search

trivago / Heimdallr.swift

Easy to use OAuth 2 library for iOS, written in Swift.
Apache License 2.0
639 stars 86 forks source link

Prevent refresh race conditions #93

Closed Stengo closed 8 years ago

Stengo commented 8 years ago

Description

Making multiple calls to authenticateRequest with an expired access token can lead to multiple requests for a new access token with the same refresh token. As a result, the user might be left with an invalid token.

In order to prevent this, we decided to make calls to authenticateRequest sequential. This is achieved by using a serial queue and limiting its resources via a semaphore.

hffmnn commented 8 years ago

@marcelofabri do you have some comments on this one?

marcelofabri commented 8 years ago

Seems good to me! 👏

I didn't know about dispatch_suspend and dispatch_release 💯