auth0-flutter icon indicating copy to clipboard operation
auth0-flutter copied to clipboard
verified publisher icon auth0

Add forceRefresh/forceRenewal to CredentialsManager.credentials() call

Open almusto opened this issue 2 years ago • 2 comments

Checklist

  • [X] I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • [X] I have looked into the API documentation and have not found a suitable solution or answer.
  • [X] I have searched the issues and have not found a suitable solution or answer.
  • [X] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • [X] I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

There are scenarios were we would like to renew the access token regardless of how much time is left on it. Right now the only way to accomplish this via the CredentialsManager is to pass in a minTtl that is greater than the current active token's TTL but less than the TTL of a newly generated token otherwise we will get an error. Right now with the SDK it's very awkward because there is no way to get the token life (unless I've missed something) except by taking the credentials.expiresAt value at time of generation and doing some time math.

Describe the ideal solution

There are a few solutions that could work.

  1. Add a Bool parameter to the credentials call with a default value of false such as forceRefresh or forceRenewal or ignoreCache .
  2. Create a separate call on the CredentialsManager like you all have already done in iOS and Android SDKs: https://github.com/auth0/Auth0.Android/pull/637 , https://github.com/auth0/Auth0.swift/pull/772
  3. Make it easier to get the access token life by storing it in the credentials object as something like tokenLife to match minTtl parameter we need to pass

Alternatives and current workarounds

As a work around for now we can do as I described in the problem description by calculating the token life of a newly generated token from the credentials.experiesAt and subtracting the current time and passing that into the minTtl parameter of the CredentialsManager.credentials() method.

Another work around would be to use api.renewCredentials call which doesn't require minTtl or any calculations. The problem is this bypasses the local auth/biometrics feature tied to access the credentials via the CredentialsManager.

Additional context

Thanks for your consideration!

almusto avatar Aug 02 '23 16:08 almusto

Hi @almusto, thanks for raising this.

While I don't have an ETA to share, I'll leave this open for future planning and reference.

Widcket avatar Aug 03 '23 11:08 Widcket

@Widcket may I ask if theres any new update to this ?

ngthailam avatar Jun 13 '24 14:06 ngthailam