Karen Frangulyan
03/15/2022, 11:25 AMWWW-Authenticate
header set, as a result the refreshToken
is not being triggered. I tried to solve this by intercepting the responses and adding that header manually on mobile client, however, token refresh is still not triggered and I don't see that header in http response logs, even though the interceptor code is being executed. Below is the simplified version of my client setup:
install(Logging)
install("Fix Unauthorized headers") {
receivePipeline.intercept(HttpReceivePipeline.Before) { response ->
println("----------- INTERCEPTING!") // this is printed
proceedWith(UnauthorizedResponseWrapper(response))
}
}
install(Auth) {
bearer {
loadTokens {
println("---------- LOADING TOKENS!") // this is printed
...
}
refreshTokens {
println("---------- REFRESHING TOKENS!") // this is NOT printed
...
}
}
}
and the UnauthorizedResponseWrapper
is pretty simple - just adds the header if needed:
private class UnauthorizedResponseWrapper(response: HttpResponse): HttpResponse() {
override val call: HttpClientCall = response.call
override val content: ByteReadChannel = response.content
override val coroutineContext: CoroutineContext = response.coroutineContext
override val headers: Headers = buildHeaders {
appendAll(response.headers)
if (response.status == HttpStatusCode.Unauthorized && !response.headers.contains(HttpHeaders.WWWAuthenticate)) {
println("--------- APPENDING WWWAuth header!") // this is printed!
append(HttpHeaders.WWWAuthenticate, AuthScheme.Bearer)
}
}
override val requestTime: GMTDate = response.requestTime
override val responseTime: GMTDate = response.responseTime
override val status: HttpStatusCode = response.status
override val version: HttpProtocolVersion = response.version
}
As I said - I'm completely new to ktor, am I missing something here or maybe the header should be different to pass through Auth checks?