while login app i could get TOKEN, refresh token, and save it but i have no idea about when session end for token how to renew. how to add intercepter in it to renew token or some other method could be use ? here is my code
1- Api end point
#POST("identity/Identity/GetRefreshToken")
suspend fun refreshToken(): AuthTokenEntityDT0
2- AuthTokenEntityDT0 response
data class AuthTokenEntityDT0(
#SerializedName("accessToken") val accessToken: String,
#SerializedName("refreshToken") val refreshToken: String,
#SerializedName("statusCode") val statusCode: Int,
#SerializedName("statusMessage") val statusMessage: String,
)
3 - make request here
#Provides
#Singleton
fun provideAPIService(): ApiService {
val interceptor = HttpLoggingInterceptor()
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY)
val client: OkHttpClient = OkHttpClient.Builder()
.addInterceptor(interceptor)
.addInterceptor { chain ->
val original = chain.request()
val requestBuilder = original.newBuilder()
.addHeader("Content-Type", "application/json; charset=UTF-8")
.addHeader("user-agent","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36")
.addHeader("Authorization", "Bearer $access_token")
val request = requestBuilder.build()
chain.proceed(request)
}
.build()
val retrofit = Retrofit.Builder()
.baseUrl(NativeBaseUrl.getBaseUrl())
.client(client)
.addConverterFactory(GsonConverterFactory.create())
.build()
return retrofit.create(ApiService::
class.java)
}
#Provides
fun provideApiRepository(apiService: ApiService): ApiRepository {
return ApiRepositoryImpl(apiService)
}
4 -
issue: refreshToken Api Calling repeatedly how i can stop it and
moved forward although i have put Dispatcher for one request
to move forward like this
val interceptor = HttpLoggingInterceptor()
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY)
val dispatcher = Dispatcher()
dispatcher.maxRequests = 1
val client: OkHttpClient = OkHttpClient.Builder()
.addInterceptor(ForbiddenInterceptor(this))
.dispatcher(dispatcher)
.addInterceptor(interceptor)
.addInterceptor { chain ->
val original = chain.request()
val requestBuilder = original.newBuilder()
.addHeader("Content-Type", "application/json;
charset=UTF-8")
.addHeader("user-agent",
"Mozilla/5.0 (Macintosh; Intel Mac OS X
10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36")
.addHeader("Authorization", "Bearer $access_token")
val request = requestBuilder.build()
chain.proceed(request)
}
.build()
5- here is my intercepter
class ForbiddenInterceptor(var hIltModules: HIltModules) :
Interceptor {
#Throws(IOException::class)
override fun intercept(chain: Interceptor.Chain): Response {
val original = chain.request()
val response = chain.proceed(original)
if (response.code == 401) {
val responseRefreshTokens= runBlocking {
val originalRequests = chain.request()
val authenticationRequest = originalRequests.newBuilder()
.addHeader("refreshtoken", "${Constants.refreshToken}").build()
chain.proceed(authenticationRequest)
hIltModules.provideAPIService().refreshToken()
}
if (responseRefreshTokens.statusCode == 200) {
val originalRequests = chain.request()
val newAuthenticationRequest = originalRequests.newBuilder()
.removeHeader("refreshtoken")
.build()
access_token = responseRefreshTokens.accessToken
refreshToken = responseRefreshTokens.refreshToken
return chain.proceed(newAuthenticationRequest)
}
}
return chain.proceed(original)
}
}
I suggest you put your custom interceptor in its own class, like this:
class ForbiddenInterceptor : Interceptor {
#Throws(IOException::class)
override fun intercept(chain: Interceptor.Chain): Response {
val request: Request = chain.request()
val response: Response = chain.proceed(request)
if (response.code == 401) {
// this code section will run for every HTTP 401 response
}
return response
}
}
Then use this interceptor:
val client: OkHttpClient = OkHttpClient.Builder()
.addInterceptor(interceptor)
.addInterceptor(ForbiddenInterceptor())
.build()
Adding the interceptor to the OkHttpClient makes sure you'll intercept the calls and you can run your custom code, check if it's been rejected by the server.
