How to refresh Api authorization token using Alamofire & rxSwift? - ios

I try to manage rxswift & Alamofire to get response.
These functions get response successfully when token is not expired.
But when the token is expired, I don't know how to refresh token and then retry to get response using new token.
What should I do to refresh token and retry?
I also read Alamofire documents, and I find "RequestAdapter" and "RequestRetrier".
Should I use RequestAdapter & RequestRetrier in my case?
But I dont know how to use them in my "getRequestJSON" function,
or have any good idea to refresh token and retry.
Thanks.
func get(_ callback: #escaping (JSON) -> Void) {
let url = "http://106.xx.xxx.xxx/user"
self.getRequestJSON( .get, url: url, params: [:], callback: { json in
callback(json)
})
}
func getRequestJSON(_ method: Alamofire.HTTPMethod, url:String, params:[String:Any] = [:], callback: #escaping (JSON) -> Void) {
var headers:[String:String] = [String:String]()
if token.isEmpty == false {
headers["Authorization"] = "Bearer \(token)"
}
let configuration = URLSessionConfiguration.default
configuration.httpAdditionalHeaders = SessionManager.defaultHTTPHeaders
configuration.timeoutIntervalForRequest = timeout
_ = SessionManager(configuration: configuration)
.rx.responseJSON(method,
url,
parameters: params,
encoding: ((method == .get) ? URLEncoding.default : JSONEncoding.default),
headers: headers)
.subscribeOn(SerialDispatchQueueScheduler.init(qos: .background))
.subscribe(onNext: { (r, data) in
if r.statusCode == 401 {
//token fail
}
let json = JSON(data)
if json["status"].stringValue == "successful" {
callback(json)
}else {
callback(json)
}
}, onError: { (error) in
callback(JSON(error))
})
.addDisposableTo(ResfulAPIDisposeBag)
}

Related

AuthenticationInterceptor(Alamofire5.2) retry process doesn't work well

I have a question about the AuthenticationInterceptor added in Alamofire 5.2.
I am using AuthenticationInterceptor to refresh the oAuth token.
https://github.com/Alamofire/Alamofire/blob/master/Documentation/AdvancedUsage.md#authenticationinterceptor
The code I'm trying is below.
struct OAuthCredential: AuthenticationCredential {
let accessToken: String
let refreshToken: String
let userID: String
let expiration: Date
// Require refresh if within 5 minutes of expiration
var requiresRefresh: Bool { Date(timeIntervalSinceNow: 60 * 5) > expiration }
}
class OAuthAuthenticator: Authenticator {
func apply(_ credential: OAuthCredential, to urlRequest: inout URLRequest) {
urlRequest.headers.add(.authorization(bearerToken: credential.accessToken))
}
func refresh(_ credential: OAuthCredential,
for session: Session,
completion: #escaping (Result<OAuthCredential, Error>) -> Void) {
// Request to refresh token
let request = Session.default.request(
URL(string: "URL for token refresh")!,
method: .patch,
parameters: ["refresh_token": credential.refreshToken]
)
request.responseJSON { response in
// Get new Credential information
// ~~~~~~
completion(.success(newCredential))
}
}
func didRequest(_ urlRequest: URLRequest,
with response: HTTPURLResponse,
failDueToAuthenticationError error: Error) -> Bool {
return response.statusCode == 401
}
func isRequest(_ urlRequest: URLRequest, authenticatedWith credential: OAuthCredential) -> Bool {
let bearerToken = HTTPHeader.authorization(bearerToken: credential.accessToken).value
return urlRequest.headers["Authorization"] == bearerToken
}
}
// ~~~~~~
let session = Session.default
let urlRequest = try! URLRequest(
url: URL(string: "https://api.example/docs")!,
method: .get
)
session.request(urlRequest, interceptor: interceptor).responseJSON { response in
// ~~~~~
}
What I don't know is whether didRequest and isRequest are sometimes called. I debugged while pasting a breakpoint when I got a 401 error, but it didn't stop at the above method.
The reason those methods weren't called was that they would always be returned on the line below.
https://github.com/Alamofire/Alamofire/blob/4f72b95b49c22e445e1866712f719698fa11c30c/Source/AuthenticationInterceptor.swift#L297
I couldn't find a case that didn't go through this line.
I would like to know the case where two methods are called.
try to call a .validate()
session.request(urlRequest, interceptor: interceptor).validate().responseJSON { response in
// ~~~~~
}

