Skip to content

fix(auth): harden callback relay registration retries#60

Merged
xjdr-noumena merged 3 commits into
mainfrom
fix/oauth-callback-relay-budget-hardened
Jul 1, 2026
Merged

fix(auth): harden callback relay registration retries#60
xjdr-noumena merged 3 commits into
mainfrom
fix/oauth-callback-relay-budget-hardened

Conversation

@xjdr-noumena

Copy link
Copy Markdown
Contributor

Summary

Supersedes #55 with the same callback-relay reliability fix plus explicit retry-boundary coverage.

The callback-relay registration POST used a 1000ms timeout, which can be shorter than cold DNS/TLS on a fresh process. This moves retry behavior into registerOauthCallbackRelay, raises the service-level registration budget to 5000ms, and retries only transient registration failures.

Behavior

  • retries timeout/network-style Axios errors
  • retries 5xx and 429 responses
  • fails fast on non-transient 4xx responses
  • fails fast on non-Axios/programming errors
  • keeps the OAuth service layer simpler by making callback-relay registration resilient at the client boundary

Validation

Focused OAuth tests:

PATH="$HOME/.bun/bin:$PATH" timeout 60s $HOME/.bun/bin/bun test \
  src/services/oauth/client.test.ts \
  src/services/oauth/oauthServiceE2E.test.ts

Result: 17 pass, 0 fail.

Auth suite:

PATH="$HOME/.bun/bin:$PATH" timeout 120s $HOME/.bun/bin/bun run test:auth

Result: 457 pass, 0 fail.

Notes

This keeps the spirit of #55 but tightens the retry classifier. Non-Axios errors are not retried, because those are more likely programming or invariant failures than transient network failures.

andomeder and others added 3 commits June 27, 2026 22:37
… retry

The 1s registration timeout was shorter than a cold DNS+TLS handshake on a
fresh process, producing a "timeout of 1000ms exceeded" loop on /login.
Bumped to 5s and replaced the linear retry withTransientRetry (3 attempts,
200ms exponential + jitter, transient-only).
@xjdr-noumena xjdr-noumena merged commit 4bbba41 into main Jul 1, 2026
3 checks passed
@xjdr-noumena xjdr-noumena deleted the fix/oauth-callback-relay-budget-hardened branch July 1, 2026 04:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants