Skip to content

fix: persist new accessToken in SeedlessOnboarding Vault after tokens refresh #7800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lwin-kyaw merged 17 commits into from
Feb 11, 2026
Merged

fix: persist new accessToken in SeedlessOnboarding Vault after tokens refresh #7800

lwin-kyaw merged 17 commits into from
Feb 11, 2026

Conversation

@lwin-kyaw
Copy link
Contributor

@lwin-kyaw lwin-kyaw commented Feb 2, 2026
edited by cursor bot
Loading

Explanation

This PR address

  • fix new accessToken isn't being persisted to vault after the tokens refresh (refreshAuthToken()).
  • add a new public method getAccessToken() with automatic token refresh capability to prevent clients from using expired access tokens when retrieving them from state.

Issue:

Previously, clients could directly access state.accessToken from the controller state, which could potentially return an expired token. This could lead to failed API calls and poor user experience when the token had expired but wasn't refreshed.

Solution:

  • Added a new public method getAccessToken() that automatically refreshes expired tokens: Uses the #executeWithTokenRefresh wrapper to check token expiration and refresh if needed before returning
  • Persisted new accessToken into Encrypted vault after token refresh.

Persist newAccessToken in the encrypted vault

The persist flow can be different based on the wallet (vault) status when refreshAuthTokens() is called.

  1. When wallet is unlocked (vault encryptionKey is available in the state).
    When wallet is unlocked, vault encryption key is temporarily cached in the controller state and the values inside the encrypted vault are also flooded into the controller state, for performance and to avoid the password dependency
    We can use these cache values and create a new encrypted vault (with updated accessToken).
Screenshot 2026-02-03 at 1 47 36 AM
  1. When wallet is locked (Password must be provided)

While the wallet is locked, refreshAuthTokens() can be called under one condition, i.e, check for password sync (getAuthPubKey RPC call) when user tries to unlock the wallet.
In this case, we can't immediately update the encrypted vault as the wallet is locked. So, we will temporarily store the new accessToken in the controller state, then persist the stored value later in the vault unlock (only when user provides correct password) and update the vault.

Screenshot 2026-02-03 at 12 22 38 PM

Based on the password sync status, the persist flow can be a little bit different.

2.1. Password is in sync

When user's current device password is in sync, we will update the vault when user unlocks via submitPassword.
Vault is decrypted using the submitted password, we will compare the access token value from decrypted vault (accessToken1) and recently set new access token (accessToken2). If the accessToken is different and detected as new, we will update the encrypted vault value in the state (using password).
Please note that this requires an additional encryption step to update the latestToken in encrypted vault.

Screenshot 2026-02-03 at 12 29 21 PM

2.2. Password is not in sync (OutdatedPassword).

When user's current device password is out of sync and user submits the latest globalPassword, we do the pwEncKey recovery first so that we can unlock the current vault. Similar to the flow above (2.1), we decrypt the current vault and compare the two tokens (accessToken1 and accessToken2). If the accessToken is different and detected as new, we will update the controller state and encrypted vault.
Unlike the flow (2.1.), this doesn't require additional encryption, as we can include the latest accessToken when we sync the latest global enc keys into the controller.

Screenshot 2026-02-03 at 3 53 31 PM

References

Fixes #7805, MetaMask/metamask-extension#39566

Checklist

  • I've updated the test suite for new or updated code as appropriate
  • I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
  • I've communicated my changes to consumers by updating changelogs for packages I've changed
  • I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

Note

Medium Risk
Touches vault encryption/update paths and token refresh behavior, so bugs could lead to incorrect vault contents or token state during unlock/refresh flows, though changes are localized and well-covered by tests.

Overview
Fixes token persistence by updating the seedless onboarding vault when refreshAuthTokens() obtains a new accessToken, using encryptWithKey when the wallet is already unlocked and reconciling state vs vault tokens during submitPassword/submitGlobalPassword via a new compareAndGetLatestToken helper.

Adds a new public getAccessToken() action/messenger handler that returns the current access token and triggers the existing refresh flow when tokens are expired, and introduces assertIsValidPassword plus test refactors/new cases (including a shared createMockJWTToken) to cover these behaviors. Breaking: the injected vault encryptor must now implement encryptWithKey.

Written by Cursor Bugbot for commit 09a0ddf. This will update automatically on new commits. Configure here.

