Skip to content

fix(trakt): improve invalid token handling and token check scheduling#1325

Merged
revam merged 8 commits into
ShokoAnime:masterfrom
krbrs:trakt-refresh-fix
May 20, 2026
Merged

fix(trakt): improve invalid token handling and token check scheduling#1325
revam merged 8 commits into
ShokoAnime:masterfrom
krbrs:trakt-refresh-fix

Conversation

@krbrs
Copy link
Copy Markdown
Contributor

@krbrs krbrs commented May 20, 2026
edited
Loading

Summary

This PR improves Trakt OAuth failure handling and recurring token-check behavior when Trakt credentials are revoked, expired, or otherwise become invalid.

Previously, revoked or expired Trakt auth could still leave Shoko relying on the stored Unix expiry timestamp, continue scheduling the recurring token-check job even when Trakt was disabled, and produce noisy error logging during expected OAuth/device-auth failure paths.

Changes

Trakt refresh handling

  • Detect invalid_grant responses during Trakt token refresh
  • Treat revoked or expired refresh tokens as expected deauthorization
  • Disable Trakt automatically when refresh tokens are revoked or expired
  • Clear invalid auth state safely
  • Prevent repeated refresh attempts with permanently invalid refresh tokens
  • Reduce noisy logging for expected OAuth revoke flows

Token validity check

  • Validate the current Trakt access token with a lightweight authenticated API call before trusting the stored expiry timestamp
  • Refresh immediately if the current access token is no longer valid, even if the saved Unix expiry has not elapsed
  • Fall back to the stored expiry timestamp only when token validity cannot be confirmed

Scheduling

  • Only schedule the recurring CheckTraktTokenJob when Trakt is enabled
  • Remove the persisted recurring Trakt token-check job when Trakt is disabled, so old Quartz state does not keep firing it

Cleanup

  • Refactor SendData() stream handling to use using declarations for safer disposal
  • Replace brittle raw OAuth error string matching with JSON parsing
  • Use named Trakt status constants consistently for expected device-auth polling statuses

Result

Revoked or expired Trakt tokens now:

  • fail gracefully
  • disable Trakt until re-authenticated
  • are detected even if the stored expiry timestamp has not elapsed
  • avoid repeated retry/error loops
  • avoid noisy expected OAuth/device-auth error logging

When Trakt is disabled:

  • the recurring token-check job is no longer scheduled
  • previously persisted recurring token-check jobs are removed

krbrs added 2 commits May 20, 2026 14:41
@krbrs
fix(config): guard schema validator against empty token parsing
77aa793 
- handle empty original values during save validation
- prevent JsonReaderException when restoring empty string config values
- preserve empty string values instead of attempting JToken.Parse("")
@krbrs
fix(trakt): handle invalid_grant refresh failures gracefully
abbd8f5 
- disable Trakt and clear auth state on revoked/expired refresh tokens
- suppress noisy stacktrace logging for expected invalid_grant responses
- avoid repeated retry loop with invalid refresh tokens
- refactor SendData stream handling to use using declarations
@krbrs krbrs requested review from harshithmohan and revam May 20, 2026 12:48
@krbrs krbrs changed the title fix(trakt): handle invalid_grant token refresh failures and schema save crash fix(trakt): improve invalid token handling and token check scheduling May 20, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 20, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@revam revam merged commit 30df463 into ShokoAnime:master May 20, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@revam revam revam approved these changes

@harshithmohan harshithmohan Awaiting requested review from harshithmohan

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@krbrs @revam