Skip to content

Add forceRefresh/forceRenewal to CredentialsManager.credentials() call #299

New issue
New issue
Open
Open
Add forceRefresh/forceRenewal to CredentialsManager.credentials() call#299
Labels
androidfeature requestA feature has been asked for or suggested by the communityios
@almusto

Description

@almusto
almusto
opened on Aug 2, 2023

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

There are scenarios were we would like to renew the access token regardless of how much time is left on it. Right now the only way to accomplish this via the CredentialsManager is to pass in a minTtl that is greater than the current active token's TTL but less than the TTL of a newly generated token otherwise we will get an error. Right now with the SDK it's very awkward because there is no way to get the token life (unless I've missed something) except by taking the credentials.expiresAt value at time of generation and doing some time math.

Describe the ideal solution

There are a few solutions that could work.

  1. Add a Bool parameter to the credentials call with a default value of false such as forceRefresh or forceRenewal or ignoreCache .
  2. Create a separate call on the CredentialsManager like you all have already done in iOS and Android SDKs: Added forceRefresh option to getCredentials Auth0.Android#637 , Add renew() to Credentials Manager [SDK-4300] Auth0.swift#772
  3. Make it easier to get the access token life by storing it in the credentials object as something like tokenLife to match minTtl parameter we need to pass

Alternatives and current workarounds

As a work around for now we can do as I described in the problem description by calculating the token life of a newly generated token from the credentials.experiesAt and subtracting the current time and passing that into the minTtl parameter of the CredentialsManager.credentials() method.

Another work around would be to use api.renewCredentials call which doesn't require minTtl or any calculations. The problem is this bypasses the local auth/biometrics feature tied to access the credentials via the CredentialsManager.

Additional context

Thanks for your consideration!

Metadata

Metadata

Assignees

No one assigned

    Labels

    androidfeature requestA feature has been asked for or suggested by the communityios

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions