https://kotlinlang.org logo
Join Slack
Powered by
Heya! I'm facing a niche issue with the Ktor clien...
# ktor
s
Heya! I'm facing a niche issue with the Ktor client. I'm implementing Bearer authentication as described here: https://ktor.io/docs/bearer-client.html#configure However, with the following config
Copy code
install(Auth) {
    bearer {
        loadTokens {
            // Load tokens from a local storage and return them as the 'BearerTokens' instance
            BearerTokens("abc123", "xyz111")
        }
    }
}
The 
loadTokens
block is only called once, upon launch. I'd like to do a local check for whether the JWT token has expired. Originally my plan was to do that check in the 
loadTokens
block but since it's only called once that won't work. is there any other way to do this? (Short of using the 
HttpSend
plugin to intercept requests and check the token)
c
Copy code
bearer {
    loadTokens {
        // Initial token
    }

    refreshTokens {
        // Generate new tokens
    }
}
The idea is: when your token expires, the request will fail with 401 Unauthorized (if your server is written correctly). Ktor will notice that, execute the 
refreshTokens
function, and restart the request with the new token.
This way, you don't have to do anything to know when the tokens are invalid, Ktor refreshes the token whenever a request fails because of lack of authentication
s
Yeah that's cool I understand the way that works. Essentially we have a requirement to reduce load on our server by not making the network call if we can tell locally that the token has expired. I'm wondering what's the best way of doing that within this context
c
I'm surprised you can even measure that. How fast do your tokens expire for this to matter?
s
Every 5 minutes, we also do it to make logs easier to read since there are very few 401s by doing this
4 Views
Open in Slack
PreviousNext
Powered by