@lwin-kyaw lwin-kyaw requested a review from a team as a code owner February 2, 2026 06:11
@lwin-kyaw lwin-kyaw requested a review from a team as a code owner February 2, 2026 06:16
@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 2, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 2, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-719a409",
  "@metamask-previews/accounts-controller": "35.0.2-preview-719a409",
  "@metamask-previews/address-book-controller": "7.0.1-preview-719a409",
  "@metamask-previews/ai-controllers": "0.0.0-preview-719a409",
  "@metamask-previews/analytics-controller": "1.0.0-preview-719a409",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-719a409",
  "@metamask-previews/announcement-controller": "8.0.0-preview-719a409",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-719a409",
  "@metamask-previews/approval-controller": "8.0.0-preview-719a409",
  "@metamask-previews/assets-controller": "0.0.0-preview-719a409",
  "@metamask-previews/assets-controllers": "99.1.0-preview-719a409",
  "@metamask-previews/base-controller": "9.0.0-preview-719a409",
  "@metamask-previews/bridge-controller": "65.1.0-preview-719a409",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-719a409",
  "@metamask-previews/build-utils": "3.0.4-preview-719a409",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-719a409",
  "@metamask-previews/claims-controller": "0.4.2-preview-719a409",
  "@metamask-previews/composable-controller": "12.0.0-preview-719a409",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-719a409",
  "@metamask-previews/controller-utils": "11.18.0-preview-719a409",
  "@metamask-previews/core-backend": "5.0.0-preview-719a409",
  "@metamask-previews/delegation-controller": "2.0.0-preview-719a409",
  "@metamask-previews/earn-controller": "11.1.0-preview-719a409",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-719a409",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-719a409",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-719a409",
  "@metamask-previews/ens-controller": "19.0.2-preview-719a409",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-719a409",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-719a409",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-719a409",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-719a409",
  "@metamask-previews/foundryup": "1.0.1-preview-719a409",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-719a409",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-719a409",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-719a409",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-719a409",
  "@metamask-previews/keyring-controller": "25.1.0-preview-719a409",
  "@metamask-previews/logging-controller": "7.0.1-preview-719a409",
  "@metamask-previews/message-manager": "14.1.0-preview-719a409",
  "@metamask-previews/messenger": "0.3.0-preview-719a409",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-719a409",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-719a409",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-719a409",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-719a409",
  "@metamask-previews/name-controller": "9.0.0-preview-719a409",
  "@metamask-previews/network-controller": "29.0.0-preview-719a409",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-719a409",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-719a409",
  "@metamask-previews/permission-controller": "12.2.0-preview-719a409",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-719a409",
  "@metamask-previews/perps-controller": "0.0.0-preview-719a409",
  "@metamask-previews/phishing-controller": "16.1.0-preview-719a409",
  "@metamask-previews/polling-controller": "16.0.2-preview-719a409",
  "@metamask-previews/preferences-controller": "22.0.0-preview-719a409",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-719a409",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-719a409",
  "@metamask-previews/ramps-controller": "5.1.0-preview-719a409",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-719a409",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-719a409",
  "@metamask-previews/sample-controllers": "4.0.2-preview-719a409",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-719a409",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-719a409",
  "@metamask-previews/shield-controller": "5.0.1-preview-719a409",
  "@metamask-previews/signature-controller": "39.0.1-preview-719a409",
  "@metamask-previews/storage-service": "1.0.0-preview-719a409",
  "@metamask-previews/subscription-controller": "5.4.2-preview-719a409",
  "@metamask-previews/transaction-controller": "62.12.0-preview-719a409",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-719a409",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-719a409"
}

