I integrated the witter login in android. But on response it always returning me in the logcat:
code=400, message=Bad Request
and
"data":"{\"+clicked_branch_link\":false,\"+is_first_session\":false}",
I am to see the token, secret value in logcat if I printed it. But response returning 400 always. I used here branch IO for deep linking.
public void attachTwitter(String token, String secret) {
apiService.attachTwitterAccount(PreferenceHandler.readString(EditProfileActivity.this, SIGNIN_ID, ""),
token, secret, "twitter").enqueue(new Callback<Object>() {
#Override
public void onResponse(Call<Object> call, Response<Object> response) {
Log.i("accessToken", "onResponse");
if (!response.isSuccessful()) {
try {
JSONObject object = new JSONObject(response.errorBody().string());
JSONObject error = object.optJSONObject("error");
String code = error.optString("code");
String description = error.optString("description");
if (code.equalsIgnoreCase("338")) {
showCustomDialog(EditProfileActivity.this, string(R.string.server_error_description_338));
switchTwitter.setChecked(false);
}
} catch (Exception e) {
}
}
}
#Override
public void onFailure(Call<Object> call, Throwable t) {
Log.i("accessToken", "onFailure");
switchTwitter.setChecked(false);
}
});
}
attachTwitterAccount methods code is:
#FormUrlEncoded
fun attachTwitterAccount(#Field("id") id: String,
#Field("authToken") token: String,
#Field("authSecret") authSecret: String,
#Field("typeAttach") typeAttach: String): Call<Any>
Can anyone please advise how I can fix this issue?
A Bad request means that the request that you are sending to the server is not in the way or form it is expecting. What do the docs say about that request? is it a Post? a Get?. If it is a POST then you should send a Body.
To send a body and a POST you first need to create a class for the body. In Kotlin it would be something like this:
class Body(var id: String,
var authToken: String,
var authSecret: String,
var accomplished: Double,
var typeAttach: String
)
Then you call the body in your request:
#POST("post value which")
fun attachTwitterAccount(#Body body:Body): Call<Any>
Finally you call it from your attach Twitter function. You create your Body instance and then pass it as argument.
If you are still getting the same error, check the Twitter docs, you might be missing something.
Its always a good idea to try that same call to the server in other enviroment (such as Postman) and see if it works there? this is a good way of determining if the problem is in the server side or in your application side.
Let me know if it works
Related
I have a basic Retrofit setup for network requests. I have the following Authenticator that is added to the chain. It basically tries to refresh access token when authorization error (401) occurs.
class TokenAuthenticator(private val api: MyApi) : Authenticator {
override fun authenticate(route: Route?, response: Response): Request? {
val retrofitResponse = api.refreshAccessToken("my refresh token here"))
val refreshResponse= retrofitResponse.blockingGet()
return if(refreshResponse != null) {
response.request().newBuilder()
.header(Const.HEADER_AUTHORIZATION, "Bearer " + refreshResponse.accessToken)
.build()
} else {
return null
}
}
}
The problem is my server might return 401 not only for authroization issues but also for some other cases. For example, i might get response with 401 if user phone number already exists in the database. Server returns me error_code paramter to differentiate this type of issues:
error_code = "token_expired" -> authoriation issue. shows that access token expired.
error_code = "phone_exists" -> shows phone number entered already exsits in the database.
So, I need to be able to check for this paramter before deciding that error was access token refresh error. How can I do that?
Currently, since I have not been able to check for that paramter, my app thinks that 401 is an authroization issue and continuously trying to refresh the access token even though my access token is not expired.
we had similar issue in our project, it may be a little mess because of hard-coded url but i think it is okey
we check the request's url and if it matched with the refresh token url then we start process of getting new token
Do you mean ErrorInterceptor?
import okhttp3.Interceptor
import okhttp3.Response
class ErrorInterceptor: Interceptor {
override fun intercept(chain: Interceptor.Chain?): Response {
val originalResponse = chain!!.proceed(chain.request())
if (shouldLogout(originalResponse)) {
// your logout logic here
// send empty response down the chain
return Response.Builder().build()
}
return originalResponse
}
private fun shouldLogout(response: Response) : Boolean {
if (response.isSuccessful) {
return false
}
// 401 and auth token means that we need to logout
return (response.code() == 401 &&
!response.headers().names().contains(AUTH_HEADER_KEY))
}
}
Have made a thorough searching to this particular problem but while implementing answers under each question I encountered, am still getting the same output:
End of input at line 1 column 1 path $
I perfomed my Request on PostMan and I got expected output:
Here is the Screenshot of the Postman Request
Interfaces
#POST(Constant.API_REQUEST)
Observable<ServerResponse> postToWinnersList(#Body ServerRequest serverRequest);
ApiClient
public class ApiClient {
public static Retrofit retrofit;
private static OkHttpClient.Builder okHttpClientBuilder;
private static HttpLoggingInterceptor loggingInterceptor;
public static Retrofit getApiClient(){
if (retrofit == null){
// create instance of Httpclient
okHttpClientBuilder = new OkHttpClient.Builder();
loggingInterceptor = new HttpLoggingInterceptor();
loggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
if(BuildConfig.DEBUG){
okHttpClientBuilder.addInterceptor(loggingInterceptor);
}
// instance of retrofit
retrofit = new Retrofit.Builder().baseUrl(Constant.BASE_URL).
addCallAdapterFactory(RxJava2CallAdapterFactory.create()).
addConverterFactory(GsonConverterFactory.create())
.client(okHttpClientBuilder.build())
.build();
}
return retrofit;
}
}
Retrofit/RxJava Request Code:
Observable<ServerResponse> response = apiInterface.postToWinnersList(serverRequest);
response.observeOn(AndroidSchedulers.mainThread())
.subscribeOn(Schedulers.io())
.subscribeWith(new DisposableObserver<ServerResponse>() {
#Override
public void onNext(ServerResponse serverResponse) {
AVLoadingIndicatorView1.setVisibility(View.GONE);
txtSubmitWinner.setVisibility(View.VISIBLE);
}
#Override
public void onError(Throwable e) {
AVLoadingIndicatorView1.setVisibility(View.GONE);
txtSubmitWinner.setVisibility(View.VISIBLE);
Toast.makeText(getApplicationContext(), e.getMessage(), Toast.LENGTH_LONG).show();
}
#Override
public void onComplete() {
showShortMsg(getString(R.string.submit_success));
}
});
Kindly help, thanks in Advance.
You can get this error when you are expecting an object in the response, but the API doesn't return anything other than result codes (200,...). Options:
- Check that the API really returns a ServerResponse.
- If you don't really need it to return anything, use Observable<Response<Void>> instead of Observable<ServerResponse>
You only get that error when something is wrong with your json response, Check again to make sure both the error response and correct response are well formatted.
Enter wrong credentials using postman and see what the output looks like.
Not sure but I think in Constant.API_REQUEST you are not appending "/".Let me know if it is right.
ex.#POST("index.php") // wrong
#POST("/index.php") //correct way
This error happens when an answer is void.
To correct this error make sure that in the return of the request there will be void.
Eg.
Interface whit kotlin
#POST("endPoint/")
fun relatarProblema(#Body serverRequest: ServerRequest ): Call<Void>
Don't forget to override the return type in the api call.
example whit Kotlin
call.enqueue (object: Callback <Void> {
override fun onResponse(call: Call<Void>, response: Response<Void>) {
}
override fun onFailure(call: Call<Void>, t: Throwable) {
}
})
When I used Coroutines what helped was to basically not return anything from the method:
#GET
#Headers("X-Requested-With:XMLHttpRequest")
suspend fun methodCall(
#Url url: String
)
I was getting the same exception yesterday and figured out that I was using a LogOutResponse data class as the expected response for the API, but then I got to know that the API doesn't return any JSON response corresponding to that data class, in fact, it didn't return anything in the body and only returned result code (200,300,400, etc). So I changed my implementation from:
#POST("logout")
suspend fun logout(): LogOutResponse
to
#POST("logout")
suspend fun logout(): Response<Unit>
Earlier retrofit tried to parse a JSON response at line 1 when there was no JSON there, that's why it threw that exception.
