On a client i would like to use JWT auth These JWT expires s kotlinlang #ktor

On a client i would like to use JWT auth. These JWT expires sometimes, so i would like to intercept every request and look for a 401 or 403 response, refresh my token and retry the request. How do i do this? I found

HttpResponseValidator

which seems useful, but how do i: 1. Perform a refresh request 2. Retry the failed request Perhaps im better off wrapping my ktor calls in a helper, and handle it there instead of trying to use

HttpResponseValidator

jorge.rego

08/13/2020, 12:39 PM

How do you do that in your server or in your client?

In server side you can install JWT Authentication feature and validate tokens by JWT validator. All routes inside authentication will require to pass the JWT validator. Here you can find an example: https://github.com/mathias21/KtorEasy

Mgj

08/13/2020, 12:41 PM

In my client

jorge.rego

08/13/2020, 1:31 PM

Ktor doc is not saying anything about how to deal with token refresh, but in OkHttp3 Android you would implement a token Authenticator that will process token refresh when 401 is returned.

Mgj

08/13/2020, 1:38 PM

Yeah something like that would be great. Im unsure if its part of retrofit or okhttp but the `authenticator`class is very very useful for this purpose, or the more generalized interceptors. But i want to use something shared across the different platforms in my KMP project

jorge.rego

08/13/2020, 3:27 PM

This is what I was talking about, for sure part of the OkHttp3 lib. https://square.github.io/okhttp/4.x/okhttp/okhttp3/-authenticator/ In any case, you need to intercept http responses to automate this process, so the library you use should allow that.

edenman

08/13/2020, 8:12 PM

i just have a helper

suspend fun doRequest

that i run all my requests through and then recursively call it based on response codes and auth token stuff

👍 1

#ktor Join Slack