Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add forceRefresh/forceRenewal to CredentialsManager.credentials() call #299

Open
5 tasks done
almusto opened this issue Aug 2, 2023 · 2 comments
Open
5 tasks done

Add forceRefresh/forceRenewal to CredentialsManager.credentials() call #299

almusto opened this issue Aug 2, 2023 · 2 comments
Labels
feature request A feature has been asked for or suggested by the community

Comments

@almusto
Copy link

almusto commented Aug 2, 2023

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

There are scenarios were we would like to renew the access token regardless of how much time is left on it. Right now the only way to accomplish this via the CredentialsManager is to pass in a minTtl that is greater than the current active token's TTL but less than the TTL of a newly generated token otherwise we will get an error. Right now with the SDK it's very awkward because there is no way to get the token life (unless I've missed something) except by taking the credentials.expiresAt value at time of generation and doing some time math.

Describe the ideal solution

There are a few solutions that could work.

  1. Add a Bool parameter to the credentials call with a default value of false such as forceRefresh or forceRenewal or ignoreCache .
  2. Create a separate call on the CredentialsManager like you all have already done in iOS and Android SDKs: Added forceRefresh option to getCredentials Auth0.Android#637 , Add renew() to Credentials Manager [SDK-4300] Auth0.swift#772
  3. Make it easier to get the access token life by storing it in the credentials object as something like tokenLife to match minTtl parameter we need to pass

Alternatives and current workarounds

As a work around for now we can do as I described in the problem description by calculating the token life of a newly generated token from the credentials.experiesAt and subtracting the current time and passing that into the minTtl parameter of the CredentialsManager.credentials() method.

Another work around would be to use api.renewCredentials call which doesn't require minTtl or any calculations. The problem is this bypasses the local auth/biometrics feature tied to access the credentials via the CredentialsManager.

Additional context

Thanks for your consideration!
@almusto almusto added the feature request A feature has been asked for or suggested by the community label Aug 2, 2023
@Widcket
Copy link
Contributor

Widcket commented Aug 3, 2023

Hi @almusto, thanks for raising this.

While I don't have an ETA to share, I'll leave this open for future planning and reference.

@ngthailam
Copy link

@Widcket may I ask if theres any new update to this ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request A feature has been asked for or suggested by the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Widcket @almusto @ngthailam