After the changes, the code worked fine as Response is a default retrofit class and Unit type inside it is of void type meaning we don't expect anything in return (no JSON body in response).
I want to authenticate a user (using his username and password) in an Android App using aerogear with a server using Keycloak. I haven't been able to do it, help me please.
I currently can authenticate the user without aerogear, but I want to use this library since it can help me to refresh the token when is needed.
I authenticate the user making a POST call to the server like this (but from android):
curl -X POST http://127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token
-H "Content-Type: application/x-www-form-urlencoded" -d "username=auser" -d 'password=apassword' -d 'grant_type=password'
-d 'client_id=clientId' -d 'client_secret=secret'
So the information I have is:
Authentication URL, ie http://127.0.0.1:8080/auth/realms/example/protocol/openid-connect/token
username, the username of the user
password, the password of the user
client_id, and client_secret of the Keycloak server
What I have tried with Aerogear is this:
private void authz() {
try {
AuthzModule authzModule = AuthorizationManager.config("KeyCloakAuthz", OAuth2AuthorizationConfiguration.class)
.setBaseURL(new URL("http://127.0.0.1:8080/"))
.setAuthzEndpoint("/realms/example/protocol/openid-connect/auth")
.setAccessTokenEndpoint("/realms/example/protocol/openid-connect/token")
.setAccountId("keycloak-token")
.setClientId("clientId")
.setClientSecret("secret")
.setRedirectURL("http://oauth2callback")
.setScopes(Arrays.asList("openid"))
.addAdditionalAuthorizationParam((Pair.create("grant_type", "password")))
.addAdditionalAuthorizationParam((Pair.create("username", "aUserName")))
.addAdditionalAuthorizationParam((Pair.create("password", "aPassword")))
.asModule();
authzModule.requestAccess(this, new Callback<String>() {
#Override
public void onSuccess(String o) {
Log.d("TOKEN ", o);
}
#Override
public void onFailure(Exception e) {
System.err.println("Error!!");
Toast.makeText(getApplicationContext(), e.getMessage(), Toast.LENGTH_LONG).show();
}
});
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
However this doesn't do anything. What I don't understand is:
How can I specify that I'm doing and OpenID Connect with Keycloak in Aerogear?
How and where can I send the username and password?
How can I specify the grant_type? (My HTTP POST to the server does not work if I don't include this, so it's important)
Any help would be very much appreciated
If you go with the standard Authorization Code flow with access type = public client (no clientSecret) then you may take a look at my example Android native app.
In short, you could open up a browser window in a WebView, get the authorization code by parsing the query parameter from the returned url and exchange it (the code) for the token via a POST request.
If you use Retrofit, then here is the REST interface:
interface IKeycloakRest {
#POST("token")
#FormUrlEncoded
fun grantNewAccessToken(
#Field("code") code: String,
#Field("client_id") clientId: String,
#Field("redirect_uri") uri: String,
#Field("grant_type") grantType: String = "authorization_code"
): Observable<KeycloakToken>
#POST("token")
#FormUrlEncoded
fun refreshAccessToken(
#Field("refresh_token") refreshToken: String,
#Field("client_id") clientId: String,
#Field("grant_type") grantType: String = "refresh_token"
): Observable<KeycloakToken>
#POST("logout")
#FormUrlEncoded
fun logout(
#Field("client_id") clientId: String,
#Field("refresh_token") refreshToken: String
): Completable
}
data class KeycloakToken(
#SerializedName("access_token") var accessToken: String? = null,
#SerializedName("expires_in") var expiresIn: Int? = null,
#SerializedName("refresh_expires_in") var refreshExpiresIn: Int? = null,
#SerializedName("refresh_token") var refreshToken: String? = null
)
And its instantiation:
val rest: IKeycloakRest = Retrofit.Builder()
.baseUrl("https://[KEYCLOAK-URL]/auth/realms/[REALM]/protocol/openid-connect/")
.addConverterFactory(GsonConverterFactory.create(GsonBuilder().setLenient().create()))
.addCallAdapterFactory(RxJava2CallAdapterFactory.create())
.build()
.create(IKeycloakRest::class.java)
I am using AeroGear as well, and I notice I had the same problem. Then what I did was (beside other configuration information as Tolis Emmanouilidis said) to add the Auth service in your Manifest.
