Recently I had to work with a big old project that uses Retrofit 1, okhttp3, jobManager and Picasso 2.71828

The application receives data from the server. Interaction logic: the user logs in, receives the token, the refresh token. They are stored in the SharedPreferences with shHelper. With a token, he can send requests (somewhere he is in the url, and somewhere in the body), with the help of refresh token the user can get a new token if the session is reset or the token is rotten.

Authorization errors (401) are processed by the okhttp3 authenticator, which we managed to use with Picasso. But there was a problem - Picasso if there are several pictures on the screen - sends several requests in succession, simultaneously or almost simultaneously, and since they all immediately receive the answer 401, if the token is rotten, the authenticator immediately sends the same number of requests for updating the token. Is there some elegant way to wait for the token to be updated and then repeat the requests for the rest of the pictures? Now it happens as follows - having received an error 401, the token is reset to zero (token = "") and all other streams that fall into the authenticator checking if (token == "") execute Thread.sleep () and I am very dissatisfied with it

private Authenticator getAuthenticator() {
        return (route, response) -> {
            if (errorCount > 3){
                return null;
            }

            if (response.request().url().toString().endsWith("/refreshToken")) {
                Log.d(TAG, "getAuthenticator: " + "refreshToken");
                PasswordRepeatActivity.start(context);
                return null;
            }

            if (response.request().url().toString().endsWith("/auth")) {
                String message = "Попробуйте позже";
                try {
                    com.google.gson.Gson gson = Gson.builder().create();
                    ApiResponse apiError = gson.fromJson(response.body().string(), ApiResponse.class);
                    message = apiError.getMessage();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                throw new IOException(message);
            }

            String login = spHelper.getCurrentLogin();
            Auth auth = spHelper.getAuth(login);
            String token = auth.getToken();
            HttpUrl oldUrl = response.request().url();

            //if token is empty - repeat checking after some time
            Log.d(TAG, "getAuthenticator: token ==" + token);
            if (token != null && token.isEmpty()) {
                boolean isEmpty = true;
                while (isEmpty){
                    try {
                        Log.d(TAG, "Authenticator: sleeping...");
                        Thread.sleep(500);

                        String mToken = spHelper.getAuth(login).getToken();
                        if (mToken!= null && !mToken.isEmpty()){
                            isEmpty = false;
                        }
                        Log.d(TAG, "Authenticator: check if token is refreshed");
                        if (!mToken.isEmpty() && oldUrl.toString().contains("token") && !mToken.equals(oldUrl.queryParameter("token"))) {
                            Log.d(TAG, "Authenticator: token is valid, token: " + mToken);
                            return getRefreshedUrlRequest(mToken, oldUrl);
                        }
                    } catch (InterruptedException e) {
                        e.printStackTrace();
                        return response.request();
                    }
                }

                return response.request();
            } else if (oldUrl.toString().contains("token") && !token.equals(oldUrl.queryParameter("token"))) {
                Log.d(TAG, "Authenticator: token is valid, token: " + token);
                return getRefreshedUrlRequest(token, oldUrl);
            } else {

                auth.clearToken();
                spHelper.putAuth(login, auth);

                String refreshToken = auth.getRefreshToken();
                RefreshRequest refreshRequest = new RefreshRequest(refreshToken);
                try {
                    AuthResponse refreshResponse = dataApi.refresh(refreshRequest);
                    errorCount = 0;
                    Auth newAuth = refreshResponse.getResponse();
                    spHelper.putAuth(login, newAuth);

                    Request request = response.request();
                    RequestBody requestBody = request.body();
                    String newToken = newAuth.getToken();

                    Log.d(TAG, "Authenticator: token refreshed, old token: " + token + " -> " + "new token : " + newToken);
                    if (oldUrl.toString().contains("token")) {
                        return getRefreshedUrlRequest(newToken, oldUrl);
                    }
                    if (requestBody != null
                            && requestBody.contentType() != null
                            && requestBody.contentType().subtype() != null
                            && requestBody.contentType().subtype().contains("json")) {
                        requestBody = processApplicationJsonRequestBody(requestBody, newToken);
                    }
                    if (requestBody != null) {
                        Request.Builder requestBuilder = request.newBuilder();
                        request = requestBuilder
                                .post(requestBody)
                                .build();
                    } else {
                        LoginActivity.show(context);
                    }
                    return request;
                } catch (RequestException e) {
                    AtlasPatienteLog.d(TAG, "Can't refresh token: " + e.getMessage());
                    return response.request();
                }
            }
        };
    }

I'm looking for ways after the first error 401 to send one request to refresh the token and wait for it with all other threads, and then send requests with a new token. Besides waiting for the updated token in the authenticator, is there any way to simplify this code somehow? Now this method is about 100 lines long and every time it is necessary to change it - even reading and keeping logic in your head becomes a problem.

