zed/crates/cloud_api_client
Tom Houlé 881b4fb9bc
cloud_api_client: Key the cached LlmApiToken by organization (#58915)
The tokens are organization-specific (the organization id in the JWT
claims). Before this commit, the `LlmApiToken` cache was an
`Option<String>`, and `cached()` ignored the `organization_id` argument
on cache hit. Correctness relied on `RefreshLlmTokenListener` clearing
and refreshing the token when it observed an `OrganizationChanged`
event.

That leaves two windows where a token minted for the wrong organization
could be served from the cache:

- the refresh runs in a spawned task, so between the organization switch
and the task acquiring the write lock, any request calling `cached()`
would get the previous organization's token.
- `Client::authenticated_llm_request` snapshots the organization id at
call time; if the server demanded a token refresh after the user had
switched organizations mid-request, the retry path would mint a fresh
token for the old organization and write it into the shared cache,
poisoning it for all subsequent requests until the next refresh event.

The fix is to store the organization id corresponding to the token next
to it in the cache, and to check that the cached token is for the
correct organization in `cached()`.

Release Notes:

- Fixed a race where LLM and edit prediction requests made immediately
after switching organizations could be attributed to the previously
selected organization.
2026-06-09 19:12:34 +00:00
..
src cloud_api_client: Key the cached LlmApiToken by organization (#58915) 2026-06-09 19:12:34 +00:00
Cargo.toml cloud_api_client: Add a few helpers for response handling (#58346) 2026-06-03 09:18:14 +00:00
LICENSE-APACHE