https://kotlinlang.org logo
#ktor
Title
# ktor
m

Mgj

08/13/2020, 12:13 PM
On a client i would like to use JWT auth. These JWT expires sometimes, so i would like to intercept every request and look for a 401 or 403 response, refresh my token and retry the request. How do i do this? I found
HttpResponseValidator
which seems useful, but how do i: 1. Perform a refresh request 2. Retry the failed request Perhaps im better off wrapping my ktor calls in a helper, and handle it there instead of trying to use 
HttpResponseValidator
?
j

jorge.rego

08/13/2020, 12:39 PM
How do you do that in your server or in your client?
In server side you can install JWT Authentication feature and validate tokens by JWT validator. All routes inside authentication will require to pass the JWT validator. Here you can find an example: https://github.com/mathias21/KtorEasy
m

Mgj

08/13/2020, 12:41 PM
In my client
j

jorge.rego

08/13/2020, 1:31 PM
Ktor doc is not saying anything about how to deal with token refresh, but in OkHttp3 Android you would implement a token Authenticator that will process token refresh when 401 is returned.
m

Mgj

08/13/2020, 1:38 PM
Yeah something like that would be great. Im unsure if its part of retrofit or okhttp but the `authenticator`class is very very useful for this purpose, or the more generalized interceptors. But i want to use something shared across the different platforms in my KMP project
j

jorge.rego

08/13/2020, 3:27 PM
This is what I was talking about, for sure part of the OkHttp3 lib. https://square.github.io/okhttp/4.x/okhttp/okhttp3/-authenticator/ In any case, you need to intercept http responses to automate this process, so the library you use should allow that.
e

edenman

08/13/2020, 8:12 PM
i just have a helper
suspend fun doRequest
that i run all my requests through and then recursively call it based on response codes and auth token stuff
👍 1
2 Views