As for renewing your token. You'll probably need to implement another service of the backend. I can only assume, but you'll have to use your accesToken feed it into an endpoint, the server will return a fresh refreshToken.
here is my full code that i have done for refresh token it may be helpful for some one
class AuthenticationInterceptorRefreshToken #Inject constructor(
var hIltModules: HIltModules,
) : Interceptor {
#Throws(IOException::class)
override fun intercept(chain: Interceptor.Chain): Response {
val originalRequest = chain.request()
val response = chain.proceed(originalRequest)
if (response.code == 401) {
synchronized(this) {
val originalRequest = chain.request()
val authenticationRequest = originalRequest.newBuilder()
.addHeader("refreshtoken", " $refreshToken")
.build()
val initialResponse = chain.proceed(authenticationRequest)
when (initialResponse.code) {
401 -> {
val responseNewTokenLoginModel = runBlocking {
hIltModules.provideAPIService().refreshToken()
}
when (responseNewTokenLoginModel.statusCode) {
200 -> {
refreshToken = responseNewTokenLoginModel.refreshToken
access_token = responseNewTokenLoginModel.accessToken
val newAuthenticationRequest = originalRequest.newBuilder()
.header("refreshtoken",
" $refreshToken")
.build()
return chain.proceed(newAuthenticationRequest)
}
else -> {
return null!!
}
}
}
else -> return initialResponse
}
}
}; return response
}
Related
I used retrofit2 to call API. But, when I called it, my app was just shut down. There are not errors in the Logcat. I googled it, but there is not a solution.
And Retrofit2 and converter-gson version is 2.9.0. I set internet permission in AndroidManifest.xml
MainActivity.kt
private fun loadMembers() {
val retrofit = Retrofit.Builder()
.baseUrl(MemberAPI.base_domain)
.addConverterFactory(GsonConverterFactory.create())
.build()
val retrofitService = retrofit.create(MemberInterface::class.java)
retrofitService
.getMember(Constants.api_key)
.enqueue(object: Callback<Member> {
override fun onResponse(call: Call<Member>, response: Response<Member>) {
val members = response.body() as Member
var names = ""
for (member in members.response.body.items.item) {
names += "\n${member.empNm}"
}
binding.text.text = names
}
override fun onFailure(call: Call<Member>, t: Throwable) {
Toast.makeText(baseContext, "실패", Toast.LENGTH_LONG).show()
}
})
}
Interface.kt
interface MemberInterface {
#GET("{api_key}&numOfRows=5&pageNo=1&_type=json")
fun getMember(#Path("api_key") Key: String): Call<Member>
}
Youtube
Video
Try to add an interceptor so you can see all calls logs (headers, body, URLs, etc...). The crash could be related with the parse of the JSON response to the object Member.
Add OkHtpp to your grade dependencies:
implementation "com.squareup.okhttp3:okhttp:5.0.0-alpha.2"
implementation "com.squareup.okhttp3:logging-interceptor:5.0.0-alpha.2"
And after that, when you create your Retrofit instance, add the interceptor, should look something like this:
val httpClient = OkHttpClient.Builder()
val interceptor = HttpLoggingInterceptor()
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY)
httpClient.addInterceptor(interceptor)
httpClient.addInterceptor(Interceptor { chain: Interceptor.Chain ->
val original: Request = chain.request()
val request: Request = original.newBuilder()
.header("Content-Type", "application/json")
.method(original.method, original.body)
.build()
chain.proceed(request)
})
val okHttpClient = httpClient.build()
val retrofit = Retrofit.Builder()
.baseUrl(MemberAPI.base_domain)
.client(okHttpClient)
.addConverterFactory(GsonConverterFactory.create())
.build()
my application crashes when I have no internet connection : I am looking for a method that handles any exception form the retrofit instance like server is not found exception Timeout No internet connection
RequestRepository : my repository which contain all my functions
class RequestRepository {
/** suspend function to get the result of token request*/
suspend fun getToken(userLoginModel: UserLoginModel): Response<TokenResponse> {
return ApiService.APILogin.getToken(userLoginModel)
}
ApiService : contain my Retofit instance
object ApiService {
private var token: String = ""
fun setToken(tk: String) {
token = tk
}
private val okHttpClient = OkHttpClient.Builder().connectTimeout(20, TimeUnit.SECONDS)
.readTimeout(20, TimeUnit.SECONDS).addInterceptor { chain ->
val chainRequest = chain.request()
val requestBuilder = chainRequest.newBuilder()
.addHeader("authorization", "Token $token")
.method(chainRequest.method, chainRequest.body)
val request = requestBuilder.build()
chain.proceed(request)
}.build()
var gson = GsonBuilder()
.setLenient()
.create()
private val retrofit by lazy {
Retrofit.Builder()
.baseUrl(LOGIN_URL)
.addConverterFactory(GsonConverterFactory.create(gson))
.client(okHttpClient)
.build()
}
val API: WebServicesApi by lazy {
retrofit.create(WebServicesApi::class.java)
}
WebServicesApi : my interface which contain my requests
interface WebServicesApi {
/** get the token from the API*/
#POST("user/login/")
suspend fun getToken(#Body userLoginModel: UserLoginModel): Response<TokenResponse>
}
LoginViewModel : my viewModel class
class LoginViewModel(private val repository: RequestRepository) : ViewModel() {
var tokenResponse: MutableLiveData<Response<TokenResponse>> = MutableLiveData()
/** using coroutine in getToken function to get the token */
fun getToken(userLoginModel: UserLoginModel) {
viewModelScope.launch(Dispatchers.IO) {
val tResponse = repository.getToken(userLoginModel)
tokenResponse.postValue(tResponse)
Log.d(TAG, "getToken: ${userLoginModel.password}")
}
}
}
You can add a Interceptor for handle error like this:
class GlobalErrorInterceptor : Interceptor {
override fun intercept(chain: Interceptor.Chain): Response {
val request = chain.request()
try {
val response = chain.proceed(request)
if (!response.isSuccessful) {
val statusCode = response.code
when (statusCode) {
//Your handle status code in here
}
}
return response
} catch (ex: IOException) {
// You can replace my code with your exception handler code
return Response.Builder().request(chain.request()).protocol(Protocol.HTTP_1_1)
.message("Can't connect!").code(500).body(
ResponseBody.create(
"application/json; charset=utf-8".toMediaTypeOrNull(),
""
)
).build()
}
}
}
And you must add this class to OkHttpBuider:
val httpBuilder = OkHttpClient.Builder()
......