@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 2, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 2, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-dcbbb24",
  "@metamask-previews/accounts-controller": "35.0.2-preview-dcbbb24",
  "@metamask-previews/address-book-controller": "7.0.1-preview-dcbbb24",
  "@metamask-previews/ai-controllers": "0.0.0-preview-dcbbb24",
  "@metamask-previews/analytics-controller": "1.0.0-preview-dcbbb24",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-dcbbb24",
  "@metamask-previews/announcement-controller": "8.0.0-preview-dcbbb24",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-dcbbb24",
  "@metamask-previews/approval-controller": "8.0.0-preview-dcbbb24",
  "@metamask-previews/assets-controller": "0.0.0-preview-dcbbb24",
  "@metamask-previews/assets-controllers": "99.1.0-preview-dcbbb24",
  "@metamask-previews/base-controller": "9.0.0-preview-dcbbb24",
  "@metamask-previews/bridge-controller": "65.1.0-preview-dcbbb24",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-dcbbb24",
  "@metamask-previews/build-utils": "3.0.4-preview-dcbbb24",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-dcbbb24",
  "@metamask-previews/claims-controller": "0.4.2-preview-dcbbb24",
  "@metamask-previews/composable-controller": "12.0.0-preview-dcbbb24",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-dcbbb24",
  "@metamask-previews/controller-utils": "11.18.0-preview-dcbbb24",
  "@metamask-previews/core-backend": "5.0.0-preview-dcbbb24",
  "@metamask-previews/delegation-controller": "2.0.0-preview-dcbbb24",
  "@metamask-previews/earn-controller": "11.1.0-preview-dcbbb24",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-dcbbb24",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-dcbbb24",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-dcbbb24",
  "@metamask-previews/ens-controller": "19.0.2-preview-dcbbb24",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-dcbbb24",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-dcbbb24",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-dcbbb24",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-dcbbb24",
  "@metamask-previews/foundryup": "1.0.1-preview-dcbbb24",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-dcbbb24",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-dcbbb24",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-dcbbb24",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-dcbbb24",
  "@metamask-previews/keyring-controller": "25.1.0-preview-dcbbb24",
  "@metamask-previews/logging-controller": "7.0.1-preview-dcbbb24",
  "@metamask-previews/message-manager": "14.1.0-preview-dcbbb24",
  "@metamask-previews/messenger": "0.3.0-preview-dcbbb24",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-dcbbb24",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-dcbbb24",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-dcbbb24",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-dcbbb24",
  "@metamask-previews/name-controller": "9.0.0-preview-dcbbb24",
  "@metamask-previews/network-controller": "29.0.0-preview-dcbbb24",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-dcbbb24",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-dcbbb24",
  "@metamask-previews/permission-controller": "12.2.0-preview-dcbbb24",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-dcbbb24",
  "@metamask-previews/perps-controller": "0.0.0-preview-dcbbb24",
  "@metamask-previews/phishing-controller": "16.1.0-preview-dcbbb24",
  "@metamask-previews/polling-controller": "16.0.2-preview-dcbbb24",
  "@metamask-previews/preferences-controller": "22.0.0-preview-dcbbb24",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-dcbbb24",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-dcbbb24",
  "@metamask-previews/ramps-controller": "5.1.0-preview-dcbbb24",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-dcbbb24",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-dcbbb24",
  "@metamask-previews/sample-controllers": "4.0.2-preview-dcbbb24",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-dcbbb24",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-dcbbb24",
  "@metamask-previews/shield-controller": "5.0.1-preview-dcbbb24",
  "@metamask-previews/signature-controller": "39.0.1-preview-dcbbb24",
  "@metamask-previews/storage-service": "1.0.0-preview-dcbbb24",
  "@metamask-previews/subscription-controller": "5.4.2-preview-dcbbb24",
  "@metamask-previews/transaction-controller": "62.12.0-preview-dcbbb24",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-dcbbb24",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-dcbbb24"
}

@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 2, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 2, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-4594ee99",
  "@metamask-previews/accounts-controller": "35.0.2-preview-4594ee99",
  "@metamask-previews/address-book-controller": "7.0.1-preview-4594ee99",
  "@metamask-previews/ai-controllers": "0.0.0-preview-4594ee99",
  "@metamask-previews/analytics-controller": "1.0.0-preview-4594ee99",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-4594ee99",
  "@metamask-previews/announcement-controller": "8.0.0-preview-4594ee99",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-4594ee99",
  "@metamask-previews/approval-controller": "8.0.0-preview-4594ee99",
  "@metamask-previews/assets-controller": "0.0.0-preview-4594ee99",
  "@metamask-previews/assets-controllers": "99.1.0-preview-4594ee99",
  "@metamask-previews/base-controller": "9.0.0-preview-4594ee99",
  "@metamask-previews/bridge-controller": "65.1.0-preview-4594ee99",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-4594ee99",
  "@metamask-previews/build-utils": "3.0.4-preview-4594ee99",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-4594ee99",
  "@metamask-previews/claims-controller": "0.4.2-preview-4594ee99",
  "@metamask-previews/composable-controller": "12.0.0-preview-4594ee99",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-4594ee99",
  "@metamask-previews/controller-utils": "11.18.0-preview-4594ee99",
  "@metamask-previews/core-backend": "5.0.0-preview-4594ee99",
  "@metamask-previews/delegation-controller": "2.0.0-preview-4594ee99",
  "@metamask-previews/earn-controller": "11.1.0-preview-4594ee99",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-4594ee99",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-4594ee99",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-4594ee99",
  "@metamask-previews/ens-controller": "19.0.2-preview-4594ee99",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-4594ee99",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-4594ee99",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-4594ee99",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-4594ee99",
  "@metamask-previews/foundryup": "1.0.1-preview-4594ee99",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-4594ee99",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-4594ee99",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-4594ee99",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-4594ee99",
  "@metamask-previews/keyring-controller": "25.1.0-preview-4594ee99",
  "@metamask-previews/logging-controller": "7.0.1-preview-4594ee99",
  "@metamask-previews/message-manager": "14.1.0-preview-4594ee99",
  "@metamask-previews/messenger": "0.3.0-preview-4594ee99",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-4594ee99",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-4594ee99",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-4594ee99",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-4594ee99",
  "@metamask-previews/name-controller": "9.0.0-preview-4594ee99",
  "@metamask-previews/network-controller": "29.0.0-preview-4594ee99",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-4594ee99",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-4594ee99",
  "@metamask-previews/permission-controller": "12.2.0-preview-4594ee99",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-4594ee99",
  "@metamask-previews/perps-controller": "0.0.0-preview-4594ee99",
  "@metamask-previews/phishing-controller": "16.1.0-preview-4594ee99",
  "@metamask-previews/polling-controller": "16.0.2-preview-4594ee99",
  "@metamask-previews/preferences-controller": "22.0.0-preview-4594ee99",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-4594ee99",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-4594ee99",
  "@metamask-previews/ramps-controller": "5.1.0-preview-4594ee99",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-4594ee99",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-4594ee99",
  "@metamask-previews/sample-controllers": "4.0.2-preview-4594ee99",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-4594ee99",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-4594ee99",
  "@metamask-previews/shield-controller": "5.0.1-preview-4594ee99",
  "@metamask-previews/signature-controller": "39.0.1-preview-4594ee99",
  "@metamask-previews/storage-service": "1.0.0-preview-4594ee99",
  "@metamask-previews/subscription-controller": "5.4.2-preview-4594ee99",
  "@metamask-previews/transaction-controller": "62.12.0-preview-4594ee99",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-4594ee99",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-4594ee99"
}

