feat(auth): extra retry for failed SSO OIDC request #3498

Problem:
Sessions may "expire" earlier than expected due to network faults.

Solution:
Increase retries for InvalidGrantException. 
Using default retry strategy (exponential backoff) with 2 retries (AWSSDK default), max attempts is now 3.

Author: andrewyuq

.changes/next-release/Bug Fix-5496c0bc-07df-46af-b77f-e76bd53a847a.json

@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "CodeWhisperer: user is sometimes required to re-login before token expiration"
+}

src/credentials/sso/clients.ts

@@ -30,8 +30,9 @@ import { SsoAccessTokenProvider } from './ssoAccessTokenProvider'
 import { isClientFault } from '../../shared/errors'
 import { DevSettings } from '../../shared/settings'
 import { Client } from '@aws-sdk/smithy-client'
-import { HttpHandlerOptions } from '@aws-sdk/types'
+import { HttpHandlerOptions, SdkError } from '@aws-sdk/types'
 import { HttpRequest, HttpResponse } from '@aws-sdk/protocol-http'
+import { StandardRetryStrategy, defaultRetryDecider } from '@aws-sdk/middleware-retry'
 
 export class OidcClient {
     public constructor(private readonly client: SSOOIDC, private readonly clock: { Date: typeof Date }) {}
@@ -70,9 +71,22 @@ export class OidcClient {
     }
 
     public static create(region: string) {
+        const updatedRetryDecider = (err: SdkError) => {
+            // Check the default retry conditions
+            if (defaultRetryDecider(err)) {
+                return true
+            }
+
+            // Custom retry rules
+            return err.name === 'InvalidGrantException'
+        }
         const client = new SSOOIDC({
             region,
             endpoint: DevSettings.instance.get('endpoints', {})['ssooidc'],
+            retryStrategy: new StandardRetryStrategy(
+                () => Promise.resolve(3), // Maximum number of retries
+                { retryDecider: updatedRetryDecider }
+            ),
         })
 
         addLoggingMiddleware(client)