How to handle token timeouts?

[wmertens]

I'm getting the error

-2130575252, System.Runtime.InteropServices.COMException The security validation for this page has timed out

on an on-prem SharePoint installation sometimes. I would like to retry transparently then - do you have a proposition for how to do this?

[koltyakov]

Which auth strategy is it happening with? Is it with POST and X-RequestDigest's only?

[wmertens]

Hmmm I'm using pnp-auth which does this transparently - I actually don't know :-/

I looked at it some more and I suppose if I override the request member in 'lib/src/config' I could add my own post-processing, but that's rather hacky, no?

[wmertens]

This went away by itself it seems, but now it's back and I don't really know how to refresh the token apart from restarting the app. Any pointers on how to debug this would be greatly appreciated.

[wmertens]

Mystery solved: The timeout was shorter than the communication interval with the SP server. I changed the interval and now the error doesn't happen any more.

So basically, the token gets refreshed automatically, but it does pass this error. Should this error not be hidden and the call retried with a fresh token?

[wmertens]

I'm encountering this again walking really big sites.

Any ideas on where this error can be intercepted and transparently retried?