Closed tonywu1999 closed 3 years ago
Hello @tonywu1999 . Thank you for raising this issue. I think the first question we have to make, is if the native SDK allows this behavior (I think it does). If so, I'm pretty sure we can implement it as well.
The idea behind this library, is to just be a bridge between the native Okta's SDK (for both Android and iOS), and not add any extra logic to complement the original SDK.
Do you have a sample repo where we can reproduce the issue ?
Hi,
Yes, here is a sample repo that I just created that reproduces this issue:
https://github.com/tonywu1999/okta_sample
To reproduce the issue, on the iPhone, first login through the authorize button, then with iPhone multitask, close out of the app window. Then try to run the app again in roughly 2 hours, and it'll say User not logged in, cannot refresh
Thanks so much. Let me know if you run into any issues. Also in the repo, you'll have to put your own okta credentials in services/AuthService.dart
Hi,
So I found the cause to the problem, at least for iOS (I haven't checked if this is a problem on Android yet)
After restarting the app and waiting for an hour, we open the app and call createConfig
, but line 209 never executes because the accessToken returns nil
from expiring. Thus, after that, if we call refreshTokens()
, stateManager
is nil
because we never got it from createConfig
I can submit a PR where instead of checking if accessToken is nil
, we can check if refreshToken is nil
. What do you think of that?
Edit: Modified line 208 to check if refreshToken is nil
rather than accessToken and it worked.
Edit: Tested refreshTokens
with Android and did not encounter the same issue, so this is only a change in the swift code.
@tonywu1999 , thank you so much for your contribution. I've published the new version as 1.0.0-dev.7.
You can install it with
flutter pub add flutter_okta_sdk
Let me know if the published version works, so I can close this issue
@sonikro , I just checked this morning and the new published version works.
Thanks so much!
Hi,
I'm trying to set up a mobile app where users only need to sign in once. After that, every time the splash screen loads, the client calls
oktaSdk.refreshTokens()
, which allows us to get a new access token for the resource server. On the Okta portal, I haveAuthorization Code
andRefresh Token
checked off for allowed grant types.However, if I login and then restart the app and wait for approximately 2 hours, and then call
oktaSdk.refreshTokens()
, I get the following error:PlatformException(RefreshToken_Error, User not logged in, cannot refresh, Optional(flutter_okta_sdk.FlutterOktaError(message: "User not logged in, cannot refresh")), null)
. From this error, I get the impression that Okta is automatically signing out users after some inactivity (even though we have already written our tokens to secureStorage)?I'm wondering:
Also, regardless of your response, this package has honestly been a game changer in speeding up development for my mobile app. Thanks so much for creating this plug in!