fix(kiro): improve auto-refresh and IDC auth file handling

Amp-Thread-ID: https://ampcode.com/threads/T-019bdb94-80e3-7302-be0f-a69937826d13
Co-authored-by: Amp <amp@ampcode.com>
This commit is contained in:
781456868@qq.com
2026-01-20 21:57:45 +08:00
parent 73cef3a25a
commit a9ee971e1c
6 changed files with 53 additions and 32 deletions
+2 -2
View File
@@ -217,11 +217,11 @@ func (s *FileTokenStore) readAuthFile(path, baseDir string) (*cliproxyauth.Auth,
}
id := s.idFor(path, baseDir)
// Calculate NextRefreshAfter from expires_at (10 minutes before expiry)
// Calculate NextRefreshAfter from expires_at (20 minutes before expiry)
var nextRefreshAfter time.Time
if expiresAtStr, ok := metadata["expires_at"].(string); ok && expiresAtStr != "" {
if expiresAt, err := time.Parse(time.RFC3339, expiresAtStr); err == nil {
nextRefreshAfter = expiresAt.Add(-10 * time.Minute)
nextRefreshAfter = expiresAt.Add(-20 * time.Minute)
}
}
+10 -10
View File
@@ -52,9 +52,9 @@ func (a *KiroAuthenticator) Provider() string {
}
// RefreshLead indicates how soon before expiry a refresh should be attempted.
// Set to 10 minutes for proactive refresh before token expiry.
// Set to 20 minutes for proactive refresh before token expiry.
func (a *KiroAuthenticator) RefreshLead() *time.Duration {
d := 10 * time.Minute
d := 20 * time.Minute
return &d
}
@@ -132,8 +132,8 @@ func (a *KiroAuthenticator) createAuthRecord(tokenData *kiroauth.KiroTokenData,
UpdatedAt: now,
Metadata: metadata,
Attributes: attributes,
// NextRefreshAfter: 10 minutes before expiry
NextRefreshAfter: expiresAt.Add(-10 * time.Minute),
// NextRefreshAfter: 20 minutes before expiry
NextRefreshAfter: expiresAt.Add(-20 * time.Minute),
}
if tokenData.Email != "" {
@@ -214,8 +214,8 @@ func (a *KiroAuthenticator) LoginWithAuthCode(ctx context.Context, cfg *config.C
"source": "aws-builder-id-authcode",
"email": tokenData.Email,
},
// NextRefreshAfter: 10 minutes before expiry
NextRefreshAfter: expiresAt.Add(-10 * time.Minute),
// NextRefreshAfter: 20 minutes before expiry
NextRefreshAfter: expiresAt.Add(-20 * time.Minute),
}
if tokenData.Email != "" {
@@ -298,8 +298,8 @@ func (a *KiroAuthenticator) ImportFromKiroIDE(ctx context.Context, cfg *config.C
"email": tokenData.Email,
"region": tokenData.Region,
},
// NextRefreshAfter: 10 minutes before expiry
NextRefreshAfter: expiresAt.Add(-10 * time.Minute),
// NextRefreshAfter: 20 minutes before expiry
NextRefreshAfter: expiresAt.Add(-20 * time.Minute),
}
// Display the email if extracted
@@ -367,8 +367,8 @@ func (a *KiroAuthenticator) Refresh(ctx context.Context, cfg *config.Config, aut
updated.Metadata["refresh_token"] = tokenData.RefreshToken
updated.Metadata["expires_at"] = tokenData.ExpiresAt
updated.Metadata["last_refresh"] = now.Format(time.RFC3339) // For double-check optimization
// NextRefreshAfter: 10 minutes before expiry
updated.NextRefreshAfter = expiresAt.Add(-10 * time.Minute)
// NextRefreshAfter: 20 minutes before expiry
updated.NextRefreshAfter = expiresAt.Add(-20 * time.Minute)
return updated, nil
}
+1 -1
View File
@@ -47,7 +47,7 @@ type RefreshEvaluator interface {
}
const (
refreshCheckInterval = 5 * time.Second
refreshCheckInterval = 30 * time.Second
refreshPendingBackoff = time.Minute
refreshFailureBackoff = 1 * time.Minute
quotaBackoffBase = time.Second