-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting logged out after my laptop was in sleep mode #307
Comments
It seems like we need to improve on handling transient errors in the authentication flow. The following sections describe the status quo of the authentication flow and propose an improvement. Status quoSidecarAt the moment, the sidecar returns three different authentication states for a Confluent Cloud connection:
The sidecar refreshes tokens every 5 minutes. It does not distinguish between transient (e.g., network loss) and non-transient (e.g., expired refresh token) errors. Instead, it aborts refreshing tokens after 50 failed attempts and resets the connection so that its auth status equals ExtensionThe extension prompts the user to authenticate with Confluent Cloud if the state of the connection equals Suggested changeSidecarThe sidecar introduces a fourth authentication state, ExtensionIf the state of the connection equals |
Having that extra state to help us create a better UX sounds great @flippingbits, thanks for working on this ! |
How long will |
Good question! We attempt a token refresh every 5 seconds if the control plane token is expired so it will take roughly 4 minutes until it fully fails. This allows us to tolerate transient network issues, like a failed Wi-Fi connection. We can adjust the number of attempts if needed.
Users will not be able to interact with the Confluent Cloud resources in the extension and see the warning "Experiencing issues interacting with the Confluent Cloud API. Trying to reconnect...". |
Sounds reasonable then. We can adjust if users find friction therein that could be adjusted down the road. |
Code of Conduct
On what operating system are you seeing the problem?
macOS (Apple/arm64)
VS Code version
Version: 1.93.1 (Universal)
Commit: 38c31bc77e0dd6ae88a4e9cc93428cc27a56ba40
Date: 2024-09-11T17:20:05.685Z (2 wks ago)
Electron: 30.4.0
ElectronBuildId: 10073054
Chromium: 124.0.6367.243
Node.js: 20.15.1
V8: 12.4.254.20-electron.0
OS: Darwin arm64 23.6.0
Version of Confluent extension
v0.16.3
To Reproduce
Current vs. Expected behavior
Current behavior:
After my laptop was in sleep or hibernation mode for more than 5 minutes (sometimes even less, I'll explain why in "Additional context"), I get logged out of Confluent Cloud and must re-start the authentication flow.
Expected behavior:
My laptop should be able to sleep for up to 4 hours without causing a log-out because the readme states "Confluent Cloud connections require reauthenticating after 4 hours, and you will be prompted to reauthenticate.".
Relevant log output
My laptop was in sleep mode between 11:23:20 and 11:32:47.
Which area(s) are affected? (Select all that apply)
Connections, Confluent Cloud
Additional context
Some background:
When laptops are in sleep or hibernation mode, they pause the running processes, so neither token refreshes nor health checks are performed:
After waking up, the extension will immediately check the health of the access tokens. When detecting that the access tokens are unhealthy, it will reset the CCloud connection and maybe prompt the user to re-authenticate. Although the ide-sidecar will immediately refresh tokens after the laptop wakes up, the extension will never see the refreshed tokens because the extension-side CCloud connection has already been reset.
This might also explain the behavior reported in #281.
I created this issue in the vscode repo for visibility reasons but feel that it should be addressed in the ide-sidecar repo.
The text was updated successfully, but these errors were encountered: