New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refresh token issues for oAuth2 #42
Comments
Ok so since I had some issues with this as well. Important question first....are you using on the simulator or the phone? Secondly, once you start the app after few hours, have you tracked where the code ends up? Meaning if it gets the save credentials and send them and if it does, will it go for the refresh etc... Looking at it right here, it kinda seems like it should work. You save the token again on refresh so it should be 👍 |
I've been using both and to be honest I just added I'm going to try with the new code on an actual device. |
I am using this on my actual device and I made sure to include .offlineaccess to the my scope and it still doesn't refresh the token. Been working on this for a couple of days..... |
Where is the Initiate login called? Try using forceRefresh as well? Have either of you tried the demo app @daneden posted in the repo by any chance? |
Thanks! I'm calling The container i'm using is: class ClientContainer: ObservableObject {
@Published var client: Twift?
@Published var launchErrorAlert = false
@Published var launchErrorMessage = ""
} From what I can tell in my breakpoints the new user is getting updated, but will double check. |
I see. At least client does not need to be Published property, response data can be, as in And you are forwarding that client to the main view or how is it accessed? I guess it is initialised then in the AppDelegate as @StateObject? |
I have it as var body: some Scene {
WindowGroup {
ZStack {
if let twitterClient = container.client {
ContentView()
.environmentObject(twitterClient)
.... I set up some breakpoints and it seems that after two hours I'm getting |
Could be yeah. I see why client is @published now, so main view can refresh when you initialize it i guess? So for the refresh, try sending the forceRefresh to see how it behaves after 2h, but really drawing a blank as to why this is failing to get the user. Does it ever try to decode the saved user, and is there anything saved ever? |
I probably sound like I have no idea what I'm doing :D, but I have this function below that calls func getRefreshToken() {
Task {
print(#function)
if let savedUser = defaults.object(forKey: ConstantStrings.authKeyChainString) as? Data {
if let loadedUser = try? decoder.decode(OAuth2User.self, from: savedUser) {
print("loadedUser: \(loadedUser)")
container.client = Twift(oauth2User: loadedUser, onTokenRefresh: { newUser in
if let encoded = try? encoder.encode(newUser) {
defaults.set(encoded, forKey: ConstantStrings.authKeyChainString)
}
})
try? await container.client?.refreshOAuth2AccessToken()
withAnimation {
showLoginScreen = false
}
}
}
}
} SceneChange var body: some Scene {
WindowGroup {
ZStack {
if let twitterClient = container.client {
ContentView()
.environmentObject(twitterClient)
} else {
Text("Logging In")
LoginView()
.edgesIgnoringSafeArea(.all)
}
}
.alert(isPresented: $showErrorAlert) {
Alert(title: Text("Failed to get token"), message: Text(errorAlertMessage),
dismissButton: .default(Text("Ok")))
}
}
.onChange(of: scenePhase) { newPhase in
if newPhase == .active {
print("Active")
} else if newPhase == .inactive {
print("Inactive")
} else if newPhase == .background {
print("Background")
getRefreshToken()
}
}
} Let me set some breakpoints and check back to see what happens. I'll need to wait for the two~ish hour window. |
Ok I set up some break points and let it fail. I called I can see that my refresh token is still good, but the clientID is
|
Hey guys! Thanks for reporting this issue and providing so much detail @arbyruns. I’m doing some local testing myself now and have run into at least a couple of potential root issues which I’ll fix and elaborate on. For one, I didn't write the encoder properly for OAuth2User structs, so token expiration dates aren't correctly stored and retrieved. This will be fixed soon, but I will ensure this original issue is fixed before pushing any code. I’m also going to update the test app to demonstrate how to securely store tokens for easier reference too (should help with #40). |
@daneden thank you so much! Let me know if there's anything else I can help with. |
@roblack what you provided works great on launch of the app, but how can I go about implementing your workaround within a button? I call twiftLoginViewModel.initiateLogin { value in
print("value")
} |
Hey @arbyruns, you should try updating to the new release of Twift (v0.2.1) and see if it resolves your issue. As described in #43, there was an issue with how refresh tokens were encoded for storage, which may have been contributing to the problem you encountered. It's worth bearing in mind that you should not have to manually refresh the authentication token; all of Twift's network calls check the token expiration and attempt to refresh it if necessary. You can (for debugging reasons, for example) force a refresh using the |
Thanks I'll give it a try! Just for my own clarity, I don't need to call |
@arbyruns correct! Every network call in Twift is eventually handled by the internal Line 9 in de93f15
refreshOAuth2AccessToken(onlyIfExpired: true) function. This ensures that tokens are refreshed on your behalf only when necessary, but you still have the option to manually refresh them in order to handle the new token (e.g. if you want to update stored credentials for some reason)
|
Thank you for the explanation and for the quick turn around! |
I've been running into an issue with refresh tokens. I have no issues logging in for the user, but I'm finding if I come back several hours later I'm unauthorized and have to initiate the login process all over again.
This is what I'm running at start of the update in my
AppDelegate
. Do I need torefreshOAuth2AccessToken
atinitiateLogin
?The text was updated successfully, but these errors were encountered: