fix: persist refreshed viya tokens in deploy flow to avoid stale-toke…#1450
Merged
Conversation
…n failures deployToSasViyaWithServicePack used the non-persisting getAccessToken() instead of getAuthConfig(), so a refreshed access/refresh token pair was never written back to disk. Since SAS Viya issues single-use, rotating refresh tokens, this caused deploys to fail once the token had been refreshed anywhere, even though the user's .env already had valid credentials. The real underlying error was also swallowed and replaced with a generic "add these variables" message, making it undiagnosable. Switches the deploy flow to getAuthConfig() (which persists via saveTokens), forwards the real error message instead of the generic one, and documents the persistence requirement on both token-resolution functions so the distinction isn't lost again.
Coverage reportTotal coverage
Report generated by 🧪jest coverage report action from b60b67c |
mulahasanovic
previously approved these changes
Jul 2, 2026
tmoody
previously approved these changes
Jul 2, 2026
tmoody
approved these changes
Jul 2, 2026
allanbowe
approved these changes
Jul 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue
Closes #1447
Summary
sasjs deploy -t viyafailed with a misleading "please add CLIENT, SECRET, ACCESS_TOKEN, REFRESH_TOKEN" error even when those variables were already present and the refresh token was still valid.getAccessToken(), which refreshes the access token but never persists the new (rotated) refresh token back to.env.{target}/~/.sasjsrc. SAS Viya rotates refresh tokens on every use, so the stale value left on disk gets rejected on the next run.getAuthConfig()(used by every other command), which persists the refreshed pair viasaveTokens(). The real error from a failed refresh is now surfaced instead of a generic hardcoded message.Implementation
deployToSasViyaWithServicePack.ts: usegetAuthConfig(); propagate the real auth error.cbd.spec.server.viya.ts: updated existing test's mock/expectation to match.deployToSasViyaWithServicePack.spec.ts: unit tests for persistence and error propagation (written first, confirmed failing against the old code).getAuthConfig,getAccessToken,saveTokens,refreshTokensexplaining the persistence requirement and Viya's refresh-token rotation.memory/ai/diagrams/auth-token-refresh.md: mermaid reference diagram of the current auth/token logic.Checks
npm run lint:fix).npm test).Reviewer checks