Correctly handle token refreshes with Google #11
Assignees
Labels
enhancement
New feature or request
Comments
mattrayner
added a commit
that referenced
this issue
Apr 7, 2024
…ort-to-tokens #11 As part of being a good API citizen, instead of getting a new token at expiry, we should refresh the one we have
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Currently every time the Google token expires, we are creating a new one, sending the user creds to Google and receiving a token in response. We should behave like good API citizens and instead, refresh the token.
Describe the solution you'd like
We should identify wether or not a token has expired (or is neat expiry) and change the request that we send to be a 'refresh' rather than a new authorisation.
We will need to handle the various errors that can be sent by Google as part of the refresh, and use these to inform the user of issues. Additionally, we should have automatic re-auth. In instances where we are able to, we should attempt a 'full' re-authentication when the refresh fails.
Describe alternatives you've considered
We could leave the system as it is... It works, but we should always strive to be better, and leaving it is certainly not best practices.
Additional context
After Pod Point changed their auth system to Google, the ability to refresh opened up.
The text was updated successfully, but these errors were encountered: