fix(refresh-token): fix retry exhaustion bug, dropzone accept callback, and response.ok handling

smarcet · smarcet · commit 23fa7c27322a · 2026-03-11T07:36:25.000-03:00
* Fix retryWithBackoff exhaustion guard (attempt === maxRetries was dead
  code after loop bound change to &lt; maxRetries; errors were silently
  swallowed, function returned undefined instead of throwing).
* Fix Dropzone accept callback to call done() on error path, preventing
  files from getting stuck in an indeterminate state.
* Use response.ok instead of checking individual status codes, closing
  a gap where 4xx codes other than 400 fell through unhandled.
* Add ok property to existing test mocks to match the new response.ok check.
* Export retryWithBackoff and add 5 unit tests covering retry count,
  auth error short-circuit, transient recovery, and exponential backoff.
* Add defensive check for missing access_token in refresh response.
diff --git a/src/components/inputs/upload-input-v2/dropzone.js b/src/components/inputs/upload-input-v2/dropzone.js
@@ -66,6 +66,7 @@ export class DropzoneJS extends React.Component {
                 if (!e.message || !e.message.startsWith(AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR)) {
                     initLogOut();
                 }
+                done(e.message || 'Auth error');
                 return;
             }
             if (options.maxFiles && options.maxFiles < (this.state.files.length + this.props.uploadCount)) {
diff --git a/src/components/security/__tests__/methods.test.js b/src/components/security/__tests__/methods.test.js
@@ -3,7 +3,7 @@ import {
     AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR,
 } from '../constants';
 
-import { refreshAccessToken } from '../methods';
+import { refreshAccessToken, retryWithBackoff } from '../methods';
 
 // Mock utils/methods imports used by security/methods
 jest.mock('../../../utils/methods', () => ({
@@ -79,6 +79,7 @@ describe('refreshAccessToken', () => {
 
     it('should return tokens on successful response', async () => {
         const mockResponse = {
+            ok: true,
             status: 200,
             json: jest.fn().mockResolvedValue({
                 access_token: 'new-access-token',
@@ -102,6 +103,7 @@ describe('refreshAccessToken', () => {
 
     it('should throw AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR on HTTP 400', async () => {
         const mockResponse = {
+            ok: false,
             status: 400,
             statusText: 'Bad Request',
         };
@@ -116,6 +118,7 @@ describe('refreshAccessToken', () => {
 
     it('should throw AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR on HTTP 500', async () => {
         const mockResponse = {
+            ok: false,
             status: 500,
             statusText: 'Internal Server Error',
         };
@@ -130,6 +133,7 @@ describe('refreshAccessToken', () => {
 
     it('should throw AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR on HTTP 502', async () => {
         const mockResponse = {
+            ok: false,
             status: 502,
             statusText: 'Bad Gateway',
         };
@@ -142,6 +146,7 @@ describe('refreshAccessToken', () => {
 
     it('should throw AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR on HTTP 503', async () => {
         const mockResponse = {
+            ok: false,
             status: 503,
             statusText: 'Service Unavailable',
         };
@@ -184,6 +189,7 @@ describe('refreshAccessToken', () => {
 
     it('should call setSessionClearingState(true) only on HTTP 400', async () => {
         const mockResponse = {
+            ok: false,
             status: 400,
             statusText: 'Bad Request',
         };
@@ -201,6 +207,7 @@ describe('refreshAccessToken', () => {
 
