All tokens are rejected as expired, despite just creating them

Checklist

  • I'm using the latest version of the extension (Run glab --version)
    • Extension version: 1.51.0 (also tested with 1.56.0)
  • Operating system and version: NixOS 25.05
  • Gitlab.com or self-managed instance? gitlab.com
  • GitLab version (if self-managed) GitLab version here (Use the version endpoint, like this: gitlab.my-company.com/api/v4/version)
  • I have performed glab auth status to check for authentication issues
  • Run the command in debug mode (like DEBUG=true glab mr list) and attach any useful output

Summary

glab auth login refuses any and all tokens I pass to it with the same, clearly wrong, error message:

Token is expired. You can either do re-authorization or token refresh.

Environment

  • OS: Linux 6.12.33 x86_64
  • SHELL: /run/current-system/sw/bin/bash
  • TERM: xterm-256color
  • GLAB: Current glab version: 1.51.0

Other:

Steps to reproduce

glab auth login

What is the current bug behavior?

Using all the default settings, and a token with "api, create_runner, write_repository" scopes which expires in six months, the token is rejected.

What is the expected correct behavior?

The token should be accepted.

Relevant logs and/or screenshots

❯ DEBUG=true glab auth login
[git remote -v]
[git config --get-regexp ^remote\..*\.glab-resolved$]
? What GitLab instance do you want to log into? gitlab.com
- Logging into gitlab.com
? How would you like to sign in? Token

Tip: generate a personal access token at https://gitlab.com/-/user_settings/personal_access_tokens?scopes=api,write_repository.
The minimum required scopes are 'api' and 'write_repository'.
? Paste your authentication token: **************************
? Choose default Git protocol: HTTPS
[git config credential.https://gitlab.com.helper]
[git config credential.helper]
? Authenticate Git with your GitLab credentials? Yes
- glab config set -h gitlab.com git_protocol https
✓ Configured Git protocol.
- glab config set -h gitlab.com api_protocol https
✓ Configured API protocol.
x Could not sign in! error=error using API: GET https://gitlab.com/api/v4/user: 401 {error: invalid_token}, {error_description: Token is expired. You can either do re-authorization or token refresh.}

Things I've tried

Running TZ=UTC glab auth login, in case some time handling code was doing time zones wrong and treating not-yet-valid tokens as expired, did not change anything.

Selecting the SSH Git protocol did not work.

Using a token with only the 'api' and 'write_repository' scopes did not work.

rm -rf ~/.config/glab-cli/ and re-authenticating did work. Looks like the configuration handling is bugged.

Could this be related to 0fbc121e?

Edited by Victor Engmark