OAuth: support automatic token refresh and retry logic for GitLab (!39840) · Merge requests · Administrator / sourcegraph

Administrator requested to merge mv/refresh-token into main Aug 02, 2022

Created by: miveronese

This PR is result from working under the guidance and in collaboration with @unknwon (many thanks to his help!).

Some context:

The main goal of the first PR is to have a foundation for the new "refresh token + retry request" mechanism and also implement it for the GiLab auth provider.
a next PR will be opened to use this new flow for GitHub.

Unit tests were added.
Manual ("pseudo e2e") tests were done to confirm that the request to create a new token was triggered as expected. Note: for manual tests, the access token stored in the DB was made invalid. But a new token wasn’t actually retrieved to replace the invalid one. Why? Because the broken token used to request a new token was just invalid, but not expired. The manual tests went as far as the request to create a new token was triggered.

The rest of the flow was covered by unit tests -- on those, the API response expected when a token is expired and a new one is requested was mocked.