How to get new access token and ID token using Refresh Token

okta / okta-oidc-android

OIDC SDK for Android

https://github.com/okta/okta-oidc-android

Other

60 stars 45 forks source link

How to get new access token and ID token using Refresh Token #273

Closed RahulChandrabhan closed 2 years ago

RahulChandrabhan commented 2 years ago

I am trying to get new access token and id token using refresh token so that my user does not have to log in again. Is there any way I can do that specifically for android app development

JayNewstrom commented 2 years ago

Hi @RahulChandrabhan we have a refreshTokens method. Does that help? https://github.com/okta/okta-oidc-android#Refresh-a-Token

RahulChandrabhan commented 2 years ago

Hi @RahulChandrabhan we have a refreshTokens method. Does that help? https://github.com/okta/okta-oidc-android#Refresh-a-Token

I have tried this,

    sessionClient.refreshToken(new RequestCallback<Tokens, AuthorizationException>() {
            @Override
            public void onSuccess(@NonNull Tokens result) {
                Log.e(TAG, "onSuccess: "+result.getAccessToken()+", "+result.getIdToken()+", "+result.getRefreshToken());
            }

            @Override
            public void onError(String error, AuthorizationException exception) {
                Log.e(TAG, "onError: "+error);
                Log.e(TAG, "onError: "+exception.getLocalizedMessage());
                Log.e(TAG, "onError: "+exception.code);
            }
        });

and It goes to error block and giving me these errors,

"Invalid status code 401 Unauthorized"

I am also attaching a snip of my debugger. Can you please tell me what's missing

JayNewstrom commented 2 years ago

Do you have offline_access in your scopes?

RahulChandrabhan commented 2 years ago

Do you have offline_access in your scopes?

Yes Jay,

My Config Code:

    return new OIDCConfig.Builder()
            .clientId(BaseApplication.getStringProperty(AppPropertyKeyConstants.CLIENT_ID))
            .redirectUri(BaseApplication.getStringProperty(AppPropertyKeyConstants.REDIRECT_URI))
            .endSessionRedirectUri(BaseApplication.getStringProperty(AppPropertyKeyConstants.END_SESSION_REDIRECT_URI))
            .scopes("openid", "profile", "offline_access")
            .customConfiguration(createCustomConfig())
            .create();

I am also getting refresh token when I sign in the user.

JayNewstrom commented 2 years ago

We have a test/sample app for this project here: https://github.com/okta/okta-oidc-android/blob/master/app/src/main/java/com/okta/oidc/example/SampleActivity.java#L278

I just used the refresh functionality to successfully get new tokens. Since I'm unable to recreate your issue, would you mind taking a look at that sample, and seeing if you could reproduce the issue there?

RahulChandrabhan commented 2 years ago

We have a test/sample app for this project here: https://github.com/okta/okta-oidc-android/blob/master/app/src/main/java/com/okta/oidc/example/SampleActivity.java#L278

I just used the refresh functionality to successfully get new tokens. Since I'm unable to recreate your issue, would you mind taking a look at that sample, and seeing if you could reproduce the issue there?

Thanks Jay, I need to enable refresh token from Dashboard, after that I was able to refresh my tokens. Also thanks to this https://github.com/okta/okta-oidc-android/issues/178#issuecomment-670220414