okhttp-oauth2-client icon indicating copy to clipboard operation
okhttp-oauth2-client copied to clipboard

Published 20 hours ago verified publisher icon mimicmobile

Undesired multiple login attempts on failure [Feature request]

Open neworld opened this issue 5 years ago • 2 comments

I am using OAuth service, which supports only form data for password grant type. So, additional tries are wasting resources. OAuth service is throttling multiple requests and sometimes even block IP. A user is able to get a block 3 times easier.

I understand why this behavior is implemented. However, would be cool to configure them. I could implement it by myself. But I am needed agreement on API.

I would suggest adding:

public OAuth2Client.Builder failback(Failback failback) { .... }

enum Failback {
  FULL, BASIC_AUTH, AUTHORIZATION, NOTHING
}

Failback could be called RequestType as well.

Of course, the default behavior has to remain.

neworld avatar Oct 02 '18 14:10 neworld

I like this idea!

Failback would be good I think. Having failback default to the old (FULL) behavior and allow for an optional enum param would work.

The change could be entirely in AuthState.nextState()

corcoran avatar May 25 '19 22:05 corcoran

I submitted a pull request which expose the Authenticator to the builder so you can rather set it to the default behaviour or implement one yourself

avishaigurt-oviva avatar Jul 04 '19 16:07 avishaigurt-oviva