Try adding <service android:name="org.jboss.aerogear.android.authorization.oauth2.OAuth2AuthzService"/> in your manifest
Once you do that, it is working properly and you can retrieve the Bearer token.
i have implemented it on my project inside my keycloakHelper class.
public class KeycloakHelper {
static
{
try
{
AuthorizationManager
.config("KeyCloakAuthz", OAuth2AuthorizationConfiguration.class)
.setBaseURL(new URL(EndPoints.HTTP.AUTH_BASE_URL))
.setAuthzEndpoint("/auth/realms/***/protocol/openid-connect/auth")
.setAccessTokenEndpoint("/auth/realms/ujuzy/protocol/openid-connect/token")
.setRefreshEndpoint("/auth/realms/***/protocol/openid-connect/token")
.setAccountId("account")
.setClientId("account")
.setRedirectURL("your base url")
.addAdditionalAuthorizationParam((Pair.create("grant_type", "password")))
.asModule();
PipeManager.config("kc-upload", RestfulPipeConfiguration.class)
.module(AuthorizationManager.getModule("KeyCloakAuthz"))
.requestBuilder(new MultipartRequestBuilder());
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void connect(final Activity activity, final Callback callback)
{
if (!DetectConnection.checkInternetConnection(activity))
return;
try {
final AuthzModule authzModule = AuthorizationManager.getModule("KeyCloakAuthz");
authzModule.requestAccess(activity, new Callback<String>()
{
#SuppressWarnings("unchecked")
#Override
public void onSuccess(String s)
{
callback.onSuccess(s);
}
#Override
public void onFailure(Exception e)
{
// authzModule.refreshAccess();
authzModule.isAuthorized();
if (!e.getMessage().matches(OAuthWebViewDialog.OAuthReceiver.DISMISS_ERROR))
{
//authzModule.refreshAccess();
authzModule.deleteAccount();
}
callback.onFailure(e);
}
});
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public static boolean isConnected()
{
return AuthorizationManager.getModule("KeyCloakAuthz").isAuthorized();
}
}
When you want user to login (input email & password)
public void LoginUser() {
KeycloakHelper.connect(getActivity(), new Callback() {
#Override
public void onSuccess(Object o) {
//YOU WILL GET YOUR TOKEN HERE IF USER IS ALREADY SIGNED IN.
//IF USER IS NOT SIGNED IN, AEROGEAR WILL PROMPT A WEBVIEW DIALOG
//WHERE THE USER WILL INPUT THERE EMAIL AND PASSWORD
}
#Override
public void onFailure(Exception e) {
}
});
}
Happy coding :)
I'm using Retrofit to make a POST Request in my web server.
However, I can't seem to get the response body when the response status is 422 (unprocessable entity). The response body is always null.
I want to know if I'm doing something wrong or if there's a workaround for this. Because I'm using the same json in the request with Postman, and it returns the body normally.
This is the method:
#Headers("Content-Type: application/vnd.api+json")
#POST("my_endpoint")
Call<JsonObject> postEntry(#Header("Authorization") String authorization, #Body JsonObject json);
The body is a JsonObject, I'm not serializing like the documentation say. But I don't think this is the problem.
By default, when your server is returning an error code response.body() is always null. What you are looking for is response.errorBody(). A common approach would be something like this:
#Override
public void onResponse(Response<JsonObject> response, Retrofit retrofit) {
if (response.isSuccess()) {
response.body(); // do something with this
} else {
response.errorBody(); // do something with that
}
}
If you need something advanced take a look at Interceptors and how to use them
I got the same error. My API was working using POSTMAN request but not working from Android retrofit call.
At first I was trying using #Field but it was getting error but later I've tried with #Body and it worked.
