ios - How to identify if the OAuth token has expired? -


my ios mobile app consumes services implemented oauth2.0 protocol. oauth access token comes along refresh token , expires_in field. saved refresh token , access token expiration time in app don't have idea on when use them.

  • so usual , best practice of using expires_in?
  • how identify access token expired?
  • is there common web service error format says access token expired?

here's information on oauth 2.0 token refresh.

expires in definition

the oauth 2.0 standard, rfc 6749, defines expires_in field number of seconds expiration:

expires_in: recommended. lifetime in seconds of access token. example, value "3600" denotes access token expire in 1 hour time response generated. if omitted, authorization server should provide expiration time via other means or document default value.

token refresh handling: method 1

upon receiving valid access_token, expires_in value, refresh_token, etc., clients can process storing expiration time , checking on each request. can done using following steps:

  1. convert expires_in expire time (epoch, iso datetime, etc.)
  2. store expire time
  3. on each resource request, check current time against expire time , make token refresh request before resource request if access_token has expired

in addition receiving new access_token, may receive new refresh_token expiration time further in future. if receive this, should store new refresh_token extend life of session.

token refresh handling: method 2

another method of handling token refresh manually refresh after receiving invalid token error. can done previous approach or itself.

if attempt use expired access_token , invalid token error, should perform token refresh (if refresh token still valid). since different services can use different error codes expired tokens, can either keep track of code each service or easy way refresh tokens across services try single refresh upon encountering 4xx error.

invalid access token errors

below error codes popular services:

  1. facebook: error 467 invalid access token - access token has expired, been revoked, or otherwise invalid - handle expired access tokens.
  2. linkedin: error 401 unauthorized.
  3. paypal: error 401 unauthorized.

refresh token expiration

if refresh_token has expired, need go through authorization process again.


Comments

Post a Comment

Popular posts from this blog

c# - Validate object ID from GET to POST -

i have method allows user access comment have made on site. have post method lets them update comment. my normal solution send entire comment model through, let them update it, update on database when post back. involve sending commentid through in hiddenfor , can manipulated. how can verify commentid sent in get method same i'm getting in post , not able alter comment wish? how can verify commentid sent in method same i'm getting in post? basically have validate following things in post - user logged-in user. authenticated users post comments. commentid in post , should valid commentid , should present in database. userid associated logged-in user should same userid associated comment . comment should contain userid column, can check @ time of update. to make sure update happens comment has been sent in get - hold commentid in session , in post action compare commentid value in session .
Read more

node.js - Custom Model Validator SailsJS -

when using custom model validator checks record within model. return within spread doesn't seem end control flow. //post.js model /** * custom validator **/ types: { isuservalid: function(user_id) { var promise = require('bluebird'); promise.all([ user.findone({id: user_id}) ]) .spread(function(user) { console.log(user); if (user === null || user === undefined) { console.log('failed'); return false; }else{ console.log('passed'); return true; } }); } }, my response standard validation failed response. { "error": "e_validation", "status": 400, "summary": "1 attribute invalid", "model": "post", "invalidattributes": { "owner": [ { "rule": "isuservalid", ...
Read more

php - Find a regex to take part of Email -

i have following emails need extract part from: bestellnummer xxx: 1 von xxx, 1er pack ------------- anfang der nachricht ------------- foo bar baz foo bar baz // <<<<< need text here ------------- ende der nachricht ------------- ------------- anfang der nachricht ------------- foo bar baz foo bar baz ------------- ende der nachricht ------------- there 0 unlimited occurences of ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- and i'm able extract first part regex: $re = "/------------- .*? -------------.?(.*?).?------------- .*? -------------/s"; but, i'm quite new on learning regex, i'm pretty sure there must better regex extract part (foo bar baz foo bar baz) of text between ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- as can in different languages, i'm using .? to match between hyphens. i...
Read more