oauth-token-refresh-idle-timeout

Conversation

@anandgupta42
Copy link
Copy Markdown
Contributor

@anandgupta42 anandgupta42 commented Mar 14, 2026
edited
Loading

What does this PR do?

Fixes the issue where leaving altimate-code idle for 20+ minutes causes every subsequent prompt to show just "Error" with no context or recovery path. The root cause is OAuth tokens expiring after idle, and the token refresh throwing a plain Error with no retry logic.

Changes:

  • anthropic.ts / codex.ts: Add 3-attempt retry with exponential backoff for token refresh, fail-fast on 4xx (permanent auth failures), 30s proactive refresh buffer before expiry, fix currentAuth.expires not being updated after successful refresh
  • message-v2.ts: Classify OAuth token refresh failures as ProviderAuthError instead of UnknownError, improve generic Error display (no more bare "Error" in TUI)
  • retry.ts: Make auth errors retryable at session level with actionable user message including recovery instructions
  • retry.test.ts: Add 8 new tests covering auth error retry, token refresh failure classification, and generic error handling

Type of change

  • Bug fix
  • New feature
  • Breaking change
  • Documentation
  • Other

Issue for this PR

Closes #118

How did you verify your code works?

  • All 24 retry tests pass (bun test test/session/retry.test.ts)
  • All 19 message-v2 tests pass (bun test test/session/message-v2.test.ts)
  • TypeScript typecheck passes (bunx tsc --noEmit)
  • Manual verification: confirmed error messages now show descriptive text with recovery instructions instead of bare "Error"

Checklist

  • Tests added/updated
  • I have tested this locally
  • No unrelated changes included
  • Documentation updated (if needed)
  • CHANGELOG updated (if user-facing)

@anandgupta42 @claude
fix: OAuth token refresh retry and error handling for idle timeout (#118
1d13a37 
)

After 20+ minutes idle, OAuth tokens expire and subsequent prompts show
unhelpful "Error" with no context or retry. This commit fixes the issue
across Anthropic and Codex OAuth plugins:

- Add 3-attempt retry with backoff for token refresh (network/5xx only)
- Fail fast on 4xx auth errors (permanent failures like revoked tokens)
- Add 30-second proactive refresh buffer to prevent mid-request expiry
- Update `currentAuth.expires` after successful refresh
- Classify token refresh failures as `ProviderAuthError` for actionable
  error messages with recovery instructions
- Make auth errors retryable at session level with user-facing guidance
- Improve generic `Error` display (no more bare "Error" in TUI)

Co-Authored-By: Claude Opus 4.6 <[email protected]>
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 14, 2026

Thanks for your contribution!

This PR doesn't have a linked issue. All PRs must reference an existing issue.

Please:

  1. Open an issue describing the bug/feature (if one doesn't exist)
  2. Add Fixes #<number> or Closes #<number> to this PR description

See CONTRIBUTING.md for details.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 14, 2026

This PR doesn't fully meet our contributing guidelines and PR template.

What needs to be fixed:

  • PR description is missing required template sections. Please use the PR template.

Please edit this PR description to address the above within 2 hours, or it will be automatically closed.

If you believe this was flagged incorrectly, please let a maintainer know.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 14, 2026

This pull request has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window.

Feel free to open a new pull request that follows our guidelines.

@github-actions github-actions bot closed this Mar 14, 2026
@anandgupta42 anandgupta42 reopened this Mar 14, 2026
@anandgupta42 anandgupta42 merged commit 2a09639 into main Mar 14, 2026
20 of 24 checks passed
anandgupta42 added a commit that referenced this pull request Mar 17, 2026
@anandgupta42 @claude
fix: OAuth token refresh retry and error handling for idle timeout (#118
daae6ce 
) (#133)

After 20+ minutes idle, OAuth tokens expire and subsequent prompts show
unhelpful "Error" with no context or retry. This commit fixes the issue
across Anthropic and Codex OAuth plugins:

- Add 3-attempt retry with backoff for token refresh (network/5xx only)
- Fail fast on 4xx auth errors (permanent failures like revoked tokens)
- Add 30-second proactive refresh buffer to prevent mid-request expiry
- Update `currentAuth.expires` after successful refresh
- Classify token refresh failures as `ProviderAuthError` for actionable
  error messages with recovery instructions
- Make auth errors retryable at session level with user-facing guidance
- Improve generic `Error` display (no more bare "Error" in TUI)

Co-authored-by: Claude Opus 4.6 <[email protected]>
@anandgupta42 anandgupta42 deleted the fix/oauth-token-refresh-idle-timeout branch March 17, 2026 00:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

contributor needs:issue

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Leave altimate-code on for 20+ minutes, and later it shows error

1 participant

@anandgupta42