RefreshTokenPlugin: excecution is locked when updateTokenHandler gets 401 error #205
Comments
|
Possible solution - add class RefreshTokenPlugin(
private val updateTokenHandler: suspend () -> Boolean,
private val isCredentialsActual: (HttpRequest) -> Boolean,
private val needSkipRequest: (HttpRequest) -> Boolean,
) {
class Config {
var updateTokenHandler: (suspend () -> Boolean)? = null
var isCredentialsActual: ((HttpRequest) -> Boolean)? = null
var needSkipRequest: (HttpRequest) -> Boolean = { false }
fun build() = RefreshTokenPlugin(
updateTokenHandler = updateTokenHandler
?: throw IllegalArgumentException("updateTokenHandler should be passed"),
isCredentialsActual = isCredentialsActual
?: throw IllegalArgumentException("isCredentialsActual should be passed"),
needSkipRequest = needSkipRequest,
)
}
companion object Plugin : HttpClientPlugin<Config, RefreshTokenPlugin> {
private val refreshTokenHttpPluginMutex = Mutex()
override val key = AttributeKey<RefreshTokenPlugin>("RefreshTokenPlugin")
override fun prepare(block: Config.() -> Unit) = Config().apply(block).build()
override fun install(plugin: RefreshTokenPlugin, scope: HttpClient) {
scope.receivePipeline.intercept(HttpReceivePipeline.After) {
if (subject.status != HttpStatusCode.Unauthorized || plugin.needSkipRequest(subject.request)) {
proceedWith(subject)
return@intercept
}
refreshTokenHttpPluginMutex.withLock {
// If token of the request isn't actual, then token has already been updated and
// let's just to try repeat request
if (!plugin.isCredentialsActual(subject.request)) {
val requestBuilder = HttpRequestBuilder().takeFrom(subject.request)
val result: HttpResponse = scope.request(requestBuilder)
proceedWith(result)
return@intercept
}
// Else if token of the request is actual (same as in the storage), then need to send
// refresh request.
if (plugin.updateTokenHandler.invoke()) {
// If the request refresh was successful, then let's just to try repeat request
val requestBuilder = HttpRequestBuilder().takeFrom(subject.request)
val result: HttpResponse = scope.request(requestBuilder)
proceedWith(result)
} else {
// If the request refresh was unsuccessful
proceedWith(subject)
}
}
}
}
}
}Example usage: needSkipRequest = { request ->
request.call.request.url.encodedPath.endsWith("/auth/refresh")
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
updateTokenHandlerusually contains a request for refreshingaccessToken, but in some APIs this request can get401 Unauthorizederror (for example, whenrefreshTokenis outdated as well). In this caseRefreshTokenPlugingets locked by mutex, and no other requests can be executedThe text was updated successfully, but these errors were encountered: