From 1a7d8083efc1e1b10bb1ed648573c88e490ebc11 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 13 Dec 2025 14:50:55 +0000 Subject: [PATCH] chore: clarify token refresh comments Co-authored-by: samanhappy <2755122+samanhappy@users.noreply.github.com> --- src/services/mcpOAuthProvider.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/services/mcpOAuthProvider.ts b/src/services/mcpOAuthProvider.ts index a90a7e3..382a5f1 100644 --- a/src/services/mcpOAuthProvider.ts +++ b/src/services/mcpOAuthProvider.ts @@ -41,6 +41,7 @@ import { // Import getServerByName to access ServerInfo import { getServerByName } from './mcpService.js'; +// Refresh tokens one minute before expiry to avoid sending requests with stale credentials. const ACCESS_TOKEN_REFRESH_THRESHOLD_MS = 60_000; /** @@ -341,7 +342,7 @@ export class MCPHubOAuthProvider implements OAuthClientProvider { /** * Returns tokens refreshed when expired or close to expiring. - * Falls back to stored tokens if refresh cannot be performed. + * When an access token already exists and refresh fails, the existing token is returned. */ private async getValidTokens(): Promise { const oauth = this.serverConfig.oauth; @@ -400,9 +401,8 @@ export class MCPHubOAuthProvider implements OAuthClientProvider { this.serverConfig = updatedConfig; } - const newRefreshToken = tokens.refreshToken; - const nextRefreshToken = newRefreshToken ?? refreshToken; - if (newRefreshToken === undefined) { + const nextRefreshToken = tokens.refreshToken ?? refreshToken; + if (tokens.refreshToken === undefined) { console.warn( `Refresh response missing refresh_token for ${this.serverName}; reusing existing refresh token (some providers omit refresh_token on refresh)`, );