What's your strategy to factorize handling of refr...
# ktor
r
What's your strategy to factorize handling of refresh token expiration in a Ktor Client?
👀 1
s
Not sure what you mean exactly but you can use official ktor bearer authentication https://ktor.io/docs/client-bearer-auth.html Basically what it does is call the refreshToken() method when a 401 status code happens.
r
That's for access token. What do you do when the refresh token expires? Supposedly, your user gets disconnected. How do you implement that without catching 401 once in every request?
s
If you want to handle expiracy more specifically you can use libraries like https://jwt.io/libraries then you check tokens validity for example in the defaultRequest configuration before adding the authorization header. Make sure to use Mutex in that case to avoid coroutines concurrency.
t
This is my somewhat naive approach which avoids the need for jwt libraries. But it may or may not work for your use case
r
Why do you keep answering with ways to refresh an access token? I don't get it. That's not what I asked
t
Sure, but we also don't owe you anything. Could you try rephrasing or expanding on your question. It's not clear what you are looking for. What does your refresh token look like? Typically refresh tokens don't represent anything meaningful.
r
My question is crystal clear. Try to read it again. If you don't get it, don't try to answer it with unrelated stuff. Access token refresh is irrelevant. Refresh token format is also irrelevant.