From 79d03f75c11eb6d80659670f92ff0f3dcdb7da59 Mon Sep 17 00:00:00 2001
From: David Stern <david@warp.dev>
Date: Fri, 19 Dec 2025 13:29:22 -0500
Subject: [PATCH] fix: only try to refresh access tokens if we have a refresh
 token or an expiry time

---
 crates/rmcp/src/transport/auth.rs | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/crates/rmcp/src/transport/auth.rs b/crates/rmcp/src/transport/auth.rs
index a77a2a8a..1b607747 100644
--- a/crates/rmcp/src/transport/auth.rs
+++ b/crates/rmcp/src/transport/auth.rs
@@ -612,13 +612,16 @@ impl AuthorizationManager {
         let credentials = stored.and_then(|s| s.token_response);
 
         if let Some(creds) = credentials.as_ref() {
-            let expires_in = creds.expires_in().unwrap_or(Duration::from_secs(0));
-            if expires_in <= Duration::from_secs(0) {
-                tracing::info!("Access token expired, refreshing.");
-
-                let new_creds = self.refresh_token().await?;
-                tracing::info!("Refreshed access token.");
-                return Ok(new_creds.access_token().secret().to_string());
+            // check token expiry if we have a refresh token or an expiry time
+            if creds.refresh_token().is_some() || creds.expires_in().is_some() {
+                let expires_in = creds.expires_in().unwrap_or(Duration::from_secs(0));
+                if expires_in <= Duration::from_secs(0) {
+                    tracing::info!("Access token expired, refreshing.");
+
+                    let new_creds = self.refresh_token().await?;
+                    tracing::info!("Refreshed access token.");
+                    return Ok(new_creds.access_token().secret().to_string());
+                }
             }
 
             Ok(creds.access_token().secret().to_string())