@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 2, 2026

@metamaskbot publish-preview

@lwin-kyaw lwin-kyaw self-assigned this Feb 2, 2026
@lwin-kyaw lwin-kyaw changed the title feat: added 'getAccessToken' with refresh token if expired fix: persist new accessToken in SeedlessOnboarding Vault after tokens refresh Feb 2, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 2, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-85f1a30c",
  "@metamask-previews/accounts-controller": "35.0.2-preview-85f1a30c",
  "@metamask-previews/address-book-controller": "7.0.1-preview-85f1a30c",
  "@metamask-previews/ai-controllers": "0.0.0-preview-85f1a30c",
  "@metamask-previews/analytics-controller": "1.0.0-preview-85f1a30c",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-85f1a30c",
  "@metamask-previews/announcement-controller": "8.0.0-preview-85f1a30c",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-85f1a30c",
  "@metamask-previews/approval-controller": "8.0.0-preview-85f1a30c",
  "@metamask-previews/assets-controller": "0.0.0-preview-85f1a30c",
  "@metamask-previews/assets-controllers": "99.1.0-preview-85f1a30c",
  "@metamask-previews/base-controller": "9.0.0-preview-85f1a30c",
  "@metamask-previews/bridge-controller": "65.1.0-preview-85f1a30c",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-85f1a30c",
  "@metamask-previews/build-utils": "3.0.4-preview-85f1a30c",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-85f1a30c",
  "@metamask-previews/claims-controller": "0.4.2-preview-85f1a30c",
  "@metamask-previews/composable-controller": "12.0.0-preview-85f1a30c",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-85f1a30c",
  "@metamask-previews/controller-utils": "11.18.0-preview-85f1a30c",
  "@metamask-previews/core-backend": "5.0.0-preview-85f1a30c",
  "@metamask-previews/delegation-controller": "2.0.0-preview-85f1a30c",
  "@metamask-previews/earn-controller": "11.1.0-preview-85f1a30c",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-85f1a30c",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-85f1a30c",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-85f1a30c",
  "@metamask-previews/ens-controller": "19.0.2-preview-85f1a30c",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-85f1a30c",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-85f1a30c",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-85f1a30c",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-85f1a30c",
  "@metamask-previews/foundryup": "1.0.1-preview-85f1a30c",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-85f1a30c",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-85f1a30c",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-85f1a30c",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-85f1a30c",
  "@metamask-previews/keyring-controller": "25.1.0-preview-85f1a30c",
  "@metamask-previews/logging-controller": "7.0.1-preview-85f1a30c",
  "@metamask-previews/message-manager": "14.1.0-preview-85f1a30c",
  "@metamask-previews/messenger": "0.3.0-preview-85f1a30c",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-85f1a30c",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-85f1a30c",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-85f1a30c",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-85f1a30c",
  "@metamask-previews/name-controller": "9.0.0-preview-85f1a30c",
  "@metamask-previews/network-controller": "29.0.0-preview-85f1a30c",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-85f1a30c",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-85f1a30c",
  "@metamask-previews/permission-controller": "12.2.0-preview-85f1a30c",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-85f1a30c",
  "@metamask-previews/perps-controller": "0.0.0-preview-85f1a30c",
  "@metamask-previews/phishing-controller": "16.1.0-preview-85f1a30c",
  "@metamask-previews/polling-controller": "16.0.2-preview-85f1a30c",
  "@metamask-previews/preferences-controller": "22.0.0-preview-85f1a30c",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-85f1a30c",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-85f1a30c",
  "@metamask-previews/ramps-controller": "5.1.0-preview-85f1a30c",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-85f1a30c",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-85f1a30c",
  "@metamask-previews/sample-controllers": "4.0.2-preview-85f1a30c",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-85f1a30c",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-85f1a30c",
  "@metamask-previews/shield-controller": "5.0.1-preview-85f1a30c",
  "@metamask-previews/signature-controller": "39.0.1-preview-85f1a30c",
  "@metamask-previews/storage-service": "1.0.0-preview-85f1a30c",
  "@metamask-previews/subscription-controller": "5.4.2-preview-85f1a30c",
  "@metamask-previews/transaction-controller": "62.12.0-preview-85f1a30c",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-85f1a30c",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-85f1a30c"
}

