External authentication using Providers when token is not valid anymore

We are using Forge Providers to authenticate with google and have a setup similar to the examples in this tutorial guide.

I am wondering what kind of workflow we should have because the one we see in the tutorial guide appears to have some flaws.

Example taken from the tutorial guide:

    const google = api.asUser().withProvider('google', 'google-apis')
    if (!await google.hasCredentials()) {
      await google.requestCredentials()
    }
    const response = await google.fetch('/userinfo/v2/me');
    return await response.json();

Using google.hasCredentials() verifies if there are credentials saved on this user’s account (we can see your own account’s connected apps here), but won’t validate if those credentials are still valid.

A simple way to invalidate the token and make this App stop working is to go to security tab of your google account and then disconnect there. The Atlassian account will still be connected but the token won’t work anymore, therefore the fetch will result in HTTP 401.

What we are aiming to do is to request the credentials again when this happens, example:

    const google = api.asUser().withProvider('google', 'google-apis')
    if (!await google.hasCredentials()) {
      await google.requestCredentials()
    }
    const response = await google.fetch('/userinfo/v2/me');
    if (response.code === 401) {
      await google.requestCredentials()
    }
    return await response.json();

I would like to know if any other developers have exeperienced this issue and if so, what solution did you find? Also if someone from Atlassian can chip in and give their feedback it would be great.