Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[77] [Fix] Token doesnt refresh after expires #80

Closed
wants to merge 1 commit into from
Closed

[77] [Fix] Token doesnt refresh after expires #80

wants to merge 1 commit into from

Conversation

markgravity
Copy link
Owner

#77

What happened

After token is expired, app doesn't refresh or redirect to Login screen

Insight

  • Try to refresh token if it receivies invalid token error from an api request and redirect to Login screen if refresh failure

Proof Of Work

Login -> Modify token, refresh token (create invalid token) -> Receives 401 when request /me -> Refresh Token -> Receives 403 -> Redirect to Login

flutter: *** Request ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/token
flutter: method: POST
flutter: responseType: ResponseType.json
flutter: followRedirects: true
flutter: connectTimeout: 0
flutter: sendTimeout: 0
flutter: receiveTimeout: 0
flutter: receiveDataWhenStatusError: true
flutter: extra: {}
flutter: headers:
flutter:  content-type: application/json; charset=utf-8
flutter: data:
flutter: {email: [email protected], password: 12345678, client_id: z9iUamZLvRgtVVtRJ8UqItg2vmncGyEi30p1eWEddnA, client_secret: 1vqRNMxq-Yx83A61GNjLb17qxCGKxHDb8EmB3MKdxqA, grant_type: password}
flutter:
flutter: *** Response ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/token
flutter: statusCode: 200
flutter: headers:
flutter:  connection: keep-alive
flutter:  cache-control: private, no-store
flutter:  transfer-encoding: chunked
flutter:  date: Thu, 27 May 2021 02:55:27 GMT
flutter:  content-encoding: gzip
flutter:  vary: Accept-Encoding, Origin
flutter:  strict-transport-security: max-age=31536000; includeSubDomains
flutter:  referrer-policy: strict-origin-when-cross-origin
flutter:  x-permitted-cross-domain-policies: none
flutter:  pragma: no-cache
flutter:  content-type: application/json; charset=utf-8
flutter:  x-xss-protection: 1; mode=block
flutter:  server: Cowboy
flutter:  x-request-id: 1d5f4f34-1c81-4e8a-b66f-276a549bd19a
flutter:  x-download-options: noopen
flutter:  x-runtime: 0.346076
flutter:  etag: W/"d7f67518a5d63f83d8d61fec9d2cb5ad"
flutter:  via: 1.1 vegur
flutter:  x-frame-options: SAMEORIGIN
flutter:  x-content-type-options: nosniff
flutter: Response Text:
flutter: {"data":{"id":2242,"type":"token","attributes":{"access_token":"496ACdMVaUiKSC3HPkgWwl4JF8_vIPVDx3L0hVx-aH4","token_type":"Bearer","expires_in":7200,"refresh_token":"ElPok6nQR2xca6Ol3CEe8vlredFg6TszIBSQU5Jy3Pg","created_at":1622084128}}}
flutter:
flutter: *** Request ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/me
flutter: method: GET
flutter: responseType: ResponseType.json
flutter: followRedirects: true
flutter: connectTimeout: 0
flutter: sendTimeout: 0
flutter: receiveTimeout: 0
flutter: receiveDataWhenStatusError: true
flutter: extra: {}
flutter: headers:
flutter:  authorization: Bearer 496ACdMVaUiKSC3HPkgWwl4JF8_vIPVDx3L0hVx-aH4
flutter: data:
flutter: null
flutter:
flutter: *** Response ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/me
flutter: statusCode: 200
flutter: headers:
flutter:  connection: keep-alive
flutter:  cache-control: max-age=0, private, must-revalidate
flutter:  transfer-encoding: chunked
flutter:  date: Thu, 27 May 2021 02:55:28 GMT
flutter:  vary: Accept-Encoding, Origin
flutter:  content-encoding: gzip
flutter:  strict-transport-security: max-age=31536000; includeSubDomains
flutter:  referrer-policy: strict-origin-when-cross-origin
flutter:  x-permitted-cross-domain-policies: none
flutter:  content-type: application/json; charset=utf-8
flutter:  x-xss-protection: 1; mode=block
flutter:  server: Cowboy
flutter:  x-request-id: c65ef54a-8941-45c1-9280-0793de8eda07
flutter:  x-download-options: noopen
flutter:  x-runtime: 0.014001
flutter:  etag: W/"0c539349dfe1298c71f199630e0d75cf"
flutter:  via: 1.1 vegur