httpBuilder.addInterceptor(GlobalErrorInterceptor())
Is there a way to remove a specific header after setting this kind of Interceptor :
public class AuthInterceptor : Interceptor {
override fun intercept(chain: Interceptor.Chain): Response {
val original: Request = chain.request()
val request: Request = original.newBuilder()
.addHeader(AppConstant.HEADER_APP_TOKEN, AppConfig.apptoken) //<-- need to remove this one for only one request
.addHeader(AppConstant.HEADER_SECURITY_TOKEN, AppConfig.security_token)
.method(original.method(), original.body())
.build()
return chain.proceed(request)
Here is my Retrofit instance :
object RetrofitClientInstance {
private val httpClient = OkHttpClient.Builder()
.addInterceptor(AuthInterceptor())
.addInterceptor(HttpLoggingInterceptor().setLevel(HttpLoggingInterceptor.Level.HEADERS))
private val retrofit = Retrofit.Builder()
.baseUrl(AppConstant.SERVER_BETA)
.addConverterFactory(GsonConverterFactory.create())
.client(httpClient.build())
.build()
fun <T> getRetrofitInstance(service: Class<T>): T {
return retrofit.create(service)
}
}
And this is my API Service :
interface ApiService {
#GET("/app/shoes")
fun getShoes() : Call<Shoes>
}
Thanks for your help :)
Do it the other way around. Add a header to API calls indicating whether to add auth headers or not. Like so:
interface ApiService {
#Headers("isAuthorizable: false")
#GET("/app/Socks")
fun getShoes() : Call<Socks>
#GET("/app/shoes")
fun getShoes() : Call<Shoes>
#GET("/app/sandals")
fun getShoes() : Call<Sandals>
}
Check the header in the Interceptor and add header if condition is satisfied. Like so:
public class AuthInterceptor : Interceptor {
override fun intercept(chain: Interceptor.Chain): Response {
val original: Request = chain.request()
val shouldAddAuthHeaders = original.headers["isAuthorizable"] != "false"
val requestBuilder = request
.newBuilder()
.method(request.method, request.body)
.removeHeader("isAuthorizable")
if (shouldAddAuthHeaders) {
requestBuilder.addHeader(AppConstant.HEADER_APP_TOKEN, AppConfig.apptoken)
.addHeader(AppConstant.HEADER_SECURITY_TOKEN, AppConfig.security_token)
}
return chain.proceed(requestBuilder.build())
}
}
Note: Using the same logic, one may specify requests for which auth headers are to be added instead of filtering out requests that do not require authentication. That is,
interface ApiService {
#GET("/app/Socks")
fun getShoes() : Call<Socks>
#Headers("isAuthorizable: true")
#GET("/app/shoes")
fun getShoes() : Call<Shoes>
#Headers("isAuthorizable: true")
#GET("/app/sandals")
fun getShoes() : Call<Sandals>
}
public class AuthInterceptor : Interceptor {
override fun intercept(chain: Interceptor.Chain): Response {
val original: Request = chain.request()
val shouldAddAuthHeaders = original.headers["isAuthorizable"] == "true"
val requestBuilder = request
.newBuilder()
.method(request.method, request.body)
.removeHeader("isAuthorizable")
if (shouldAddAuthHeaders) {
requestBuilder.addHeader(AppConstant.HEADER_APP_TOKEN, AppConfig.apptoken)
.addHeader(AppConstant.HEADER_SECURITY_TOKEN, AppConfig.security_token)
}
return chain.proceed(requestBuilder.build())
}
}
I am using retrofit for networking in my project. The problem is I have to call 2 requests from my first activity. It works fine but when the access token expires it has to refresh token. I have implemented a call using okhttp Authenticator. But it is calling multiple times and this error is showing too too many followup request 21
EDIT
I updated TokenAuthenticator class and added synchronized(). but it is returning from if (originalRequest.header("Authorization") != null) return null . I am following this answer https://stackoverflow.com/a/52513122/10243953
If i am removing if (originalRequest.header("Authorization") != null) return null this line then its working but in log report i see its calling for refresh token multiple times. How can i avoid this multiple time calls?
