Skip to content

feat: Add automatic token refresh for API methods#209

Merged
MasterJ93 merged 1 commit intoMasterJ93:mainfrom
P24L:feature/auto-token-refresh
Aug 3, 2025
Merged

feat: Add automatic token refresh for API methods#209
MasterJ93 merged 1 commit intoMasterJ93:mainfrom
P24L:feature/auto-token-refresh

Conversation

@P24L
Copy link
Contributor

@P24L P24L commented Jul 29, 2025

  • Add ensureValidToken() method to SessionConfiguration protocol
  • Update prepareAuthorizationValue() to refresh tokens for auth-optional methods
  • Modify getTimeline() as proof-of-concept for auth-required methods
  • Tokens are refreshed if they expire within 10 seconds
  • No breaking changes, maintains backward compatibility

Summary

This PR implements automatic token refresh functionality to prevent ExpiredToken errors when making API calls. The implementation follows the approach discussed in issue #203 and uses a helper method pattern to minimize code changes while maintaining backward compatibility.

Problem

  • Access tokens expire after ~2 hours, causing API calls to fail with ExpiredToken errors
  • Users currently must catch these errors and manually refresh tokens
  • This creates poor developer experience and requires boilerplate error handling

Solution

Implemented automatic token refresh using a three-pronged approach:

  1. Added ensureValidToken() helper method to SessionConfiguration

    • Checks if token expires within 10 seconds
    • Automatically calls refreshSession() if needed
    • Gracefully handles token parsing errors

  2. Updated prepareAuthorizationValue() for auth-optional methods

    • Now calls ensureValidToken() before retrieving access token
    • All auth-optional methods automatically benefit from token refresh

  3. Modified getTimeline() as proof-of-concept for auth-required methods

    • Added single line: try await sessionConfiguration?.ensureValidToken()
    • Demonstrates the pattern for other auth-required methods

Implementation Details

  • Minimal code changes: Only 1 line per auth-required method
  • No breaking changes: Fully backward compatible
  • Centralized logic: Token refresh logic stays in SessionConfiguration

Next Steps

If this approach is approved, the same pattern can be applied to:

  • ~167 other auth-required API methods

Linked Issues

#203

Type of Change

  • Bug Fix
  • New Feature
  • Documentation

Checklist:

  • My code follows the ATProtoKit API Design Guidelines as well as the Swift API Design Guidelines.
  • I have performed a self-review of my own code and commented it, particularly in hard-to-understand areas.
  • I have made corresponding changes to the documentation.
  • My changes generate no new warnings or errors in the compiler or runtime.
  • My code is able to build and run on my machine.

@P24L
feat: Add automatic token refresh functionality
84b297c 
- Add ensureValidToken() method to SessionConfiguration protocol
- Update prepareAuthorizationValue() to refresh tokens for auth-optional methods
- Modify getTimeline() as proof-of-concept for auth-required methods
- Tokens are refreshed if they expire within 10 seconds
- No breaking changes, maintains backward compatibility
@P24L P24L mentioned this pull request Jul 29, 2025
Merged
8 tasks
MasterJ93
MasterJ93 approved these changes Aug 3, 2025
View reviewed changes
Copy link
Owner

@MasterJ93 MasterJ93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is fine. I'll approve it. It'll be in the next update.

@MasterJ93 MasterJ93 merged commit d14acf5 into MasterJ93:main Aug 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MasterJ93 MasterJ93 MasterJ93 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@P24L @MasterJ93