Package com.janeirodigital.sai.authentication

Class AccessTokenRefresher

java.lang.Object
com.janeirodigital.sai.authentication.AccessTokenRefresher
All Implemented Interfaces:
okhttp3.Authenticator
public class AccessTokenRefresher extends Object implements okhttp3.Authenticator
Leverages the OkHttp Authenticator API to react to HTTP 401 Not Authorized responses that may arise as a result of an expired or invalid token. Tokens are obtained and refreshed through the AuthorizedSessionAccessor.

  • Nested Class Summary

    Nested classes/interfaces inherited from interface okhttp3.Authenticator

    okhttp3.Authenticator.Companion

  • Field Summary

    Fields inherited from interface okhttp3.Authenticator

    Companion, JAVA_NET_AUTHENTICATOR, NONE

  • Constructor Summary

    Constructors
    Constructor
    Description
    AccessTokenRefresher(AuthorizedSessionAccessor sessionAccessor)
    Construct a new AccessTokenRefresher

  • Method Summary

    Modifier and Type
    Method
    Description
    okhttp3.Request
    authenticate(okhttp3.Route route, okhttp3.Response response)
    In the event that a request receives a 401 Unauthorized, this method will be automatically called by the OkHttp client (if added during client initialization).
    protected okhttp3.Request
    replaceAuthorizationHeaders(okhttp3.Response response, AuthorizedSession session)
    Removes any existing authorization headers from the request and adds the updated ones.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

  • Method Details

    • authenticate

      public okhttp3.Request authenticate(okhttp3.Route route, @NotNull okhttp3.Response response)
      In the event that a request receives a 401 Unauthorized, this method will be automatically called by the OkHttp client (if added during client initialization). If the origin request had provided credentials in the authorization headers, this method will attempt to lookup the corresponding authorized session the token was sourced from, and refresh it for a valid one (choosing the appropriate refresh mechanism based on the protocol associated with the authorized session). This authenticator blocks all requests while an updated token is being obtained. In-flight requests that fail with a 401 are automatically retried.
      Specified by:
      authenticate in interface okhttp3.Authenticator
      Parameters:
      route - Optional OkHttp Route
      response - OkHttp Response
      Returns:
      OkHttp Request with updated token in Authorization header

    • replaceAuthorizationHeaders

      protected okhttp3.Request replaceAuthorizationHeaders(okhttp3.Response response, AuthorizedSession session)
      Removes any existing authorization headers from the request and adds the updated ones. Supports auth schemes (like DPoP) that have multiple headers.
      Parameters:
      response - OkHttp Response (original 401)
      session - Refreshed session
      Returns:
      Updated OkHttp Request