Interceptor sends request with expired token
See original GitHub issueDescribe the bug
The interceptor sends requests with expired tokens even when useSilentRefresh
is seems like the token expired event is never triggered (tab in the background), to avoid this, we could check (when useSilentRefresh
) that the token is not expired yet, and if so clear the access_token
and refresh before sending the request.
Expected behavior
When useSilentRefresh
the user shouldn’t ensure that it’s token is valid before sending requests
Issue Analytics
- State:
- Created 3 years ago
- Reactions:5
- Comments:19
Top Results From Across the Web
Using Axios interceptors for refreshing your API token.
After the token expires, you'll need to request a new token using the refresh token. Then, you need to use the freshly retrieved...
Read more >Angular 12 Refresh Token with Interceptor and JWT example
– When the Access Token is expired, Angular automatically sends Refresh Token request, receives new Access Token and uses it for new request....
Read more >JWT expired token handling with Angular Interceptor keeps ...
I have an interceptor in Angular that I am using to refresh a token if it is expired, but the application seems to...
Read more >Is Your Token Expired? how to refresh? - LinkedIn
One Of the Security factors when you call an API from the Android side that is you send the token in your request...
Read more >Angular: Using HTTPInterceptor for token refreshing - Medium
After sending reload request we can catch one more error and do some stuff with it. Good job! We've done it! Now our...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@bjornharvold I confirm that I do this after calling
loadDiscoveryDocumentAndTryLogin
when the token is still not valid 👍@santosmken Smart ! I think your piece of code fixes an authentication issue I do have when I am pausing the application while debugging. Cheers 🎉
@bjornharvold I can confirm that it works. I just missed before having an if statement to check if the access token is still valid. And that is the correct place to remove the storage keys.
Steps will be:
loadDiscoveryDocumentAndTryLogin()
!this.oauthService.hasValidAccessToken()
(falsy)this.AUTH_STORAGE_ITEMS.map((item: string) => { sessionStorage.removeItem(item); });
Additional note that I also have this event for removing the storage keys.
if (event.type === 'token_refresh_error') { this.AUTH_STORAGE_ITEMS.map((item: string) => { sessionStorage.removeItem(item); }); }