open-metadata · chirag-madlani · Apr 8, 2026 · Apr 7, 2026 · Copilot · Apr 7, 2026
@@ -109,7 +109,7 @@
 let requestInterceptor: number | null = null;
 let responseInterceptor: number | null = null;

 let pendingRequests: any[] = [];

 type AuthContextType = {
  onLoginHandler: () => void;
@@ -381,7 +381,7 @@
      } catch (error) {
        const err = error as AxiosError;
        if (err?.response?.status === 404) {
          if (!authConfig?.enableSelfSignup) {
            resetUserDetails();
            navigate(ROUTES.UNAUTHORISED);
            showErrorToast(err);
@@ -461,7 +461,7 @@
    }

    requestInterceptor = axiosClient.interceptors.request.use(async function (
      config: InternalAxiosRequestConfig<any>
    ) {
      // Need to read token from local storage as it might have been updated with refresh
      const token: string = await getOidcToken();
@@ -501,7 +501,7 @@
            handleStoreProtectedRedirectPath();

            // If 401 error and refresh is not in progress, trigger the refresh
            if (!tokenService.current?.isTokenUpdateInProgress()) {
              // Start the refresh process
              return new Promise((resolve, reject) => {
                // Add this request to the pending queue
@@ -514,10 +514,10 @@
                 // Refresh the token and retry the requests in the queue
                 tokenService.current
                   .refreshToken()
-                  .then((token) => {
+                  .then(async (token) => {
                     if (token) {
                       // Retry the pending requests
-                      initializeAxiosInterceptors();
+                      await initializeAxiosInterceptors();
                       pendingRequests.forEach(({ resolve, reject, config }) => {
                         axiosClient.request(config).then(resolve).catch(reject);
                       });
@@ -528,10 +528,10 @@
                      resetUserDetails(true);
                    }
                  })
                  .catch((error) => {
                    resetUserDetails(true);

                    return Promise.reject(error);
                  });
              });
            } else {
@@ -558,7 +558,7 @@
        fetchAuthenticationConfig(),
        fetchAuthorizerConfig(),
      ]);
      if (!isNil(authConfig)) {
        const provider = authConfig.provider;
        // show an error toast if provider is null or not supported
        if (provider && Object.values(AuthProviderEnum).includes(provider)) {
@@ -571,7 +571,7 @@
          // RDF enabled status is already set from system config in App.tsx
          updateAuthInstance(configJson);
          const oidcToken = await getOidcToken();
          if (!oidcToken) {
            handleStoreProtectedRedirectPath();
            setApplicationLoading(false);
          } else {

@@ -87,8 +87,8 @@ class TokenService {
     this.setRefreshInProgress();
 
     try {
-      const token = await getOidcToken();
-      const { isExpired, timeoutExpiry } = extractDetailsFromToken(token);
+      const oldToken = await getOidcToken();
+      const { isExpired, timeoutExpiry } = extractDetailsFromToken(oldToken);
 
       // If token is expired or timeoutExpiry is less than 0 then try to silent signIn
       if (isExpired || timeoutExpiry <= 0) {
@@ -160,6 +160,21 @@ class TokenService {
   isTokenUpdateInProgress() {
     return localStorage.getItem(REFRESH_IN_PROGRESS_KEY) === 'true';
   }
+
+  private async waitForTokenPersistence(oldToken: string) {
+    const maxAttempts = 20;
+    const delayMs = 50;
+
+    for (let attempt = 0; attempt < maxAttempts; attempt++) {
+      await new Promise((resolve) => setTimeout(resolve, delayMs));
+
+      const currentToken = await getOidcToken();
+
+      if (currentToken && currentToken !== oldToken) {
+        return;
+      }
+    }
+  }
 }
 
 export default TokenService;