feat: add proactive token refresh manager with disk-backed metadata #185
+936
−6
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Objective: allow MCP Remote to renew OAuth access tokens automatically before expiry, ensuring users don’t get interrupted in long-running sessions. Tests mock all collaborators to validate scheduler decisions (expiring soon, lock contention, failure backoff) and the new helper functions; full CLI/proxy behavior was verified manually since Node tooling isn’t available in this environment. - add token_state.json, server.json, and refresh_lock.json plumbing in src/lib/mcp-auth-config.ts so we can track issued/expiry timestamps, remember which servers exist, and coordinate background refreshes without overloading the existing OAuth files (which must stay spec-compliant) - introduce TokenRefreshManager plus supporting CLI flags; it discovers every server hash with tokens, respects per-server locks/backoff, invokes the SDK’s refresh grant, and logs timing/expiry info so long-running proxies don’t require browser re-auth - extend NodeOAuthClientProvider.saveTokens() to persist derived timing metadata, invalidate it alongside tokens, and keep tokens.json untouched for compatibility - wire the manager into both CLI and proxy entrypoints (default on, opt-out via --disable-auto-refresh), persist server registrations during argument parsing, and document the new flags in the README so headless deployments behave predictably - add unit tests (src/lib/token-refresh-manager.test.ts) that mock disk IO and SDK calls to cover refresh-trigger logic, locking, and backoff, and mirror the repo’s logging/test-style conventions - enhanced debug logging now prints human-readable timestamps plus remaining durations whenever the refresh window is evaluated
|
Thanks @arcnms .... hope this gets checked in. +1 so it gets attention. |
commit: |
Owner
|
Can you give this a try using |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Objective: allow MCP Remote to renew OAuth access tokens automatically before expiry, ensuring users don’t get interrupted in long-running sessions. Tests mock all collaborators to validate scheduler decisions (expiring soon, lock contention, failure backoff) and the new helper functions; full CLI/proxy behavior was verified manually.