Aitorbp
commented
8 months ago Currently the application stores cookies in memory, during the execution of the application, but does not provide persistent cookie storage between application sessions. This means that when the app is closed and reopened new cookies are generated.
The contents of the cookies are stored in the cookieStore variable. This variable is passed as a parameter to the CookieJarlmpl. The CookieJarlmpl.kt class is where the methods in charge of cookie management are located, specifically, where getter and setter of the cookies are located.
This class in turn is assigned to the CookieJar interface in HttpClient.
final CookieJar cookieJar = new CookieJarImpl(mCookieStore);
To give more details of CookieJar, according to the documentation itself: This interface are responsible for selecting which cookies to accept and which to reject. A reasonable policy is to reject all cookies, though that may interfere with session-based authentication schemes that require cookies.
After this, CookieJar is sent in the httpClient request, which is called every time the app is closed and opened.
mOkHttpClient = buildNewOkHttpClient(sslSocketFactory, trustManager, cookieJar);
To check that the cookies are working correctly the following test has been done. From an OC10 account we opened and closed the app. We went to the website and changed the account password. We opened the app and as a result we received an "Authentication Fail" message with a 401 error.
jesmrec
EPIC:
To do (basic auth):
With this steps, will avoid that cookies will support session even though credentials changed or not valid anymore.
This is the preliminary step to implement:
so, key icon could be removed from there because new credentials will be automatically asked if needed.