Skip to content

Browser extension should gracefully handle auth proxies signing users out after inactivity

Created by: slimsag

Reported by https://app.hubspot.com/contacts/2762526/company/407948923

It is common for authentication proxies to be configured to sign users out after some period of inactivity. When using such an auth proxy with Sourcegraph, this results in errors bubbling up through the browser extension UI without clear explanation on how to solve the problem.

How it looks:

  1. You are using the Sourcegraph browser extension, everything works fine.
  2. The next day, after your laptop was inactive, you've been signed out of Sourcegraph.
  3. The browser extension shows 403 Unauthorized or 401 Unauthenticated errors in the UI at various UI points (e.g. when hovering over code).
  4. As a user, the browser extension looks broken and it's not clear what you need to do to resolve these errors (the solution is to visit your Sourcegraph instance and re-authenticate via the auth proxy).

It would be much nicer if we could detect 403/401 status codes and display something more obvious like a panel / even JS alert which says Please visit https://my-sourcegraph-instance to authenticate.