cursor[bot]
cursor bot reviewed Feb 2, 2026
View reviewed changes
@lwin-kyaw lwin-kyaw marked this pull request as draft February 2, 2026 17:48
@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 3, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 3, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-69f51f81",
  "@metamask-previews/accounts-controller": "35.0.2-preview-69f51f81",
  "@metamask-previews/address-book-controller": "7.0.1-preview-69f51f81",
  "@metamask-previews/ai-controllers": "0.0.0-preview-69f51f81",
  "@metamask-previews/analytics-controller": "1.0.0-preview-69f51f81",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-69f51f81",
  "@metamask-previews/announcement-controller": "8.0.0-preview-69f51f81",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-69f51f81",
  "@metamask-previews/approval-controller": "8.0.0-preview-69f51f81",
  "@metamask-previews/assets-controller": "0.0.0-preview-69f51f81",
  "@metamask-previews/assets-controllers": "99.1.0-preview-69f51f81",
  "@metamask-previews/base-controller": "9.0.0-preview-69f51f81",
  "@metamask-previews/bridge-controller": "65.1.0-preview-69f51f81",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-69f51f81",
  "@metamask-previews/build-utils": "3.0.4-preview-69f51f81",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-69f51f81",
  "@metamask-previews/claims-controller": "0.4.2-preview-69f51f81",
  "@metamask-previews/composable-controller": "12.0.0-preview-69f51f81",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-69f51f81",
  "@metamask-previews/controller-utils": "11.18.0-preview-69f51f81",
  "@metamask-previews/core-backend": "5.0.0-preview-69f51f81",
  "@metamask-previews/delegation-controller": "2.0.0-preview-69f51f81",
  "@metamask-previews/earn-controller": "11.1.0-preview-69f51f81",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-69f51f81",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-69f51f81",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-69f51f81",
  "@metamask-previews/ens-controller": "19.0.2-preview-69f51f81",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-69f51f81",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-69f51f81",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-69f51f81",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-69f51f81",
  "@metamask-previews/foundryup": "1.0.1-preview-69f51f81",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-69f51f81",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-69f51f81",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-69f51f81",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-69f51f81",
  "@metamask-previews/keyring-controller": "25.1.0-preview-69f51f81",
  "@metamask-previews/logging-controller": "7.0.1-preview-69f51f81",
  "@metamask-previews/message-manager": "14.1.0-preview-69f51f81",
  "@metamask-previews/messenger": "0.3.0-preview-69f51f81",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-69f51f81",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-69f51f81",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-69f51f81",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-69f51f81",
  "@metamask-previews/name-controller": "9.0.0-preview-69f51f81",
  "@metamask-previews/network-controller": "29.0.0-preview-69f51f81",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-69f51f81",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-69f51f81",
  "@metamask-previews/permission-controller": "12.2.0-preview-69f51f81",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-69f51f81",
  "@metamask-previews/perps-controller": "0.0.0-preview-69f51f81",
  "@metamask-previews/phishing-controller": "16.1.0-preview-69f51f81",
  "@metamask-previews/polling-controller": "16.0.2-preview-69f51f81",
  "@metamask-previews/preferences-controller": "22.0.0-preview-69f51f81",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-69f51f81",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-69f51f81",
  "@metamask-previews/ramps-controller": "5.1.0-preview-69f51f81",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-69f51f81",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-69f51f81",
  "@metamask-previews/sample-controllers": "4.0.2-preview-69f51f81",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-69f51f81",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-69f51f81",
  "@metamask-previews/shield-controller": "5.0.1-preview-69f51f81",
  "@metamask-previews/signature-controller": "39.0.1-preview-69f51f81",
  "@metamask-previews/storage-service": "1.0.0-preview-69f51f81",
  "@metamask-previews/subscription-controller": "5.4.2-preview-69f51f81",
  "@metamask-previews/transaction-controller": "62.12.0-preview-69f51f81",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-69f51f81",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-69f51f81"
}

matthiasgeihs
matthiasgeihs requested changes Feb 3, 2026
View reviewed changes
cursor[bot]
cursor bot reviewed Feb 4, 2026
View reviewed changes
@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 4, 2026

