Open tiffany3333 opened 6 years ago
Hi Tiffany,
What’s the error you get for the other users? My guess is it likely has to do with their tokens being expired. They have to be refreshed every 8 hours, but the current logged-in user will have a fresh one from logging into your site. We provided a just-in-time default token refresh mechanism in Fitbit.NET but you also have to implement the pattern to save that token, and that assumes you’re saving the OA2 access token AND refresh token and handing both back to FitbitClient. Otherwise, you can host a background process on your site to refresh them at least every 8 hours to maintain a known good connection.
Take at the fitbit dev docs for more detail on refresh tokens.
Cheers, —Aaron
On Thu, Nov 23, 2017 at 6:19 AM Tiffany Trusty notifications@github.com wrote:
First off, great library! I've successfully used it to allow many individual users sign into my website, authorize my site to view their profile, activity, and location info, and view their individual step activity on my website! In the background, I'm storing their FitBitAuthToken securely in my database. Now I would like the admin user of my site to be able to generate a report of all of my site users and their step activity. I have been unable to achieve this. Below is my code.
/The admin user logs into my site, gets redirected to fitbit login to authorize, and views his individual step data just like an individual user first, this is successful/
/The admin user then tries to generate a report of all users step data/
foreach (Enrollment person in enrollments) { FitbitAppCredentials appCredentials = (FitbitAppCredentials)Session["AppCredentials"];
var authenticator = new OAuth2Helper(appCredentials, Request.Url.GetLeftPart(UriPartial.Authority) + "/Fitbit/Callback");
Session["FitbitClient"] = null; client = new FitbitClient(appCredentials, person.FitBitAuthToken);
try { response = await client.GetTimeSeriesIntAsync(TimeSeriesResourceType.Steps, startD, endD, person.FitBitAuthToken.UserId); }
In the report, the only successful response I get is for the admin user.
Also, I believe, if I have an unexpired token in my database for a user I can successfully get their step data in the report as well.
But all other users have an exception on the response (either 'Request exception' or 'Token exception').
So, I believe I've root caused the issue to needing a refreshed token for all user the generate that exception, but I've tried several different ways of obtaining it with no success.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/aarondcoleman/Fitbit.NET/issues/236, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJ1CUA-uJwhw9IJ1HSrsDuvgn-qb8Vlks5s5X7ogaJpZM4Qo0vx .
-- Founder & CEO Fitabase by Small Steps Labs LLC @aaronc
First off, great library! I've successfully used it to allow many individual users sign into my website, authorize my site to view their profile, activity, and location info, and view their individual step activity on my website! In the background, I'm storing their FitBitAuthToken securely in my database.
Now I would like the admin user of my site to be able to generate a report of all of my site users and their step activity. I have been unable to achieve this. Below is my code.
/The admin user logs into my site, gets redirected to fitbit login to authorize, and views his individual step data just like an individual user first, this is successful/
/The admin user then tries to generate a report of all users step data/
foreach (Enrollment person in enrollments) { FitbitAppCredentials appCredentials = (FitbitAppCredentials)Session["AppCredentials"];
In the report, the only successful response I get is for the admin user.
Also, I believe, if I have an unexpired token in my database for a user I can successfully get their step data in the report as well.
But all other users have an exception on the response (either 'Request exception' or 'Token exception').
So, I believe I've root caused the issue to needing a refreshed token for all user the generate that exception, but I've tried several different ways of obtaining it with no success.