h4. Epic target Motivation
Cover Currently when using Auth SDK users have limited ability to call server side work with the backend . We recently added methods to IOS[2] and retrieve fresh tokens Android SDK[1] in order to apply custom headers. We always use recent user.token to apply for the header, however this token gets outdated after 5 minutes.
However what we noticed is that this implementaiton is not enogh to provide support for keycloak Auth. When users login they recieve token. This token later outdates (by default 5 mintues) and server starts returning {code} "header": "HTTP/1.1 302 Found\r\nX-Powered-By: Express\r\nAccess-Control-Allow-Origin: *\r\nLocation: auth/realms/Memeolist/protocol/openid-connect/auth? Ideally all should be handled by SDK itself. {code}
Auth SDK do not provide support for that at the moment so users need to practically login every 5 minutes when token is outdated. This epic collect set of the tasks to resolve this problem and provide fully featured Auth SDK with token refresh functionality.
[1] https://github.com/aerogear/aerogear-android-sdk/blob/master/auth/src/main/java/org/aerogear/mobile/auth/AuthHeaderProvider.java#L30 [2] https://github.com/aerogear/aerogear-ios-sdk/blob/master/modules/auth/AuthHeaderProvider.swift#L20
See conversation for more context: https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/aerogear/bep0r2p8QcE/zEqoIex8AAAJ |
|