@metamaskbot publish-preview

cursor[bot]
cursor bot reviewed Feb 4, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 4, 2026

@metamaskbot publish-preview

1 similar comment
@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 4, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 4, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.0.0-preview-765066629",
  "@metamask-previews/accounts-controller": "35.0.2-preview-765066629",
  "@metamask-previews/address-book-controller": "7.0.1-preview-765066629",
  "@metamask-previews/ai-controllers": "0.0.0-preview-765066629",
  "@metamask-previews/analytics-controller": "1.0.0-preview-765066629",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-765066629",
  "@metamask-previews/announcement-controller": "8.0.0-preview-765066629",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-765066629",
  "@metamask-previews/approval-controller": "8.0.0-preview-765066629",
  "@metamask-previews/assets-controller": "0.0.0-preview-765066629",
  "@metamask-previews/assets-controllers": "99.1.0-preview-765066629",
  "@metamask-previews/base-controller": "9.0.0-preview-765066629",
  "@metamask-previews/bridge-controller": "65.1.0-preview-765066629",
  "@metamask-previews/bridge-status-controller": "65.0.1-preview-765066629",
  "@metamask-previews/build-utils": "3.0.4-preview-765066629",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-765066629",
  "@metamask-previews/claims-controller": "0.4.2-preview-765066629",
  "@metamask-previews/composable-controller": "12.0.0-preview-765066629",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-765066629",
  "@metamask-previews/controller-utils": "11.18.0-preview-765066629",
  "@metamask-previews/core-backend": "5.0.0-preview-765066629",
  "@metamask-previews/delegation-controller": "2.0.0-preview-765066629",
  "@metamask-previews/earn-controller": "11.1.0-preview-765066629",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-765066629",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-765066629",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-765066629",
  "@metamask-previews/ens-controller": "19.0.2-preview-765066629",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-765066629",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-765066629",
  "@metamask-previews/eth-json-rpc-middleware": "23.0.0-preview-765066629",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-765066629",
  "@metamask-previews/foundryup": "1.0.1-preview-765066629",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-765066629",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-765066629",
  "@metamask-previews/json-rpc-engine": "10.2.1-preview-765066629",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-765066629",
  "@metamask-previews/keyring-controller": "25.1.0-preview-765066629",
  "@metamask-previews/logging-controller": "7.0.1-preview-765066629",
  "@metamask-previews/message-manager": "14.1.0-preview-765066629",
  "@metamask-previews/messenger": "0.3.0-preview-765066629",
  "@metamask-previews/multichain-account-service": "5.1.0-preview-765066629",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-765066629",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-765066629",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-765066629",
  "@metamask-previews/name-controller": "9.0.0-preview-765066629",
  "@metamask-previews/network-controller": "29.0.0-preview-765066629",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-765066629",
  "@metamask-previews/notification-services-controller": "21.0.0-preview-765066629",
  "@metamask-previews/permission-controller": "12.2.0-preview-765066629",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-765066629",
  "@metamask-previews/perps-controller": "0.0.0-preview-765066629",
  "@metamask-previews/phishing-controller": "16.1.0-preview-765066629",
  "@metamask-previews/polling-controller": "16.0.2-preview-765066629",
  "@metamask-previews/preferences-controller": "22.0.0-preview-765066629",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-765066629",
  "@metamask-previews/profile-sync-controller": "27.0.0-preview-765066629",
  "@metamask-previews/ramps-controller": "5.1.0-preview-765066629",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-765066629",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-765066629",
  "@metamask-previews/sample-controllers": "4.0.2-preview-765066629",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-765066629",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-765066629",
  "@metamask-previews/shield-controller": "5.0.1-preview-765066629",
  "@metamask-previews/signature-controller": "39.0.1-preview-765066629",
  "@metamask-previews/storage-service": "1.0.0-preview-765066629",
  "@metamask-previews/subscription-controller": "5.4.2-preview-765066629",
  "@metamask-previews/transaction-controller": "62.12.0-preview-765066629",
  "@metamask-previews/transaction-pay-controller": "12.0.2-preview-765066629",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-765066629"
}

@lwin-kyaw lwin-kyaw mentioned this pull request Feb 5, 2026
Open
chaitanyapotti
chaitanyapotti reviewed Feb 9, 2026
View reviewed changes
Copy link
Member

@chaitanyapotti chaitanyapotti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we also refresh on server 401?

