[Supabse + google cloud functions] I need the `auth.currentSession?.accessToken` to verify the user with the JWT secret, but I think it is not refreshed?

[mariopepe]

I am combining Supabase flutter client + Google Cloud Functions.

So, to verify my users I need to manually pass the JWT to cloud functions as Authorization: Bearer

I could obtain it from the Flutter client as Supabase.instance.client.auth.currentSession?.accessToken but I fear that when the JWT expires after 3600 seconds (as per default settings), the refreshed token accessed this way is not really updated.

I checked the function _handleTokenChanged at the path /lib/src/supabase_client.dart

 void _handleTokenChanged(AuthChangeEvent event, String? token) {
    if (event == AuthChangeEvent.tokenRefreshed ||
        event == AuthChangeEvent.signedIn && _changedAccessToken != token) {
      // Token has changed
      _changedAccessToken = token;    // <-- A

      realtime.setAuth(token);    // <-- B
    } else if (event == AuthChangeEvent.signedOut ||
        event == AuthChangeEvent.userDeleted) {
      // Token is removed

      realtime.setAuth(supabaseKey);
    }
  }

And it seems to me that both at point A and point B it does nothing to provide the new JWT to the singleton instance `Supabase.instance.client.auth.

So my question is, if I access the JWT to verify my user (in this way Supabase.instance.client.auth.currentSession?.accessToken) is it granted that I will always get the refreshed one? Or should I get it in some other way?

[dshukertjr]

You can call the refreshSession() method to force refresh the token from your client.

await supabase.auth.refreshSession();
final accessToken = supabase.auth.currentSession?.accessToken;