This is my Authenticator class
class TokenAuthenticator : Authenticator {
private val refreshTokenGrandType = "refresh_token"
private var oldToken: String? = null
private var newToken: String? = null
override fun authenticate(route: Route?, response: Response?): Request? {
oldToken = SharedPreferenceManager(MainApplication.applicationContext()).getToken()
if (response == null) return null
val originalRequest = response.request()
if (originalRequest.header("Authorization") != null) return null
if(!isTokenSaved()){
synchronized(this) {
RetrofitClient.client.create(Auth::class.java).refresh_token(
SharedPreferenceManager(MainApplication.applicationContext()).getRefreshToken()!!,
refreshTokenGrandType
).enqueue(object : Callback<Token> {
override fun onFailure(call: Call<Token>, t: Throwable) {
Toast.makeText(
MainApplication.applicationContext(),
t.message,
Toast.LENGTH_SHORT
).show()
Log.d("TokenAuth", t.message!!)
}
override fun onResponse(
call: Call<Token>,
response: retrofit2.Response<Token>
) {
if (response.isSuccessful) {
val body = response.body()
newToken = body!!.access_token
val refresh_token = body.refresh_token
SharedPreferenceManager(MainApplication.applicationContext()).accessToken(
newToken!!,
refresh_token
)
} else {
val error = response.errorBody()
Log.d("TokenAuthRes", error!!.string())
}
}
})
}
}
return originalRequest
.newBuilder()
.header(
"Authorization",
"Bearer ${SharedPreferenceManager(MainApplication.applicationContext()).getToken()}"
)
.build()
}
fun isTokenSaved() : Boolean{
if (newToken == null) return false
if (oldToken.equals(newToken)) return false
else return true
}
}
Retrofit client
object RetrofitClient {
private lateinit var interceptor : Interceptor
private lateinit var okHttpClient: OkHttpClient
private var retrofit : Retrofit? = null
val client : Retrofit
get(){
val context : Context = MainApplication.applicationContext()
interceptor = Interceptor { chain ->
val url = chain.request()
.url()
.newBuilder()
.build()
val request = chain.request()
.newBuilder()
.addHeader("Authorization","Bearer ${SharedPreferenceManager(context).getToken()}")
.url(url)
.build()
return#Interceptor chain.proceed(request)
}
okHttpClient = OkHttpClient.Builder()
.addInterceptor(interceptor)
.addInterceptor(NoInternetInterception(context))
.authenticator(TokenAuthenticator())
.connectTimeout(1, TimeUnit.MINUTES)
.build()
if (retrofit == null){
retrofit = Retrofit.Builder()
.client(okHttpClient)
.baseUrl(const.URL)
.addConverterFactory(GsonConverterFactory.create())
.build()
}
return retrofit!!
}
}
I'm trying to add apikey in the URL using custom interceptor but it's not adding the params in the URL so response body is null.
CustomInterceptor
class CustomInterceptor : Interceptor {
override fun intercept(chain: Interceptor.Chain): Response {
val url = chain.request().url().newBuilder()
.addQueryParameter("apiKey", API_KEY)
.build()
val request = chain.request().newBuilder()
.url(url)
.build()
return chain.proceed(request)
}
}
Client
class Client {
companion object {
const val API_KEY = "123123"
private const val apiUrl = "https://www.omdbapi.com/"
fun <T> create(service: Class<T>): T {
val client = OkHttpClient.Builder()
.addInterceptor(CustomInterceptor())
.build()
return Retrofit.Builder()
.baseUrl(apiUrl)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build()
.create(service)
}
}
}
IMovie
interface IMovie {
#GET("/")
fun searchMovie(#Query("s") query: String): Call<SearchResult>
}
After sending the request the response body is null and this is the
Actual URL:- https://www.omdbapi.com/?s=Man
Expected URL:- https://www.omdbapi.com/?s=Man&apikey=123123
First create a new httpUrl instance from the existing request adding your query parameter and value:
var request = chain.request()
val httpUrl = request.url().newBuilder().addQueryParameter("token", authToken).build()
Then update the request:
request = request.newBuilder().url(httpUrl).build()
and proceed with it:
return chain.proceed(request)
When you recall the request from the chain (the one you proceed with after manipulation) you are getting the unmodified request again.