New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automatically refresh access tokens in OAuthSwiftClient #596
Automatically refresh access tokens in OAuthSwiftClient #596
Conversation
Access tokens have an expiration date but OAuthSwift doesn't automatically refresh access tokens by default. This change proposes a solution: - that makes OAuthSwift automatically refresh access tokens when they expire - which is opt-in by providing one simple convenient method - containing the minimum amount of changes needed to avoid to break existing apps Changes: - Add a new function requestWithAutomaticAccessTokenRenewal in OAuthSwiftClient. When used, it automatically refreshes the access token if it expired and restart the query. - Move the implementation for renewAccessToken and requestOAuthAccessToken from OAuth2Swift to OAuthSwiftClient. The methods renewAccessToken and requestOAuthAccessToken are still available in OAuth2Swift but they simply forward the call to OAuthSwiftClient to ensure that old apps don't need to be changed. You can call the convenient method requestWithAutomaticAccessTokenRenewal in OAuthSwiftClient with the correct parameters. If the access token expired, requestWithAutomaticAccessTokenRenewal will automatically renew the access token and retry the query. Here is an example to perform a query on Reddit: static func requestIdentity(client: OAuthSwiftClient) { client.requestWithAutomaticAccessTokenRenewal(url: URL(string: "https://oauth.reddit.com/api/v1/me")!, method: .GET, headers: nil, contentType: nil, accessTokenBasicAuthentification: true, accessTokenUrl: "https://www.reddit.com/api/v1/access_token", onTokenRenewal: nil) { (result) in switch result { case .success(let response): // Do something debugPrint("Received \(response)") break case .failure: // Fail nicely break } } }
Thanks I will look at that closely I see some issue with code formatting |
@phimage Let me know if I can help in any way or if you need some clarifications. |
I need that you fix the indentation/fomatting, I make a review about this |
thanks, I will check code format later |
Hi, when can we expect this to be released? |
This PR has been merged so you can easily adopt the code today by pulling the code from the |
Thanks @Timac. I was using the release number as the pod OAuthSwift version. |
@Timac When can we expect a release tag for this? As we cannot control the versions from pulling the code from the |
@dutennakoon I use SwiftPM now (and sometimes carthage) so I will not be fast with cocoadpod (no more installed and connected to their specs) |
Thanks for the update @phimage |
Hey @Timac, in your example you are passing onTokenRenewal as nil. But in the method you have the following code on line number 289. So, the renewal does not happen if you pass this as nil. Can you let me know if I'm doing something wrong here?
|
I have made the changes here and now this works correctly. vijaywargiya@67b441a |
@vijaywargiya The example could indeed be improved to demonstrate how to pass a The change you proposed could led to more issues than it helps. I believe that after this change, I would suggest to instead make sure that you pass a non-nil |
I think in that case we should make the parameter not accept nil. Since it would not work with a nil param anyways. |
I'm looking for exactly this functionality, but can't work out how to use it!! Currently I call |
This introduced a new API and thus warrants a new minor version. Going to change the version from 2.1.3 to 2.2.0. |
Summary
Access tokens have an expiration date but OAuthSwift doesn't automatically refresh access tokens by default.
This PR proposes a solution:
Related links:
Changes:
requestWithAutomaticAccessTokenRenewal
in OAuthSwiftClient. When used, it automatically refreshes the access token if it expired and restart the query.renewAccessToken
andrequestOAuthAccessToken
from OAuth2Swift to OAuthSwiftClient. The methodsrenewAccessToken
andrequestOAuthAccessToken
are still available in OAuth2Swift but they simply forward the call to OAuthSwiftClient to ensure that old apps don't need to be changed.Why?
I developed an application, called Clatters, that needs to access various services relying on OAuth. Rather that creating my own OAuth library, I decided to use OAuthSwift as it perfectly fit my needs.
However I believe that OAuthSwift should automatically refresh access tokens when they expire. The app itself shouldn't have to implement the logic to handle expired token.
Clatters has been available in the iOS App Store since February 2020 and relies on the code written in this PR.
Usage
You can call the convenient method
requestWithAutomaticAccessTokenRenewal
in OAuthSwiftClient with the correct parameters. If the access token expired,requestWithAutomaticAccessTokenRenewal
will automatically renew the access token and retry the query. Here is an example to perform a query on Reddit:Notes
I wanted to keep the changes proposed in this PR really simple. As previously mentioned: