Looks like I'm going to have to fork the auth library I'm using ... It impressively lacks simple/non-buggy ways of doing this.