Skip to content

fix: add OAuth server default timeout W-19549750 #1245

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
cristiand391 merged 2 commits into from
Oct 24, 2025
Merged

fix: add OAuth server default timeout W-19549750 #1245

cristiand391 merged 2 commits into from
Oct 24, 2025

Conversation

@cristiand391
Copy link
Member

@cristiand391 cristiand391 commented Oct 21, 2025
edited
Loading

What does this PR do?

Adds a (non-configurable) 2 minutes timeout to the OAuth server.

WebServer starts the timer when starting the server via await WebServer.start(), also exposes a setTimeoutCallback method for WebOAuthServer to set a callback to clean up server-dependent code like WebOAuthServer.authorizeAndSave.

There's a native setTimeout method for when the socket is active:
https://nodejs.org/api/http.html#serversettimeoutmsecs-callback

It doesn't work for us because that requires a request to hit the server (and fail), so instead we use setTimeout while starting the server.

Before

OAuth server hangs indefinitely until a successful auth happens (or other req fails)

After

Server times out after 2 minutes.

Testing instructions:

  1. checkout this branch and yarn compile
  2. yarn link it into plugin-auth
  3. link the plugin and run time sf org login web, see it time out:

NOTE: in this screenshot I modified the timeout to 10s for testing, you should see a 2 min timeout:
Screenshot 2025-10-21 at 09 40 38

What issues does this PR fix or reference?

@W-19549750@

@cristiand391 cristiand391 requested a review from a team as a code owner October 21, 2025 12:42
@mdonnalley
Copy link
Contributor

mdonnalley commented Oct 21, 2025

QA:

🟢 sf org login web timeouts after 5 minutes

mdonnalley
mdonnalley previously approved these changes Oct 21, 2025
View reviewed changes
@cristiand391 cristiand391 merged commit 7889fda into main Oct 24, 2025
5 checks passed
@cristiand391 cristiand391 deleted the cd/add-webserver-timeout branch October 24, 2025 14:04
@cristiand391 cristiand391 mentioned this pull request Oct 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonnyhork jonnyhork jonnyhork left review comments

@mdonnalley mdonnalley mdonnalley left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@cristiand391 @mdonnalley @jonnyhork @svc-cli-bot