@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 10, 2026
edited
Loading

Do we also refresh on server 401?

Hi @chaitanyapotti

No, we don't refresh on 401 responses from Auth-Service.
For SSS (Toprf), we extracted the Json RPC error message and refresh if neccessary.

Anyway, we validate the tokens (expiry) before we make requests (in #executeWithTokenRefresh).

chaitanyapotti
chaitanyapotti reviewed Feb 11, 2026
View reviewed changes
packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts
// if the password is provided (not undefined), encrypt the vault with the password
// We gonna prioritize the password encryption here, in case of the operation is `Change Password`.
// We don't wanna re-use the old encryption key from the state.
if (password !== undefined) {
Copy link
Member

@chaitanyapotti chaitanyapotti Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

best practice is to use typeof password !== "undefined" when checking for existence of a variable especially globals.
This is fine for this use case.

chaitanyapotti
chaitanyapotti reviewed Feb 11, 2026
View reviewed changes
packages/seedless-onboarding-controller/src/SeedlessOnboardingController.ts
// so skip the check if the vault is locked
let isAccessTokenExpired = false;
if (this.#isUnlocked) {
isAccessTokenExpired = this.checkAccessTokenExpired();
Copy link
Member

@chaitanyapotti chaitanyapotti Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally, we must check expiry with server as part of oauth2 spec
since, client time can be incorrect or session might have been invalidated by server.
this particular implementation is non-standard and can be revisited at a later date

@chaitanyapotti chaitanyapotti added this pull request to the merge queue Feb 11, 2026
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Feb 11, 2026
@lwin-kyaw
Copy link
Contributor Author

lwin-kyaw commented Feb 11, 2026

@metamaskbot publish-preview

@github-actions
Copy link
Contributor

github-actions bot commented Feb 11, 2026

Preview builds have been published. See these instructions for more information about preview builds.

