Skip to content

Bug: Handle token refreshes when token is not present#7102

Merged
david-livefront merged 1 commit into
mainfrom
token-refresh-crash
Jun 24, 2026
Merged

Bug: Handle token refreshes when token is not present#7102
david-livefront merged 1 commit into
mainfrom
token-refresh-crash

Conversation

@david-livefront

@david-livefront david-livefront commented Jun 24, 2026

Copy link
Copy Markdown
Collaborator

🎟️ Tracking

N/A

📔 Objective

Stumbled upon a crash that can occur now that we allow optionally authenticated calls to be made. This means the access token might not be present when the authenticator is invoked (and that's OK)

@david-livefront david-livefront requested a review from a team as a code owner June 24, 2026 21:10
@david-livefront david-livefront added the ai-review-vnext Request a Claude code review using the vNext workflow label Jun 24, 2026
@github-actions github-actions Bot added app:password-manager Bitwarden Password Manager app context app:authenticator Bitwarden Authenticator app context t:bug Change Type - Bug labels Jun 24, 2026
@github-actions

github-actions Bot commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed a focused bug fix in AuthTokenManager.authenticate that replaces a crashing requireNotNull with a safe ?: return null when the Authorization header is absent. This handles the case where optionally-authenticated calls proceed without an access token, so a resulting 401 reaches the authenticator with no Bearer header. The new early-return matches the existing 401 pass-through pattern in the same method, and an accompanying unit test verifies the null path without triggering a token refresh.

Code Review Details

No findings. The fix is correct, minimal, and consistent with established patterns in the file. Test coverage appropriately exercises the new null-header path and asserts that refreshAccessTokenSynchronously is not invoked.

@david-livefront

david-livefront commented Jun 24, 2026

Copy link
Copy Markdown
Collaborator Author

Thanks @SaintPatrck

@david-livefront david-livefront added this pull request to the merge queue Jun 24, 2026
Merged via the queue into main with commit 8c01f68 Jun 24, 2026
25 of 29 checks passed
@david-livefront david-livefront deleted the token-refresh-crash branch June 24, 2026 21:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SaintPatrck SaintPatrck SaintPatrck approved these changes

Assignees

No one assigned

Labels

ai-review-vnext Request a Claude code review using the vNext workflow app:authenticator Bitwarden Authenticator app context app:password-manager Bitwarden Password Manager app context t:bug Change Type - Bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@david-livefront @SaintPatrck