Sample Retrofit interface call
#POST("api/v1/app/instance")
Call<InstanceResponse> updateTokenValue(
#HeaderMap Map<String, String> headers,
#Body String body);
and API calling code is:
Map<String, String> headerMap=new HashMap<>();
headerMap.put("Accept", "application/json");
headerMap.put("Content-Type", "application/json");
headerMap.put("X-Authorization","access_token");
Map<String, String> fields = new HashMap<>();
fields.put("app_name", "video");
fields.put("app_version", "2.0.0");
fields.put("firebase_token", "token");
fields.put("primary", "1");
ApiInterface apiInterface = ApiClient.getApiClient().create(ApiInterface.class);
Call<InstanceResponse> call = apiInterface.updateTokenValue(
headerMap,new Gson().toJson(fields));
Well in this case you'll have to convert the response.
Have a look at this link
All the steps are already provided in the link above.
For Kotlin users here is the code solution.
ErrorResponse.kt (This obviously depends on your error response)
import com.squareup.moshi.Json
data class ErrorResponse(
#Json(name="name")
val name: String? = null,
#Json(name="message")
val message: String? = null,
#Json(name="errors")
val errors: Errors? = null,
#Json(name="statusCode")
val statusCode: Int? = null
)
ApiFactory.kt (Let me know if you need the entire code)
fun parseError(response: Response<*>): ErrorResponse {
val converter = ApiFactory.retrofit()
.responseBodyConverter<ErrorResponse>(
ErrorResponse::class.java, arrayOfNulls<Annotation>(0)
)
val error: ErrorResponse
try {
error = converter.convert(response.errorBody()!!)!!
} catch (e: IOException) {
e.printStackTrace()
return ErrorResponse()
}
return error
}
and in the Presenter (I use MVP)
GlobalScope.launch(Dispatchers.Main) {
try {
val response = ApiFactory.apiService.LOGIN(username, password)
.await()
val body = response.body()
body?.let {
// Handle success or any other stuff
if (it.statusCode == 200) {
mView.onSuccess(it.data!!)
}
} ?:
// This is the else part where your body is null
// Here is how you use it.
// Pass the response for error handling
mView.showMessage(ApiFactory.parseError(response).message!!)
} catch (e: Exception) {
e.printStackTrace()
}
}
And thats how you roll it!
That's All Folks!
I am using OkHttp in my android application with several async requests. All requests require a token to be sent with the header. Sometimes I need to refresh the token using a RefreshToken, so I decided to use OkHttp's Authenticator class.
What will happen when 2 or more async requests get a 401 response code from the server at the same time? Would the Authenticator's authenticate() method be called for each request, or it will only called once for the first request that got a 401?
#Override
public Request authenticate(Proxy proxy, Response response) throws IOException
{
return null;
}
How to refresh token only once?
Use a singleton Authenticator
Make sure the method you use to manipulate the token is Synchronized
Count the number of retries to prevent excessive numbers of refresh
token calls
Make sure the API calls to get a fresh token and the
local storage transactions to save the new token in your local stores are not asynchronous. Or if you want to make them asynchronous make sure you to you token related stuff after they are completed.
Check if the access token is refreshed by another thread already to
avoid requesting a new access token from back-end
Here is a sample in Kotlin
#SingleTon
class TokenAuthenticator #Inject constructor(
private val tokenRepository: TokenRepository
) : Authenticator {
override fun authenticate(route: Route?, response: Response): Request? {
return if (isRequestRequiresAuth(response)) {
val request = response.request()
authenticateRequestUsingFreshAccessToken(request, retryCount(request) + 1)
} else {
null
}
}
private fun retryCount(request: Request): Int =
request.header("RetryCount")?.toInt() ?: 0
#Synchronized
private fun authenticateRequestUsingFreshAccessToken(
request: Request,
retryCount: Int
): Request? {
if (retryCount > 2) return null
tokenRepository.getAccessToken()?.let { lastSavedAccessToken ->
val accessTokenOfRequest = request.header("Authorization") // Some string manipulation needed here to get the token if you have a Bearer token
if (accessTokenOfRequest != lastSavedAccessToken) {
return getNewRequest(request, retryCount, lastSavedAccessToken)
}
}
tokenRepository.getFreshAccessToken()?.let { freshAccessToken ->
return getNewRequest(request, retryCount, freshAccessToken)
}
return null
}
private fun getNewRequest(request: Request, retryCount: Int, accessToken: String): Request {
return request.newBuilder()
.header("Authorization", "Bearer " + accessToken)
.header("RetryCount", "$retryCount")
.build()
}
private fun isRequestRequiresAuth(response: Response): Boolean {
val header = response.request().header("Authorization")
return header != null && header.startsWith("Bearer ")
}
}
I see here two scenarios based on how API which you call works.
