Address User-to-server token expiration
Closed this issue · 6 comments
If I have recently logged in to DROID and I go to a project page, e.g. https://droid.ontodev.com/ONTIE, then I can see a list of all branches that I see on GitHub for that project.
If I logged in a few days ago, DROID will still say that I'm logged in, but if I go to a project page then I will only see the local branches. Logging out and then back in fixes the problem.
In the case where you logged in a few days ago, does the branch list update when you hit the Refresh
button, or does it not work?
Sorry, I don't remember. I'll check next time this happens. You can set this issue aside until I do that.
Currently there is a decorator (see
Line 2042 in 8e5d88b
FYI we can do this regardless of the answer to my earlier question about the Refresh
button. It is only a small change. I've tested it and it seems to work.
As discussed on our call, this seems to be GitHub App's "User-to-server token expiration" feature. It is currently turned ON for droid.ontodev.com. It was a beta feature at the time of development.
- We could turn this OFF ("Opt-out")
- We could update DROID to refresh user tokens automatically
FYI, here is the documentation for this feature (which is still beta): https://docs.github.com/en/enterprise-server@2.22/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens
I'll look into implementing the token renewal.