     it('should include status in error message for 5xx', async () => {
         const mockResponse = {
+            ok: false,
             status: 503,
             statusText: 'Service Unavailable',
         };
@@ -219,3 +226,79 @@ describe('refreshAccessToken', () => {
             .toThrow(`${AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR}: Failed to fetch`);
     });
 });
+
+describe('retryWithBackoff', () => {
+
+    it('should return on first success without retrying', async () => {
+        jest.useRealTimers();
+        const fn = jest.fn().mockResolvedValue('ok');
+
+        const result = await retryWithBackoff(fn, 3, 1);
+
+        expect(result).toBe('ok');
+        expect(fn).toHaveBeenCalledTimes(1);
+    });
+
+    it('should retry network errors up to maxRetries then throw', async () => {
+        jest.useRealTimers();
+        const networkError = new Error('network down');
+        const fn = jest.fn().mockRejectedValue(networkError);
+
+        await expect(retryWithBackoff(fn, 3, 1))
+            .rejects
+            .toThrow('network down');
+
+        expect(fn).toHaveBeenCalledTimes(3);
+    });
+
+    it('should succeed after transient failures', async () => {
+        jest.useRealTimers();
+        const fn = jest.fn()
+            .mockRejectedValueOnce(new Error('transient'))
+            .mockRejectedValueOnce(new Error('transient'))
+            .mockResolvedValue('recovered');
+
+        const result = await retryWithBackoff(fn, 5, 1);
+
+        expect(result).toBe('recovered');
+        expect(fn).toHaveBeenCalledTimes(3);
+    });
+
+    it('should not retry auth errors (HTTP 400)', async () => {
+        jest.useRealTimers();
+        const authError = new Error(`${AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR}: 400 - Bad Request`);
+        const fn = jest.fn().mockRejectedValue(authError);
+
+        await expect(retryWithBackoff(fn, 5, 1))
+            .rejects
+            .toThrow(AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR);
+
+        expect(fn).toHaveBeenCalledTimes(1);
+    });
+
+    it('should apply exponential backoff delays', async () => {
+        jest.useRealTimers();
+        const setTimeoutSpy = jest.spyOn(global, 'setTimeout');
+
+        const fn = jest.fn()
+            .mockRejectedValueOnce(new Error('fail 1'))
+            .mockRejectedValueOnce(new Error('fail 2'))
+            .mockResolvedValue('ok');
+
+        const baseDelay = 100;
+        const result = await retryWithBackoff(fn, 5, baseDelay);
+
+        expect(result).toBe('ok');
+        expect(fn).toHaveBeenCalledTimes(3);
+
+        // Extract the delay arguments from setTimeout calls made by retryWithBackoff
+        const retryDelays = setTimeoutSpy.mock.calls
+            .map(call => call[1])
+            .filter(delay => delay >= baseDelay);
+
+        // 100 * 2^0 = 100ms, 100 * 2^1 = 200ms
+        expect(retryDelays).toEqual([100, 200]);
+
+        setTimeoutSpy.mockRestore();
+    });
+});
diff --git a/src/components/security/methods.js b/src/components/security/methods.js
@@ -14,6 +14,7 @@ import moment from "moment-timezone";
 import request from 'superagent/lib/client';
 import SuperTokensLock from 'browser-tabs-lock';
 import Cookies from 'js-cookie'
+
 let http = request;
 
 /**
@@ -143,7 +144,7 @@ export const getAuthUrl = (
  * @param idToken
  * @returns {*}
  */
-export const getLogoutUrl = (idToken= null) => {
+export const getLogoutUrl = (idToken = null) => {
     let baseUrl = getOAuth2IDPBaseUrl();
     let oauth2ClientId = getOAuth2ClientId();
     let url = URI(`${baseUrl}/oauth2/end-session`);
@@ -162,7 +163,7 @@ export const getLogoutUrl = (idToken= null) => {
         "state": state,
     }
 
-    if(idToken)
+    if (idToken)
         queryParams.id_token_hint = idToken;
 
     return url.query(queryParams);
@@ -228,7 +229,7 @@ export const emitAccessToken = async (code, backUrl = null) => {
     let redirectUri = getAuthCallback();
     let pkce = JSON.parse(getFromLocalStorage(PKCE, true));
 
-    if(!pkce)
+    if (!pkce)
         throw Error(AUTH_ERROR_MISSING_PKCE_PARAM);
 
     if (backUrl != null)
@@ -266,7 +267,7 @@ export const emitAccessToken = async (code, backUrl = null) => {
 export const MAX_RETRIES = 5;
 export const BACKOFF_BASE_MS = 1000;
 
-const retryWithBackoff = async (fn, maxRetries = MAX_RETRIES, baseDelayMs = BACKOFF_BASE_MS) => {
+export const retryWithBackoff = async (fn, maxRetries = MAX_RETRIES, baseDelayMs = BACKOFF_BASE_MS) => {
     for (let attempt = 0; attempt <= maxRetries; attempt++) {
         try {
             return await fn();
@@ -276,7 +277,7 @@ const retryWithBackoff = async (fn, maxRetries = MAX_RETRIES, baseDelayMs = BACK
                 throw err;
             }
             // network/5xx errors are retryable — retry unless exhausted
-            if (attempt === maxRetries) {
+            if (attempt === maxRetries - 1) {
                 throw err;
             }
             const delay = baseDelayMs * Math.pow(2, attempt);
@@ -338,13 +339,12 @@ const _getAccessToken = async () => {
  * @returns {Promise<*|undefined>}
  */
 export const getAccessToken = async () => {
-    if(navigator?.locks){
+    if (navigator?.locks) {
         return await navigator.locks.request(GET_TOKEN_SILENTLY_LOCK_KEY, async lock => {
             console.log(`openstack-uicore-foundation::Security::methods::getAccessToken web lock api`, lock);
             return await _getAccessToken();
         });
-    }
-    else {
+    } else {
         if (
             await retryPromise(
                 () => Lock.acquireLock(GET_TOKEN_SILENTLY_LOCK_KEY, GET_TOKEN_SILENTLY_LOCK_KEY_TIMEOUT),
@@ -383,13 +383,12 @@ const _clearAccessToken = () => {
 
