Browser extension stops working when SAML auth token expires
Created by: nicksnyder
Reported by a customer today.
I had a few users today that are getting a
401 Unauthorizedwhen trying to use the chrome extension
Error: private mode requires authenticationI suspect the problem is as follows:
For builtin auth and OIDC we use a 90 day rolling auth window so it is extremely unlikely for an active sourcegraph user to become unauthed.
For SAML, the cookie expires every 90 days and we don't actually refresh it until it expires. If the cookie expires or is deleted, the browser extension will stop working. It would be great if we could detect this and (1) automatically refresh the token or (2) just tell the user they need to re-auth and give them a link.
The workaround if this is true if for the user to visit their sourcegraph instance to refresh the auth token.
related