Expand for full list of packages and versions. 
{
  "@metamask-previews/account-tree-controller": "4.1.0-preview-09a0ddf6c",
  "@metamask-previews/accounts-controller": "35.0.2-preview-09a0ddf6c",
  "@metamask-previews/address-book-controller": "7.0.1-preview-09a0ddf6c",
  "@metamask-previews/ai-controllers": "0.0.0-preview-09a0ddf6c",
  "@metamask-previews/analytics-controller": "1.0.0-preview-09a0ddf6c",
  "@metamask-previews/analytics-data-regulation-controller": "0.0.0-preview-09a0ddf6c",
  "@metamask-previews/announcement-controller": "8.0.0-preview-09a0ddf6c",
  "@metamask-previews/app-metadata-controller": "2.0.0-preview-09a0ddf6c",
  "@metamask-previews/approval-controller": "8.0.0-preview-09a0ddf6c",
  "@metamask-previews/assets-controller": "1.0.0-preview-09a0ddf6c",
  "@metamask-previews/assets-controllers": "99.3.1-preview-09a0ddf6c",
  "@metamask-previews/base-controller": "9.0.0-preview-09a0ddf6c",
  "@metamask-previews/bridge-controller": "66.0.0-preview-09a0ddf6c",
  "@metamask-previews/bridge-status-controller": "66.0.0-preview-09a0ddf6c",
  "@metamask-previews/build-utils": "3.0.4-preview-09a0ddf6c",
  "@metamask-previews/chain-agnostic-permission": "1.4.0-preview-09a0ddf6c",
  "@metamask-previews/claims-controller": "0.4.2-preview-09a0ddf6c",
  "@metamask-previews/composable-controller": "12.0.0-preview-09a0ddf6c",
  "@metamask-previews/connectivity-controller": "0.1.0-preview-09a0ddf6c",
  "@metamask-previews/controller-utils": "11.18.0-preview-09a0ddf6c",
  "@metamask-previews/core-backend": "5.1.0-preview-09a0ddf6c",
  "@metamask-previews/delegation-controller": "2.0.0-preview-09a0ddf6c",
  "@metamask-previews/earn-controller": "11.1.0-preview-09a0ddf6c",
  "@metamask-previews/eip-5792-middleware": "2.1.0-preview-09a0ddf6c",
  "@metamask-previews/eip-7702-internal-rpc-middleware": "0.1.0-preview-09a0ddf6c",
  "@metamask-previews/eip1193-permission-middleware": "1.0.3-preview-09a0ddf6c",
  "@metamask-previews/ens-controller": "19.0.2-preview-09a0ddf6c",
  "@metamask-previews/error-reporting-service": "3.0.1-preview-09a0ddf6c",
  "@metamask-previews/eth-block-tracker": "15.0.1-preview-09a0ddf6c",
  "@metamask-previews/eth-json-rpc-middleware": "23.1.0-preview-09a0ddf6c",
  "@metamask-previews/eth-json-rpc-provider": "6.0.0-preview-09a0ddf6c",
  "@metamask-previews/foundryup": "1.0.1-preview-09a0ddf6c",
  "@metamask-previews/gas-fee-controller": "26.0.2-preview-09a0ddf6c",
  "@metamask-previews/gator-permissions-controller": "1.1.2-preview-09a0ddf6c",
  "@metamask-previews/json-rpc-engine": "10.2.2-preview-09a0ddf6c",
  "@metamask-previews/json-rpc-middleware-stream": "8.0.8-preview-09a0ddf6c",
  "@metamask-previews/keyring-controller": "25.1.0-preview-09a0ddf6c",
  "@metamask-previews/logging-controller": "7.0.1-preview-09a0ddf6c",
  "@metamask-previews/message-manager": "14.1.0-preview-09a0ddf6c",
  "@metamask-previews/messenger": "0.3.0-preview-09a0ddf6c",
  "@metamask-previews/multichain-account-service": "6.0.0-preview-09a0ddf6c",
  "@metamask-previews/multichain-api-middleware": "1.2.6-preview-09a0ddf6c",
  "@metamask-previews/multichain-network-controller": "3.0.2-preview-09a0ddf6c",
  "@metamask-previews/multichain-transactions-controller": "7.0.0-preview-09a0ddf6c",
  "@metamask-previews/name-controller": "9.0.0-preview-09a0ddf6c",
  "@metamask-previews/network-controller": "29.0.0-preview-09a0ddf6c",
  "@metamask-previews/network-enablement-controller": "4.1.0-preview-09a0ddf6c",
  "@metamask-previews/notification-services-controller": "22.0.0-preview-09a0ddf6c",
  "@metamask-previews/permission-controller": "12.2.0-preview-09a0ddf6c",
  "@metamask-previews/permission-log-controller": "5.0.0-preview-09a0ddf6c",
  "@metamask-previews/perps-controller": "0.0.0-preview-09a0ddf6c",
  "@metamask-previews/phishing-controller": "16.2.0-preview-09a0ddf6c",
  "@metamask-previews/polling-controller": "16.0.2-preview-09a0ddf6c",
  "@metamask-previews/preferences-controller": "22.1.0-preview-09a0ddf6c",
  "@metamask-previews/profile-metrics-controller": "3.0.0-preview-09a0ddf6c",
  "@metamask-previews/profile-sync-controller": "27.1.0-preview-09a0ddf6c",
  "@metamask-previews/ramps-controller": "7.1.0-preview-09a0ddf6c",
  "@metamask-previews/rate-limit-controller": "7.0.0-preview-09a0ddf6c",
  "@metamask-previews/remote-feature-flag-controller": "4.0.0-preview-09a0ddf6c",
  "@metamask-previews/sample-controllers": "4.0.2-preview-09a0ddf6c",
  "@metamask-previews/seedless-onboarding-controller": "7.1.0-preview-09a0ddf6c",
  "@metamask-previews/selected-network-controller": "26.0.2-preview-09a0ddf6c",
  "@metamask-previews/shield-controller": "5.0.1-preview-09a0ddf6c",
  "@metamask-previews/signature-controller": "39.0.1-preview-09a0ddf6c",
  "@metamask-previews/storage-service": "1.0.0-preview-09a0ddf6c",
  "@metamask-previews/subscription-controller": "6.0.0-preview-09a0ddf6c",
  "@metamask-previews/transaction-controller": "62.16.0-preview-09a0ddf6c",
  "@metamask-previews/transaction-pay-controller": "12.2.0-preview-09a0ddf6c",
  "@metamask-previews/user-operation-controller": "41.0.2-preview-09a0ddf6c"
}

@lwin-kyaw lwin-kyaw added this pull request to the merge queue Feb 11, 2026
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Feb 11, 2026
@lwin-kyaw lwin-kyaw added this pull request to the merge queue Feb 11, 2026
Merged via the queue into main with commit 866ed9e Feb 11, 2026
302 checks passed
@lwin-kyaw lwin-kyaw deleted the feat/get-access-token-with-refresh branch February 11, 2026 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tuna1207 tuna1207 tuna1207 left review comments

@cursor cursor[bot] cursor[bot] left review comments

@chaitanyapotti chaitanyapotti chaitanyapotti approved these changes

@matthiasgeihs matthiasgeihs matthiasgeihs approved these changes

Assignees

@lwin-kyaw lwin-kyaw

Labels

area-onboarding team-onboarding

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

New accessToken from refreshAuthTokens() not persisted to vault

4 participants

@lwin-kyaw @chaitanyapotti @tuna1207 @matthiasgeihs