search

teranetsrl / oauth2_client

Simple Dart library for interacting with OAuth2 servers.
BSD 2-Clause "Simplified" License
96 stars 112 forks source link

Please gracefully handle failures during the refresh token flow #189

Closed btrautmann closed 4 months ago

btrautmann commented 4 months ago

I'm running into an issue using this package where there seem to be failures happening in the token refresh flow but all I'm given back at the call site is:

Error: Exception: Provider error 404: null: null

This is actually being hardcoded any time an issue occurs in the refresh codepath via:

AccessTokenResponse.errorResponse() : super.errorResponse();

which points to

OAuth2Response.errorResponse() {
  respMap = {'http_status_code': 404};
}

This makes it very hard to actually reason about what's happening.

To make matters worse, whenever this failure occurs, the library defaults to fetching a new token which results in an auth popup occurring even though the user should still be authenticated. This leads to situations like this:

https://github.com/teranetsrl/oauth2_client/assets/8343465/ccae0b2b-7d41-4b46-884d-551d736860b8

Is there any way a user of this package can work around this experience?

btrautmann commented 4 months ago

Gonna close this; I just wrote my own oauth client that's tailored to my use case.