fix(oidc): Match the proper error type for invalid refresh token

Since we do not use mas-oidc-client anymore, the error to match has changed. Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
2026-05-05 22:47:02 -04:00 · 2025-03-06 17:24:23 +01:00
parent 2506ba8364
commit 8bb4387dc4
1 changed files with 8 additions and 21 deletions
--- a/crates/matrix-sdk/src/client/futures.rs
+++ b/crates/matrix-sdk/src/client/futures.rs
@@ -19,15 +19,9 @@ use std::{fmt::Debug, future::IntoFuture};
 use eyeball::SharedObservable;
 #[cfg(not(target_arch = "wasm32"))]
 use eyeball::Subscriber;
-#[cfg(feature = "experimental-oidc")]
-use mas_oidc_client::{
-    error::{
-        Error as OidcClientError, ErrorBody as OidcErrorBody, HttpError as OidcHttpError,
-        TokenRefreshError, TokenRequestError,
-    },
-    types::errors::ClientErrorCode,
-};
 use matrix_sdk_common::boxed_into_future;
+#[cfg(feature = "experimental-oidc")]
+use oauth2::{basic::BasicErrorResponseType, RequestTokenError};
 use ruma::api::{client::error::ErrorKind, error::FromHttpResponseError, OutgoingRequest};
 #[cfg(feature = "experimental-oidc")]
 use tracing::error;
@@ -121,19 +115,12 @@ where

                        #[cfg(feature = "experimental-oidc")]
                        RefreshTokenError::Oidc(oidc_error) => {
-                            match **oidc_error {
-                                OidcError::Oidc(OidcClientError::TokenRefresh(
-                                    TokenRefreshError::Token(TokenRequestError::Http(
-                                        OidcHttpError {
-                                            body:
-                                                Some(OidcErrorBody {
-                                                    error: ClientErrorCode::InvalidGrant,
-                                                    ..
-                                                }),
-                                            ..
-                                        },
-                                    )),
-                                )) => {
+                            match &**oidc_error {
+                                OidcError::RefreshToken(RequestTokenError::ServerResponse(
+                                    error_response,
+                                )) if *error_response.error()
+                                    == BasicErrorResponseType::InvalidGrant =>
+                                {
                                    error!("Token refresh: OIDC refresh_token rejected with invalid grant");
                                    // The refresh was denied, signal to sign out the user.
                                    client.broadcast_unknown_token(soft_logout);