Frequent Log-Outs when using OIDC

[n0emis]

Steps to reproduce

1. Log in on a homeserver running OIDC with short lived access tokens and refresh tokens
2. Wait a while (while for example having an unstable internet connection
3. Get signed out "For security"

Outcome

What did you expect?

Correct handling of unstable connections and retries of token refreshes

What happened instead?

When a token refresh fails, even for other reasons then the refresh token being invalid, the sessions ends

An easy way to reproduce this is blocking POST to https://$mas/oauth2/token, although this is not neccesary:

It should look like the following:

Sometimes there are even race-comditions, where the old token gets re-used, even if a correct has just become available. This happened without any modification or request-blocking:

URL for webapp

app.element.io and more

Application version

Element 1.11.71 and 1.11.73

Homeserver

gwdg.de: Synapse 1.111.0 with MAS 0.9.0 and 0.10.0-rc.0

[n0emis]

The underlying issue here might be, that there is no difference, in how a returned error from the OP is handled in comparison to different failiure modes. A connection error just falls through to the logout: https://github.com/matrix-org/matrix-js-sdk/blob/8c3b249567cbc60060fe34c7380f3f9cf6eb17e9/src/http-api/fetch.ts#L164-L173

BTW: The rust-sdk is handling this correctly: https://github.com/matrix-org/matrix-rust-sdk/blob/main/crates/matrix-sdk/src/client/futures.rs#L150-L154