 export const clearAccessToken = async () => {
     // see https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API
-    if(navigator?.locks){
+    if (navigator?.locks) {
         await navigator.locks.request(GET_TOKEN_SILENTLY_LOCK_KEY, async lock => {
             console.log(`openstack-uicore-foundation::Security::methods::clearAccessToken web lock api`, lock);
             _clearAccessToken();
         });
-    }
-    else {
+    } else {
         if (
             await retryPromise(
                 () => Lock.acquireLock(GET_TOKEN_SILENTLY_LOCK_KEY, GET_TOKEN_SILENTLY_LOCK_KEY_TIMEOUT),
@@ -401,8 +400,7 @@ export const clearAccessToken = async () => {
             } finally {
                 await Lock.releaseLock(GET_TOKEN_SILENTLY_LOCK_KEY);
             }
-        }
-        else{
+        } else {
             // error on locking
             throw Error(AUTH_ERROR_LOCK_ACQUIRE_ERROR);
         }
@@ -437,20 +435,24 @@ export const refreshAccessToken = async (refresh_token) => {
         throw Error(`${AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR}: ${networkError.message}`);
     }
 
-    if (response.status === 400) {
+    if (!response.ok) {
+        console.log(`refreshAccessToken server error: ${response.status} - ${response.statusText}`);
+        if (response.status >= 500) {
+            // server error — transient, should be retried
+            throw Error(`${AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR}: ${response.status} - ${response.statusText}`);
+        }
         // token is genuinely revoked — this is a real auth error
         setSessionClearingState(true);
         throw Error(`${AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR}: ${response.status} - ${response.statusText}`);
     }
 
-    if (response.status >= 500) {
-        // server error — transient, should be retried
-        console.log(`refreshAccessToken server error: ${response.status} - ${response.statusText}`);
-        throw Error(`${AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR}: ${response.status} - ${response.statusText}`);
-    }
-
     const json = await response.json();
     let {access_token, refresh_token: new_refresh_token, expires_in, id_token} = json;
+    // Defensively ensure we never propagate an undefined access token.
+    if (!access_token) {
+        setSessionClearingState(true);
+        throw Error(`${AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR}: missing access_token in refresh response`);
+    }
     return {access_token, refresh_token: new_refresh_token, expires_in, id_token}
 }
 
@@ -478,9 +480,8 @@ export const storeAuthInfo = (accessToken, expiresIn, refreshToken = null, idTok
 
     if (idToken) {
         authInfo[ID_TOKEN] = idToken;
-        Cookies.set(ID_TOKEN, idToken, { secure: true, sameSite: 'Lax' });
-    }
-    else{
+        Cookies.set(ID_TOKEN, idToken, {secure: true, sameSite: 'Lax'});
+    } else {
         Cookies.remove(ID_TOKEN);
     }
 
@@ -563,7 +564,7 @@ export const validateIdToken = (idToken, issuer, audience) => {
     });
 
     let storedNonce = getFromLocalStorage(NONCE, true);
-    if(!storedNonce)
+    if (!storedNonce)
         throw Error(AUTH_ERROR_MISSING_NONCE_PARAM);
 
     let jwt = verifier.decode(idToken);

Original file line number	Diff line number	Diff line change
`@@ -66,6 +66,7 @@ export class DropzoneJS extends React.Component {`
`66`	`66`	`if (!e.message \|\| !e.message.startsWith(AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR)) {`
`67`	`67`	`initLogOut();`
`68`	`68`	`}`
	`69`	`+ done(e.message \|\| 'Auth error');`
`69`	`70`	`return;`
`70`	`71`	`}`
`71`	`72`	`if (options.maxFiles && options.maxFiles < (this.state.files.length + this.props.uploadCount)) {`