First one is definitely easier to handle - calling new credentials (e.g. access token) doesn't expire old one. To achieve it you can add an extra flag to your credentials to say that credentials are being refreshed. When you got 401 response, you set flag to true, make a request to get new credentials and you save them only if flag equals true so only first response will be handled and rest of them will be ignored. Make sure that your access to flag is synchronized.
Another scenario is a little bit more tricky - every time when you call new credentials old one are set to be expired by server side. To handle it you I would introduce new object to be used as a semafore - it would be blocked every time when 'credentials are being refreshed'. To make sure that you'll make only one 'refresh credentials' call, you need to call it in block of code which is synchronized with flag. It can look like it:
synchronized(stateObject) {
if(!stateObject.isBeingRefreshed) return;
Response response = client.execute(request);
apiClient.setCredentials(response.getNewCredentials());
stateObject.isBeingRefreshed = false;
}
As you've noticed there is an extra check if(!stateObject.isBeingRefreshed) return; to cancel requesting new credentials by following requests which received 401 response.
In my case I implemented the Authenticator using the Singleton pattern. You can made synchronized that method authenticate. In his implementation, I check if the token from the request (getting the Request object from Response object received in the params of authenticate method) is the same that the saved in the device (I save the token in a SharedPreferences object).
If the token is the same, that means that it has not been refresed yet, so I execute the token refresh and the current request again.
If the token is not the same, that means that it has been refreshed before, so I execute the request again but using the token saved in the device.
If you need more help, please tell me and I will put some code here.
This is my solution to make sure to refresh token only once in a multi-threading case, using okhttp3.Authenticator:
class Reauthenticator : Authenticator {
override fun authenticate(route: Route?, response: Response?): Request? {
if (response == null) return null
val originalRequest = response.request()
if (originalRequest.header("Authorization") != null) return null // Already failed to authenticate
if (!isTokenValid()) { // Check if token is saved locally
synchronized(this) {
if (!isTokenValid()) { // Double check if another thread already saved a token locally
val jwt = retrieveToken() // HTTP call to get token
saveToken(jwt)
}
}
}
return originalRequest.newBuilder()
.header("Authorization", getToken())
.build()
}
}
You can even write a unit test for this case, too! 🎉
Add synchronized to authenticate() method signature.
And make sure getToken() method is blocking.
#Nullable
#Override
public synchronized Request authenticate(Route route, Response response) {
String newAccessToken = getToken();
return response.request().newBuilder()
.header("Authorization", "Bearer " + newAccessToken)
.build();
}
Make sure to use singleton custom Authenticator
When refreshing token successful return request with new token else return null.
class TokenAuthenticator(
private val sharedPref: SharedPref,
private val tokenRefreshApi: TokenRefreshApi
) : Authenticator,
SafeApiCall {
override fun authenticate(route: Route?, response: Response): Request? {
return runBlocking {
when (val tokenResponse = getUpdatedToken()) {
is Resource.Success -> {
val token = tokenResponse.data.token
sharedPref.saveToken(token)
response.request.newBuilder().header("Authorization", "Bearer $token").build()
}
else -> {
null
}
}
}
}
private suspend fun getUpdatedToken(): Resource<LoginResponse> {
return safeApiCall { tokenRefreshApi.refreshToken("Bearer ${sharedPref.getToken()}") }
}
}