flutter:  x-frame-options: SAMEORIGIN
flutter:  x-content-type-options: nosniff
flutter: Response Text:
flutter: {"data":{"id":"2","type":"user","attributes":{"email":"[email protected]","avatar_url":"https://api.adorable.io/avatar/[email protected]"}}}
flutter:
flutter: *** Request ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/me
flutter: method: GET
flutter: responseType: ResponseType.json
flutter: followRedirects: true
flutter: connectTimeout: 0
flutter: sendTimeout: 0
flutter: receiveTimeout: 0
flutter: receiveDataWhenStatusError: true
flutter: extra: {}
flutter: headers:
flutter:  authorization: Bearer s
flutter: data:
flutter: null
flutter:
flutter: *** DioError ***:
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/me
flutter: DioError [DioErrorType.response]: Http status error [401]
#0      DioMixin.assureDioError (package:dio/src/dio_mixin.dart:819:20)
#1      DioMixin._dispatchRequest (package:dio/src/dio_mixin.dart:678:13)
<asynchronous suspension>
#2      DioMixin.fetch.<anonymous closure>.<anonymous closure> (package:dio/src/dio_mixin.dart)
<asynchronous suspension>
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/me
flutter: statusCode: 401
flutter: headers:
flutter:  connection: keep-alive
flutter:  cache-control: private, no-store
flutter:  transfer-encoding: chunked
flutter:  date: Thu, 27 May 2021 02:55:32 GMT
flutter:  content-encoding: gzip
flutter:  vary: Accept-Encoding, Origin
flutter:  strict-transport-security: max-age=31536000; includeSubDomains
flutter:  referrer-policy: strict-origin-when-cross-origin
flutter:  x-permitted-cross-domain-policies: none
flutter:  pragma: no-cache
flutter:  content-type: application/json; charset=utf-8
flutter:  x-xss-protection: 1; mode=block
flutter:  www-authenticate: Bearer realm="Doorkeeper", error="invalid_token", error_description="The access token is invalid"
flutter:  server: Cowboy
flutter:  x-request-id: 633e94a0-3517-490c-9425-3641c231c3a0
flutter:  x-download-options: noopen
flutter:  x-runtime: 0.027839
flutter:  via: 1.1 vegur
flutter:  x-frame-options: SAMEORIGIN
flutter:  x-content-type-options: nosniff
flutter: Response Text:
flutter: {"errors":[{"source":"unauthorized","detail":"The access token is invalid","code":"invalid_token"}]}
flutter:
flutter:
flutter: *** Request ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/token
flutter: method: POST
flutter: responseType: ResponseType.json
flutter: followRedirects: true
flutter: connectTimeout: 0
flutter: sendTimeout: 0
flutter: receiveTimeout: 0
flutter: receiveDataWhenStatusError: true
flutter: extra: {}
flutter: headers:
flutter:  authorization: Bearer s
flutter:  content-type: application/json; charset=utf-8
flutter: data:
flutter: {refresh_token: s, client_id: z9iUamZLvRgtVVtRJ8UqItg2vmncGyEi30p1eWEddnA, client_secret: 1vqRNMxq-Yx83A61GNjLb17qxCGKxHDb8EmB3MKdxqA, grant_type: refresh_token}
flutter:
flutter: *** DioError ***:
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/token
flutter: DioError [DioErrorType.response]: Http status error [400]
#0      DioMixin.assureDioError (package:dio/src/dio_mixin.dart:819:20)
#1      DioMixin._dispatchRequest (package:dio/src/dio_mixin.dart:678:13)
<asynchronous suspension>
#2      DioMixin.fetch.<anonymous closure>.<anonymous closure> (package:dio/src/dio_mixin.dart)
<asynchronous suspension>
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/token
flutter: statusCode: 400
flutter: headers:
flutter:  connection: keep-alive
flutter:  cache-control: private, no-store
flutter:  transfer-encoding: chunked
flutter:  date: Thu, 27 May 2021 02:55:34 GMT
flutter:  content-encoding: gzip
flutter:  vary: Accept-Encoding, Origin
flutter:  strict-transport-security: max-age=31536000; includeSubDomains
flutter:  referrer-policy: strict-origin-when-cross-origin
flutter:  x-permitted-cross-domain-policies: none
