feat: Improve OAuth handling (#402)

- Added error codes to oauth service
- Retry logic with exponential backoff
- Singleton promise for token init and refresh
- Preserve session on network errors

Author: charlesvien

apps/array/src/main/services/oauth/schemas.ts

@@ -3,6 +3,19 @@ import { z } from "zod";
 export const cloudRegion = z.enum(["us", "eu", "dev"]);
 export type CloudRegion = z.infer<typeof cloudRegion>;
 
+/**
+ * Error codes for OAuth operations.
+ * - network_error: Transient network issue, should retry
+ * - auth_error: Authentication failed (invalid token, 401/403), should logout
+ * - unknown_error: Other errors
+ */
+export const oAuthErrorCode = z.enum([
+  "network_error",
+  "auth_error",
+  "unknown_error",
+]);
+export type OAuthErrorCode = z.infer<typeof oAuthErrorCode>;
+
 export const oAuthTokenResponse = z.object({
   access_token: z.string(),
   expires_in: z.number(),
@@ -23,6 +36,7 @@ export const startFlowOutput = z.object({
   success: z.boolean(),
   data: oAuthTokenResponse.optional(),
   error: z.string().optional(),
+  errorCode: oAuthErrorCode.optional(),
 });
 export type StartFlowOutput = z.infer<typeof startFlowOutput>;
 
@@ -36,6 +50,7 @@ export const refreshTokenOutput = z.object({
   success: z.boolean(),
   data: oAuthTokenResponse.optional(),
   error: z.string().optional(),
+  errorCode: oAuthErrorCode.optional(),
 });
 export type RefreshTokenOutput = z.infer<typeof refreshTokenOutput>;
 

apps/array/src/main/services/oauth/service.ts

@@ -178,7 +178,13 @@ export class OAuthService {
       });
 
       if (!response.ok) {
-        throw new Error(`Token refresh failed: ${response.statusText}`);
+        // 401/403 are auth errors - the token is invalid
+        const isAuthError = response.status === 401 || response.status === 403;
+        return {
+          success: false,
+          error: `Token refresh failed: ${response.statusText}`,
+          errorCode: isAuthError ? "auth_error" : "unknown_error",
+        };
       }
 
       const tokenResponse: OAuthTokenResponse = await response.json();
@@ -187,10 +193,11 @@ export class OAuthService {
         success: true,
         data: tokenResponse,
       };
-    } catch (error) {
+    } catch {
       return {
         success: false,
-        error: error instanceof Error ? error.message : "Unknown error",
+        error: "Network error",
+        errorCode: "network_error",
       };
     }
   }