Token refresh flow - Githubissues

nxtbgthng / OAuth2Client

Client library for OAuth2 (currently built against draft 10 of the OAuth2 spec)

855 stars 217 forks source link

Token refresh flow #191

Open tekatool opened 9 years ago

tekatool commented 9 years ago

I may not have an understanding of the Token Refresh flow in this library but it seems like when using NXOAuth2Request performMethod:@"GET" method, my original request to the protected resource is getting lost when the access token is expired. It gets replaced with the token refresh! Does the developer need to take that into account in his code ? Also, when using NXOAuth2Request signedURLRequest method, it never refreshes the expired access token! Am I missing something ?

Any prompt help is appreciated.

Thanks

toto commented 9 years ago

If you are using -[NXOAuth2Request performMethod:] the request should not get lost but retried automatically if the refresh success.
Using signedURLRequest does not do this. Here you need to hand refresh yourself. We should probably be adding a API to force refresh in these cases since it came up a few times already.

rhythmnewt commented 8 years ago

Is there any code example of the token refresh flow in this library?

toto commented 8 years ago

@dimkanewtown There is currently no option for explicit refresh. Refresh should happen automatically if you use NXAuth2Request and the token is expired.

rhythmnewt commented 8 years ago

Thank you.

rhythmnewt commented 8 years ago

There's a public method called refreshAccessToken. Can I use that to force the token refresh?

tekatool commented 8 years ago

When the Access Token is expired and I am using the [NXAuth2Request performMethod], it refreshes the token but posts the notification of the 'refresh request' and Not the Original request! Do I have to invoke the original request again ?

chrisfoulds commented 8 years ago

I need to use signedURLRequest , so how do I refresh the token ? I can easily check the date to see if it's expired but what do I call to refresh ?

shashank109 commented 6 years ago

Hi there, I am resource owner flow and I am getting token , refreshtoken and expirytime after authentication. I save the accessToken locally for using it to api hit. While making api hit, I am using this method -

[NXOAuth2Request performMethod:@"GET" onResource:[NSURL URLWithString:@"https://...your service URL..."] // passing api URL usingParameters:nil withAccount:anAccount // passing acc object here sendProgressHandler:^(unsigned long long bytesSend, unsigned long long bytesTotal) { // e.g., update a progress indicator } responseHandler:^(NSURLResponse response, NSData responseData, NSError *error){ // Process the response // Here I am passing my api request // Passing my accessToken locally saved }];

but still I am getting 401 after token expired. I don't know where I am missing the things. If somebody can help, I would be really thankful.