OAuth token expired event for IRC and TwitchAPI

[swiftyspiffy]

From @Syzuna on November 12, 2017 19:50

Hey swiffty,

Is is possible to get an event when the irc login or an api call failed bcs the oauth token that is used is expired?

This would help alot!

Regards

Syzuna

Copied from original issue: TwitchLib/TwitchLib#298

[swiftyspiffy]

Do you have an oauth that has expired or sample message that is received on expired oauth?

I don't have either so it's hard to test functionality for it.

[swiftyspiffy]

From @Syzuna on November 12, 2017 20:46

twitch docs say:

When you make a request with expired or incorrect authorization credentials, the API returns a WWW-Authenticate header (with an invalid_token error) and a 401 Unauthorized status:

DELETE /kraken/users/test_user1/follows/channels/test_channel HTTP/1.1 Host: api.twitch.tv User-Agent: curl/7.43.0 Accept: application/vnd.twitchtv.v3+json Authorization: OAuth Client-ID: retgzhvpsxjwun0rvrb1rfwheegu1yw

HTTP/1.1 401 Unauthorized Accept-Ranges: bytes Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Allow-Origin: * Age: 0 Cache-Control: max-age=0, private, must-revalidate Content-Type: application/json; charset=utf-8 Date: Wed, 12 Oct 2016 22:25:10 GMT Server: nginx Status: 401 Unauthorized Vary: Accept-Encoding Via: 1.1 varnish WWW-Authenticate: OAuth realm='TwitchTV', error='invalid_token' Content-Length: 89 Connection: keep-alive

{ "error": "Unauthorized", "message": "Token invalid or missing required scope", "status": 401 }

Sadly I dont have any information how the IRC one looks

[swiftyspiffy]

From @Syzuna on November 12, 2017 20:47

"On seeing a 401 error with a WWW-Authenticate header, an application should try to refresh the session if a refresh token is present. "

[swiftyspiffy]

Ya, I do think it's a good idea to get some kind of event for the client when using an expired token, and an exception for the API. As for automatically refreshing the token, i don't think that's really possible without providing the twitch app secret + refresh token, which is nasty.

[swiftyspiffy]

From @Syzuna on November 18, 2017 22:32

ye I dont need an auto refresh but sth to detect that I need to make a refresh call inside the lib would be nice

[swiftyspiffy]

From @Syzuna on November 19, 2017 13:50

IRC only prints login failed into the console it seems

[swiftyspiffy]

Since the referenced pull request is closed, just an update: This detection is completed for API, still needs to be done for TwitchClient.

[swiftyspiffy]

I'm going to close this as there isn't a good way to detect if a oauth token as expired while the client is connected. If you listen to OnIncorrectLogin event, it'll tell you if the oauth is invalid when first connecting.