youngpm
commented
8 years ago We need a good way of debugging this (7 day turn around is hard), any ideas?
As a side, to do a token refresh directly (e.g. with PostMan), you proceed as follows (see the RFC here):
Do a POST to https://geobigdata.io/auth/v1/oauth/token/ with the usual basic auth header, and with the body having the key "grant_type" set to "refresh_token" and the key "refresh_token" set to the actual refresh token. You'll get back a new auth token and a new refresh token. In fact, if you try to refresh with the old token, you'll get denied, so you only get once chance to refresh and cache it correctly.
In gbdx-auth, we do the token caching with the function here, and allegedly, we set this as a callback to be invoked here as described by the requests-oauthlib package we're using. Maybe we aren't getting the expires_in tag set correctly? In fact, it looks like we're setting the expires_at tag? Maybe there's some magic where that is supposed to set the expires_in tag...
I have problems with the token refreshing. If you run the auth, at first it works, but a some days later it starts to fail with 401 unauthorized access errors. If you open the config file and delete the stored token the package starts to work again. I don't think the stored token is refreshed properly.