What's your strategy to factorize handling of refresh token expiration in a Ktor Client?
👀 1
s
Sylvain Bécuwe
04/27/2024, 12:55 PM
Not sure what you mean exactly but you can use official ktor bearer authentication https://ktor.io/docs/client-bearer-auth.html
Basically what it does is call the refreshToken() method when a 401 status code happens.
r
ribesg
04/27/2024, 1:12 PM
That's for access token. What do you do when the refresh token expires? Supposedly, your user gets disconnected. How do you implement that without catching 401 once in every request?
s
Sylvain Bécuwe
04/27/2024, 1:51 PM
If you want to handle expiracy more specifically you can use libraries like https://jwt.io/libraries then you check tokens validity for example in the defaultRequest configuration before adding the authorization header.
Make sure to use Mutex in that case to avoid coroutines concurrency.
t
Todd
05/07/2024, 7:29 PM
This is my somewhat naive approach which avoids the need for jwt libraries. But it may or may not work for your use case
r
ribesg
05/15/2024, 8:04 AM
Why do you keep answering with ways to refresh an access token? I don't get it. That's not what I asked
t
Todd
05/15/2024, 7:01 PM
Sure, but we also don't owe you anything. Could you try rephrasing or expanding on your question. It's not clear what you are looking for. What does your refresh token look like? Typically refresh tokens don't represent anything meaningful.
r
ribesg
05/15/2024, 7:05 PM
My question is crystal clear. Try to read it again. If you don't get it, don't try to answer it with unrelated stuff.
Access token refresh is irrelevant. Refresh token format is also irrelevant.