Added explicit expired error (#12580)

2026-03-22 05:37:20 +08:00 · 2026-01-23 12:49:10 -07:00
parent 52e39e5d12
commit f327e76be7
2 changed files with 5 additions and 1 deletions
--- a/enterprise/integrations/github/github_manager.py
+++ b/enterprise/integrations/github/github_manager.py
@@ -26,6 +26,7 @@ from integrations.utils import (
 from integrations.v1_utils import get_saas_user_auth
 from jinja2 import Environment, FileSystemLoader
 from pydantic import SecretStr
+from server.auth.auth_error import ExpiredError
 from server.auth.constants import GITHUB_APP_CLIENT_ID, GITHUB_APP_PRIVATE_KEY
 from server.auth.token_manager import TokenManager
 from server.utils.conversation_callback_utils import register_callback_processor
@@ -347,7 +348,7 @@ class GithubManager(Manager):

                msg_info = f'@{user_info.username} please set a valid LLM API key in [OpenHands Cloud]({HOST_URL}) before starting a job.'

-            except SessionExpiredError as e:
+            except (ExpiredError, SessionExpiredError) as e:
                logger.warning(
                    f'[GitHub] Session expired for user {user_info.username}: {str(e)}'
                )
--- a/enterprise/server/auth/token_manager.py
+++ b/enterprise/server/auth/token_manager.py
@@ -16,6 +16,7 @@ from keycloak.exceptions import (
    KeycloakError,
    KeycloakPostError,
 )
+from server.auth.auth_error import ExpiredError
 from server.auth.constants import (
    BITBUCKET_APP_CLIENT_ID,
    BITBUCKET_APP_CLIENT_SECRET,
@@ -426,6 +427,8 @@ class TokenManager:
        access_token = data.get('access_token')
        refresh_token = data.get('refresh_token')
        if not access_token or not refresh_token:
+            if data.get('error') == 'bad_refresh_token':
+                raise ExpiredError()
            raise ValueError(
                'Failed to refresh token: missing access_token or refresh_token in response.'
            )