AppAuth-iOS icon indicating copy to clipboard operation
AppAuth-iOS copied to clipboard
verified publisher icon openid

Tokens rotation with additional headers - helper functions

Open wojteklembryk opened this issue 1 year ago • 4 comments

Set of helpers to perform action with fresh tokens and additional headers in case of tokens rotation

wojteklembryk avatar Apr 22 '24 18:04 wojteklembryk

Hi @wojteklembryk, thanks for the PR! Would you be able to provide us with some info about your use case for such helper functions?

ywsang avatar Apr 22 '24 23:04 ywsang

@ywsang A use case here is Kinde uses a header value in the request to determine which SDK is making the request.

DanielRivers avatar Aug 19 '24 22:08 DanielRivers

Hi @wojteklembryk, thanks for the PR! Would you be able to provide us with some info about your use case for such helper functions?

I can say that DPoP implementation is one such case.

guilhermehmcarvalho avatar Oct 04 '24 13:10 guilhermehmcarvalho

Hi everyone, Apologies for the delayed response—I accidentally missed this thread.

@ywsang, there are several use cases that require passing additional headers during token rotation, such as:

  • DPoP, as mentioned by @guilhermehmcarvalho
  • Device fingerprinting
  • Bot protection
  • Passing additional metadata like the SDK version (as mentioned by @DanielRivers ) or device state
  • Tracing/observability

Overall, this PR does not introduce any new functionality; it simply exposes the changes introduced in https://github.com/openid/AppAuth-iOS/pull/770 by @mdmathias.

Thanks for your suport and great work 👍

wojteklembryk avatar Oct 13 '24 10:10 wojteklembryk