https://kotlinlang.org logo
Title
e

Emirhan Emmez

05/16/2023, 8:02 AM
Hi guys, I'm facing an issue with refreshTokens for bearer authentication. Here is my Auth config
install(Auth) {
    bearer {
        loadTokens {
            BearerTokens(
                accessToken = localService.getBearerToken().orEmpty(),
                refreshToken = localService.getRefreshToken().orEmpty()
            )
        }
        refreshTokens {
            val token = client.get {
                url("refreshToken")
                parameter("refreshToken", localService.getRefreshToken())
            }.body<Token>()
            BearerTokens(
                accessToken = token.bearerToken,
                refreshToken = token.refreshToken
            )
        }
        sendWithoutRequest {
            it.url.host == "<http://10.0.2.2:8080/login>"
        }
    }
}
refreshTokens block is not triggering what am i missing?
a

Aleksei Tirman [JB]

05/16/2023, 9:30 AM
Can you share the response from the server with 401 status code?
e

Emirhan Emmez

05/16/2023, 9:35 AM
Yes
RESPONSE: 401 Unauthorized
METHOD: HttpMethod(value=GET) FROM: http://10.0.2.2:8080/authHello COMMON HEADERS -> connection: keep-alive -> content-length: 13 -> content-type: text/plain; charset=UTF-8 -> www-authenticate: Bearer -> x-android-received-millis: 1684229673946 -> x-android-response-source: NETWORK 401 -> x-android-selected-protocol: http/1.1 -> x-android-sent-millis: 1684229673929 BODY Content-Type: text/plain; charset=UTF-8 BODY START Unauthorized! BODY END
l

leandro

05/16/2023, 4:06 PM
have you declared
markAsRefreshTokenRequest()
on your
HttpRequestBuilder
?
e

Emirhan Emmez

05/17/2023, 9:05 AM
@leandro I tried but it didn't work
refreshTokens {
    Log.e("REFRESH","triggered")
    val token = client.get {
        markAsRefreshTokenRequest()
        url("refreshToken")
        parameter("refreshToken", localService.getRefreshToken())
    }.body<Token>()
    BearerTokens(
        accessToken = token.bearerToken,
        refreshToken = token.refreshToken
    )
}
l

leandro

05/17/2023, 10:40 AM
Could you check again if this
sendWithoutRequest {
    it.url.host == "<http://10.0.2.2:8080/login>"
 }
is what do you mean? host usually does not include protocol nor port i suspect this check can be the issue. Please change it to
!it.url.encodedPath.contains("/login")
to validate
e

Emirhan Emmez

05/17/2023, 5:29 PM
Thanks @leandro it works 🙂