Another token expiration fix.

src/smapi.ts

@@ -250,11 +250,10 @@ class SonosSoap {
     logger.debug("Current tokens: " + JSON.stringify(this.tokenStore.getAll()));
     return this.tokenStore.get(token);
   }
-  associateCredentialsForToken(token: string, fullSmapiToken: SmapiToken, oldToken?:string) {
+  associateCredentialsForToken(token: string, fullSmapiToken: SmapiToken) {
     logger.debug("Adding token: " + token + " " + JSON.stringify(fullSmapiToken));
-    if(oldToken) {
-      this.tokenStore.delete(oldToken);
-    }
+    // Don't immediately delete old token to avoid race conditions
+    // The cleanup process will handle expired tokens later
     this.tokenStore.set(token, fullSmapiToken);
   }
 }
@@ -488,11 +487,9 @@ function bindSmapiSoapServiceToExpress(
   const swapToken = (expiredToken: string | undefined) => (newToken: SmapiToken) => {
     logger.debug("oldToken: " + expiredToken);
     logger.debug("newToken: " + JSON.stringify(newToken));
-    if (expiredToken) {
-      sonosSoap.associateCredentialsForToken(newToken.token, newToken, expiredToken);
-    } else {
+    // Always add the new token, but don't immediately delete the old one
+    // to avoid race conditions where Sonos might still be using the old token
     sonosSoap.associateCredentialsForToken(newToken.token, newToken);
-    }
     return TE.right(newToken);
   }
 
@@ -540,8 +537,6 @@ function bindSmapiSoapServiceToExpress(
           throw SMAPI_FAULT_LOGIN_UNAUTHORIZED;
         });
     } else if (isExpiredTokenError(authOrFail)) {
-      // Don't pass old token here to avoid circular reference issues with Jest/SOAP
-      // Old expired tokens will be cleaned up by TTL or manual cleanup later
       logger.info("Token expired, attempting refresh...");
       throw await pipe(
         musicService.refreshToken(authOrFail.expiredToken),
@@ -549,7 +544,7 @@ function bindSmapiSoapServiceToExpress(
           logger.info("Token refresh successful, issuing new SMAPI token");
           return smapiAuthTokens.issue(it.serviceToken);
         }),
-        TE.tap(swapToken(undefined)),
+        TE.tap(swapToken(authOrFail.expiredToken)), // Pass the expired token to ensure it gets deleted
         TE.map((newToken) => ({
           Fault: {
             faultcode: "Client.TokenRefreshRequired",
@@ -615,12 +610,10 @@ function bindSmapiSoapServiceToExpress(
                 throw fault.toSmapiFault();
               })
             );
-            // Don't pass old token here to avoid circular reference issues with Jest/SOAP
-            // Old expired tokens will be cleaned up by TTL or manual cleanup later
             return pipe(
               musicService.refreshToken(serviceToken),
               TE.map((it) => smapiAuthTokens.issue(it.serviceToken)),
-              TE.tap(swapToken(undefined)), // ignores the return value, like a tee or peek
+              TE.tap(swapToken(serviceToken)), // Pass the expired token to ensure it gets deleted
               TE.map((it) => ({
                 refreshAuthTokenResult: {
                   authToken: it.token,

src/smapi_token_store.ts

@@ -45,9 +45,9 @@ export class InMemorySmapiTokenStore implements SmapiTokenStore {
         // Do NOT delete ExpiredTokenError as those can still be refreshed
         if (E.isLeft(verifyResult)) {
           const error = verifyResult.left;
-          // Only delete invalid tokens, not expired ones (which can be refreshed)
-          if (error._tag === 'InvalidTokenError') {
-            logger.debug(`Deleting invalid token from in-memory store`);
+          // Delete both invalid and expired tokens to prevent accumulation
+          if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+            logger.debug(`Deleting ${error._tag} token from in-memory store`);
             delete this.tokens[tokenKey];
             deletedCount++;
           }
@@ -146,9 +146,9 @@ export class FileSmapiTokenStore implements SmapiTokenStore {
         // Do NOT delete ExpiredTokenError as those can still be refreshed
         if (E.isLeft(verifyResult)) {
           const error = verifyResult.left;
-          // Only delete invalid tokens, not expired ones (which can be refreshed)
-          if (error._tag === 'InvalidTokenError') {
-            logger.debug(`Deleting invalid token from file store`);
+          // Delete both invalid and expired tokens to prevent accumulation
+          if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+            logger.debug(`Deleting ${error._tag} token from file store`);
             delete this.tokens[tokenKey];
             deletedCount++;
           }

src/sqlite_smapi_token_store.ts

@@ -126,9 +126,9 @@ export class SQLiteSmapiTokenStore implements SmapiTokenStore {
           // Do NOT delete ExpiredTokenError as those can still be refreshed
           if (E.isLeft(verifyResult)) {
             const error = verifyResult.left;
-            // Only delete invalid tokens, not expired ones (which can be refreshed)
-            if (error._tag === 'InvalidTokenError') {
-              logger.debug(`Deleting invalid token from SQLite store`);
+            // Delete both invalid and expired tokens to prevent accumulation
+            if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+              logger.debug(`Deleting ${error._tag} token from SQLite store`);
               this.delete(tokenKey);
               deletedCount++;
             }