Use WWW-Authenticate header to guess if token has expired

[GoogleCodeExporter]

External references, such as a standards document, or specification?

http://tools.ietf.org/html/rfc6750#section-3

http://javadoc.google-oauth-java-client.googlecode.com/hg/1.13.1-beta/com/google
/api/client/auth/oauth2/Credential.html#handleResponse(com.google.api.client.htt
p.HttpRequest, com.google.api.client.http.HttpResponse, boolean)

Java environments (e.g. Java 6, Android 2.3, App Engine, or All)?

Java 6 or App Engine

Please describe the feature requested.

Current implementation tries to refresh the token on a 401 error.  A more 
accurate implementation might be to first check the error parameter of the 
WWW-Authenticate header and check if error="invalid_token".  If there is no 
WWW-Authenticate header or error parameter to it, then we may need to resort to 
the existing behavior of assuming it is an invalid token.

Original issue reported on code.google.com by yan...@google.com on 26 Jan 2013 at 6:22

[GoogleCodeExporter]

Original comment by yan...@google.com on 7 Feb 2013 at 12:05

• Added labels: Milestone-Version1.15.0
• Removed labels: Milestone-Version2.1.0

[GoogleCodeExporter]

Original comment by yan...@google.com on 27 Mar 2013 at 4:13

• Added labels: Milestone-Version1.16.0
• Removed labels: Milestone-Version1.15.0

[GoogleCodeExporter]

https://codereview.appspot.com/9640045/

Original comment by pele...@google.com on 23 May 2013 at 4:45

• Changed state: Started

[GoogleCodeExporter]

Original comment by pele...@google.com on 25 Jun 2013 at 2:54

• Changed state: Fixed