So, after some time and some tries I made the part of authenticator syncronized on some lock object. Now only one thread at the time can access authenticator. So, if token need to bs refreshed - it will be, and after refreshing all of the threads waiting for new token will repeat their calls with new token. Thanks @Yuri Schimke for sharing very usefull information.

private Authenticator getAuthenticator() {
        return (route, response) -> {
            String responseUrl = response.request().url().toString();
            if (responseUrl.endsWith("/refreshToken") ) {
                Log.d(TAG, "getAuthenticator: " + "refreshToken");
                PasswordRepeatActivity.start(context);
                return null;
            }
            if (responseUrl.endsWith("/auth")) {
                String message = "Попробуйте позже";
                try {
                    com.google.gson.Gson gson = Gson.builder().create();
                    ApiResponse apiError = gson.fromJson(response.body().string(), ApiResponse.class);
                    message = apiError.getMessage();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                throw new IOException(message);
            }
            synchronized (LOCK) {
                String login = spHelper.getCurrentLogin();
                Auth auth = spHelper.getAuth(login);
                String token = auth.getToken();
                HttpUrl oldUrl = response.request().url();

                if (oldUrl.toString().contains("token") && !token.equals(oldUrl.queryParameter("token"))) {
                    Log.d(TAG, "Authenticator: token is valid, token: " + token);
                    return getRefreshedUrlRequest(token, oldUrl);
                } else {
                    String refreshToken = auth.getRefreshToken();
                    RefreshRequest refreshRequest = new RefreshRequest(refreshToken);
                    try {
                        AuthResponse refreshResponse = dataApi.refresh(refreshRequest);
                        Auth newAuth = refreshResponse.getResponse();
                        spHelper.putAuth(login, newAuth);

                        Request request = response.request();
                        RequestBody requestBody = request.body();
                        String newToken = newAuth.getToken();

                        Log.d(TAG, "Authenticator: token refreshed, old token: " + token + " -> " + "new token : " + newToken);
                        if (oldUrl.toString().contains("token")) {
                            return getRefreshedUrlRequest(newToken, oldUrl);
                        }
                        if (requestBody != null
                                && requestBody.contentType() != null
                                && requestBody.contentType().subtype() != null
                                && requestBody.contentType().subtype().contains("json")) {
                            requestBody = processApplicationJsonRequestBody(requestBody, newToken);
                        }
                        if (requestBody != null) {
                            Request.Builder requestBuilder = request.newBuilder();
                            request = requestBuilder
                                    .post(requestBody)
                                    .build();
                        } else {
                            LoginActivity.show(context);
                        }
                        return request;
                    } catch (RequestException e) {
                        AtlasPatienteLog.d(TAG, "Can't refresh token: " + e.getMessage());
                        PasswordRepeatActivity.start(context);
                        return null;
                    }
                }
            }
        };
    }

1 Answers

0
Yuri Schimke On

With just OkHttp, you will generally need to handle this complexity in your app whether that is outside the call, in an Authenticator or inside a proactively authenticating Interceptor. Concurrency isn't handled for you in these cases either.

Discussed here

https://github.com/square/okhttp/issues/3714#issuecomment-350469364

Make sure to make a synchronous refresh call, as an async call may not have a free thread to execute on.

the answer from @swankjesse was that if you make a sync call in an interceptor, then you are tying up a thread, but won't deadlock because it doesn't need to grab another thread and doesn't hold a lock during that time.

Some blogs on similar topics

https://objectpartners.com/2018/06/08/okhttp-authenticator-selectively-reauthorizing-requests/

https://medium.com/@sandeeptengale/problem-solved-2-access-token-refresh-with-okhttp-authenticator-5ccb798ede70

https://blog.coinbase.com/okhttp-oauth-token-refreshes-b598f55dd3b2