Skip to content

fix: handle MiniMax OAuth expired_in as ms timestamp, not seconds duration#22020

Closed
mzig7 wants to merge 1 commit into
NousResearch:mainfrom
mzig7:fix/minimax-oauth-expiry-parsing
Closed

fix: handle MiniMax OAuth expired_in as ms timestamp, not seconds duration#22020
mzig7 wants to merge 1 commit into
NousResearch:mainfrom
mzig7:fix/minimax-oauth-expiry-parsing

Conversation

@mzig7

@mzig7 mzig7 commented May 8, 2026

Copy link
Copy Markdown

Problem

MiniMax OAuth login fails with year 58382 is out of range. Both _minimax_oauth_login and _refresh_minimax_oauth_state treat MiniMax's expired_in field as a seconds-duration and add it to the current time — but MiniMax returns it as a Unix millisecond timestamp, producing an absurdly large date.

Fix

Applies the same defensive-heuristic parsing already used by _minimax_poll_token (line 4753-4762):

  • If expired_in > now_ms // 2, treat it as an absolute Unix ms timestamp
  • Otherwise treat it as a seconds duration from now

Also fixes expires_in in the stored state to be computed from the resolved expiry, rather than storing the raw (potentially ms-timestamp) value.

Changes

  • hermes_cli/auth.py — 2 sites: _minimax_oauth_login and _refresh_minimax_oauth_state

Tests

tests/test_minimax_oauth.py — 15/15 pass unchanged. The refresh test passes expired_in: 7200 (a duration), which hits the else branch and produces the same expires_in: 7200 as before.

@mzig7
fix: handle MiniMax OAuth expired_in as ms timestamp, not seconds dur…
ee3557c 
…ation

MiniMax OAuth token endpoint returns expired_in as a Unix millisecond
timestamp (matching the code-endpoint behavior already handled in
_minimax_poll_token), but both _minimax_oauth_login and
_refresh_minimax_oauth_state treated it as a seconds duration and
added it to the current time — producing an out-of-range date
(year 58382) that crashed the login flow.

Applies the same defensive-heuristic parsing used by
_minimax_poll_token: if expired_in exceeds half the current ms
epoch, treat it as an absolute ms timestamp; otherwise treat it
as a seconds duration.
@algojogacor algojogacor mentioned this pull request May 8, 2026
Closed
@alt-glitch alt-glitch mentioned this pull request May 9, 2026
Closed
@steezkelly steezkelly mentioned this pull request May 9, 2026
Closed
@alt-glitch alt-glitch added type/bug Something isn't working comp/cli CLI entry point, hermes_cli/, setup wizard area/auth Authentication, OAuth, credential pools provider/minimax MiniMax (Anthropic transport) P3 Low — cosmetic, nice to have duplicate This issue or pull request already exists labels May 11, 2026
@alt-glitch

alt-glitch commented May 11, 2026

Copy link
Copy Markdown
Collaborator

Duplicate of #20374 — same MiniMax OAuth expired_in ms-timestamp fix. #20374 also addresses the authorize URL domain (www→platform.minimax.io).

@austinpickett austinpickett mentioned this pull request May 12, 2026
Closed
19 tasks
@teknium1 teknium1 mentioned this pull request May 12, 2026
Merged
@teknium1

teknium1 commented May 12, 2026

Copy link
Copy Markdown
Contributor

Superseded by #24165 (#24165), which fixes expired_in parsing across all four MiniMax OAuth code paths (CLI login + refresh, dashboard poller, _minimax_poll_token). Thanks for the report and fix.

@teknium1 teknium1 closed this May 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/auth Authentication, OAuth, credential pools comp/cli CLI entry point, hermes_cli/, setup wizard duplicate This issue or pull request already exists P3 Low — cosmetic, nice to have provider/minimax MiniMax (Anthropic transport) type/bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mzig7 @alt-glitch @teknium1