Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token expires but still flagged as valid #5

Closed
sladomic opened this issue Apr 13, 2019 · 3 comments
Closed

Token expires but still flagged as valid #5

sladomic opened this issue Apr 13, 2019 · 3 comments
Labels
bug Something isn't working

Comments

@sladomic
Copy link
Contributor

Description:

  • Wait until the token has expired (typically 1 hour)
  • Try to login

Expected Result:

  • Token is expired and library fetches a new one with the refresh token

Actual Result:

  • Token still flagged as valid, therefore the authentication fails afterwards

Additional Information

  • The token is currently stored as a serialized json, which contains a key "expires_in" as the time in seconds, when the token expires. Now every time the token is loaded from storage/cache, the time is still the same and therefore the token will always be valid, although it has already expired.
  • Fix by storing the actual timestamp, when the token will expire in UTC
sladomic pushed a commit that referenced this issue Apr 13, 2019
Fix Token expiration issue #5
976f74f
@sladomic sladomic added the bug Something isn't working label Apr 13, 2019
@yugandh
Copy link
Collaborator

yugandh commented Apr 25, 2019
edited
Loading

Hi @sladomic ,

I logged in to the mobile application(iOS and Android) using email and password.
After 1 hour i opened the app.
I used below code to make a Microsoft graph api call.

try {
await oauth.login();
String accessToken = await oauth.getAccessToken();
var response = await http.get(https://graph.microsoft.com/v1.0/me/, headers: {"Authorization": "Bearer $accessToken});
print(response.body);

} catch (e) {
  print('login error');
}

I am getting access token expiry error and unable to fetch data from Graph-API.(https://graph.microsoft.com/v1.0/me/)

I have used 0.1.6 version of this repository.
can you please let me know, is there any solution silently acquire access token without Sign-out the application.

Below is the response i will get after 1 hour of background or killing the app and open
Request failed with status: 401.
I/flutter ( 9289): {
I/flutter ( 9289): "error": {
I/flutter ( 9289): "code": "InvalidAuthenticationToken",
I/flutter ( 9289): "message": "Access token has expired.",

@sladomic
Copy link
Contributor Author

@yugandh with version 0.1.6 it should have been fixed, at least for my devices (Android & iOS) it works. Can you do a fresh install or try a logout (oauth.logout()) to force the removal of old tokens stored in Keystore / Keychain?

@yugandh
Copy link
Collaborator

yugandh commented Apr 25, 2019
edited
Loading

Hi @sladomic,

After oauth.logout() it will work. But every time it will ask to enter user name and password to authenticate, after token expiry every 60 minutes.

Just know i pushed one commit in to the below branch, you can pull that branch give your microsoft credentials, it will fetch response for the first time and after 60 minutes it will give access token expiry error.

master...yugandh:Test-Microsoft-Graph-API

One more question after every 60 minutes i am getting same access token, instead of new token.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sladomic @yugandh