flutter:  pragma: no-cache
flutter:  content-type: application/json; charset=utf-8
flutter:  x-xss-protection: 1; mode=block
flutter:  www-authenticate: Bearer realm="Doorkeeper", error="invalid_grant", error_description="The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
flutter:  server: Cowboy
flutter:  x-request-id: a849276c-cee5-43e8-aaaf-bbe153854b9a
flutter:  x-download-options: noopen
flutter:  x-runtime: 0.029976
flutter:  via: 1.1 vegur
flutter:  x-frame-options: SAMEORIGIN
flutter:  x-content-type-options: nosniff
flutter: Response Text:
flutter: {"errors":[{"source":"Doorkeeper::OAuth::Error","detail":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.","code":"invalid_grant"}]}
flutter:
flutter:
flutter: *** Request ***
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/revoke
flutter: method: POST
flutter: responseType: ResponseType.json
flutter: followRedirects: true
flutter: connectTimeout: 0
flutter: sendTimeout: 0
flutter: receiveTimeout: 0
flutter: receiveDataWhenStatusError: true
flutter: extra: {}
flutter: headers:
flutter:  authorization: Bearer s
flutter:  content-type: application/json; charset=utf-8
flutter: data:
flutter: null
flutter:
flutter: *** DioError ***:
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/revoke
flutter: DioError [DioErrorType.response]: Http status error [403]
#0      DioMixin.assureDioError (package:dio/src/dio_mixin.dart:819:20)
#1      DioMixin._dispatchRequest (package:dio/src/dio_mixin.dart:678:13)
<asynchronous suspension>
#2      DioMixin.fetch.<anonymous closure>.<anonymous closure> (package:dio/src/dio_mixin.dart)
<asynchronous suspension>
flutter: uri: https://nimble-survey-web-staging.herokuapp.com/api/v1/oauth/revoke
flutter: statusCode: 403
flutter: headers:
flutter:  connection: keep-alive
flutter:  cache-control: no-cache
flutter:  transfer-encoding: chunked
flutter:  date: Thu, 27 May 2021 02:55:36 GMT
flutter:  vary: Accept-Encoding, Origin
flutter:  content-encoding: gzip
flutter:  strict-transport-security: max-age=31536000; includeSubDomains
flutter:  referrer-policy: strict-origin-when-cross-origin
flutter:  x-permitted-cross-domain-policies: none
flutter:  content-type: application/json; charset=utf-8
flutter:  x-xss-protection: 1; mode=block
flutter:  server: Cowboy
flutter:  x-request-id: f745de0c-9d77-45b7-9cde-46824137cb2e
flutter:  x-download-options: noopen
flutter:  x-runtime: 0.005510
flutter:  via: 1.1 vegur
flutter:  x-frame-options: SAMEORIGIN
flutter:  x-content-type-options: nosniff
flutter: Response Text:
flutter: {"errors":[{"detail":"You are not authorized to revoke this token","code":"unauthorized_client"}]}
flutter:
flutter:
demo-custom-1.mp4

@markgravity markgravity added the type: bug Something isn't working label May 27, 2021
@markgravity markgravity added this to the 0.0.3 milestone May 27, 2021
@markgravity markgravity self-assigned this May 27, 2021
@markgravity markgravity force-pushed the bug/77-fix-token-doesnt-refresh-after-expires branch from ba032bb to 18a7f7c Compare May 27, 2021 03:02
@markgravity markgravity linked an issue May 27, 2021 that may be closed by this pull request
[Bug] Token doesn't refresh after expires #77
Open
@markgravity markgravity removed this from the 0.3.0 milestone Jun 3, 2021
@markgravity markgravity added this to the 0.5.0 milestone Jun 3, 2021
Base automatically changed from chore/23-test-login-screen to develop June 4, 2021 03:27
@markgravity markgravity modified the milestones: 0.5.0, 0.6.0, 0.7.0, 0.8.0 Jun 21, 2021
@markgravity markgravity closed this Jul 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@markgravity markgravity

Labels
type: bug Something isn't working @0.5.0 @0.6.0
Projects
None yet
Milestone
0.8.0
Development

Successfully merging this pull request may close these issues.

[Bug] Token doesn't refresh after expires
1 participant
@markgravity