Do not copy tokens.

dkocher · dkocher · commit 240dc72b6dbf · 2025-11-04T10:35:45.000+01:00
diff --git a/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2ErrorResponseInterceptor.java b/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2ErrorResponseInterceptor.java
@@ -28,9 +28,11 @@
 public class OAuth2ErrorResponseInterceptor extends DisabledServiceUnavailableRetryStrategy {
     private static final Logger log = LogManager.getLogger(OAuth2ErrorResponseInterceptor.class);
 
+    private final Host host;
     private final OAuth2RequestInterceptor service;
 
     public OAuth2ErrorResponseInterceptor(final Host host, final OAuth2RequestInterceptor service) {
+        this.host = host;
         this.service = service;
     }
 
@@ -40,7 +42,7 @@ public boolean retryRequest(final HttpResponse response, final int executionCoun
             case HttpStatus.SC_UNAUTHORIZED:
                 try {
                     log.warn("Attempt to refresh OAuth tokens for failure {}", response);
-                    service.save(service.refresh());
+                    service.save(service.refresh(host.getCredentials().getOauth()));
                     // Try again
                     return true;
                 }
diff --git a/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2RequestInterceptor.java b/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2RequestInterceptor.java
@@ -23,7 +23,6 @@
 import ch.cyberduck.core.Scheme;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.exception.LoginCanceledException;
-import ch.cyberduck.core.exception.LoginFailureException;
 
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpException;
@@ -46,11 +45,7 @@ public class OAuth2RequestInterceptor extends OAuth2AuthorizationService impleme
     private static final Logger log = LogManager.getLogger(OAuth2RequestInterceptor.class);
 
     private final ReentrantLock lock = new ReentrantLock();
-
-    /**
-     * Currently valid tokens
-     */
-    private OAuthTokens tokens;
+    private final Host host;
 
     public OAuth2RequestInterceptor(final HttpClient client, final Host host, final LoginCallback prompt) throws LoginCanceledException {
         this(client, host,
@@ -67,60 +62,14 @@ public OAuth2RequestInterceptor(final HttpClient client, final Host host, final
     public OAuth2RequestInterceptor(final HttpClient client, final Host host, final String tokenServerUrl, final String authorizationServerUrl,
                                     final String clientid, final String clientsecret, final List<String> scopes, final boolean pkce, final LoginCallback prompt) throws LoginCanceledException {
         super(client, host, tokenServerUrl, authorizationServerUrl, clientid, clientsecret, scopes, pkce, prompt);
-        this.tokens = host.getCredentials().getOauth();
-    }
-
-    @Override
-    public OAuthTokens validate(final OAuthTokens saved) throws BackgroundException {
-        return tokens = super.validate(saved);
-    }
-
-    @Override
-    public OAuthTokens authorize() throws BackgroundException {
-        lock.lock();
-        try {
-            return tokens = super.authorize();
-        }
-        finally {
-            lock.unlock();
-        }
-    }
-
-    /**
-     * Refresh with cached refresh token
-     */
-    public OAuthTokens refresh() throws BackgroundException {
-        lock.lock();
-        try {
-            return tokens = this.refresh(tokens);
-        }
-        finally {
-            lock.unlock();
-        }
-    }
-
-    /**
-     * @param previous Refresh token
-     */
-    @Override
-    public OAuthTokens refresh(final OAuthTokens previous) throws BackgroundException {
-        lock.lock();
-        try {
-            return tokens = super.refresh(previous);
-        }
-        catch(LoginFailureException e) {
-            log.warn("Failure {} refreshing OAuth tokens", e.getMessage());
-            return tokens = this.authorize();
-        }
-        finally {
-            lock.unlock();
-        }
+        this.host = host;
     }
 
     @Override
     public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
         lock.lock();
         try {
+            final OAuthTokens tokens = host.getCredentials().getOauth();
             if(tokens.isExpired()) {
                 try {
                     this.save(this.refresh(tokens));