Authorization required error during braintree integration in swift

I am trying to integrate braintree payment method in my swift code, but I am stuck in here, it is breaking with an error
{"error":{"statusCode":401,"name":"Error","message":"Authorization Required","code":"AUTHORIZATION_REQUIRED"}}
I have doing exactly the same as mentioned in braintree documentation. I don't know which authorization it is demanding, I do have a authorization token assigned to user when he/she logins, I am wondering if it is demanding that authorization token, but there is no such parameter in this code where I should place that token to generate client's token for payment method. Here the print statement when exeuted gives me this in log, "client Token is :
{"error":{"statusCode":401,"name":"Error","message":"Authorization Required","code":"AUTHORIZATION_REQUIRED"}}", I am bit confused in its calling also. I have just started these thing so I am very sorry I have done any obvious mistake. Thanks.
// TODO: Switch this URL to your own authenticated API
let clientTokenURL = NSURL(string: "https://braintree-sample-
merchant.herokuapp.com/client_token")!
let clientTokenRequest = NSMutableURLRequest(url:
clientTokenURL as URL)
clientTokenRequest.setValue("text/plain", forHTTPHeaderField:
"Accept")
URLSession.shared.dataTask(with: clientTokenRequest as
URLRequest) { (data, response, error) -> Void in
// TODO: Handle errors
if let error = error {
print("Error: \(error.localizedDescription)")
} else {
print("in Session")
let clientToken = String(data: data!, encoding:
String.Encoding.utf8)!
print("Client Token is : \(clientToken)")
}
}.resume()
}
One have to give authorization token in headers to avoid this error. Rather than that, this version of code will work fine.
completionHandler:#escaping (_ response: NSDictionary?, _ error: Error?) -
> ()) {
var headers: HTTPHeaders
// pass the authToken when you get when user login
let authToken = getAuthorizationToken()
if(self.isValidString(object: authToken as AnyObject)) {
headers = ["Authorization": authToken,
"Content-Type": "application/json",
"Accept": "application/json"]
} else {
headers = ["Content-Type": "application/json"]
}
AF.request(apiURL, method: .get, parameters: params as? Parameters,
encoding: JSONEncoding.default, headers: headers).validate().responseJSON
{
response in
self.handleResposne(response: response) { (response, error) in
completionHandler(response, error)
}
}
}

How to retry request with Alamofire?

Is there a way, in Alamofire, to re-send the request if the response code from the first request is 401, where I can refresh the token and retry my request again?
The problem is that I'm using MVVM and also completion handler already.
In my ViewModel the request function looks like:
public func getProfile(completion: #escaping (User?) -> Void) {
guard let token = UserDefaults.standard.value(forKey: Constants.shared.tokenKey) else { return }
let headers = ["Authorization": "Bearer \(token)"]
URLCache.shared.removeAllCachedResponses()
Alamofire.request(Constants.shared.getProfile, method: .get, parameters: nil, encoding: URLEncoding.default, headers: headers).responseJSON { (response) in
switch response.result {
case .success:
guard let data = response.data else { return }
if JSON(data)["code"].intValue == 401 {
// here I need to refresh my token and re-send the request
} else {
let user = User(json: JSON(data)["data"])
completion(user)
}
completion(nil)
case .failure(let error):
print("Failure, ", error.localizedDescription)
completion(nil)
}
}
}
and from my ViewController I call it like:
viewModel.getProfile { (user) in
if let user = user {
...
}
}
So I do not know how can retry my request without using a new function, so I can still get my user response from completion part in my ViewController.
Maybe someone can show me the right path.
Thanks in advance!
To retry a request create a Request wrapper and use the RequestInterceptor protocol of Alamofire like this
final class RequestInterceptorWrapper: RequestInterceptor {
// Retry your request by providing the retryLimit. Used to break the flow if we get repeated 401 error
var retryLimit = 0
func retry(_ request: Request, for session: Session, dueTo error: Error, completion: #escaping (RetryResult) -> Void) {
guard let statusCode = request.response?.statusCode else { return }
switch statusCode {
case 200...299:
completion(.doNotRetry)
default:
if request.retryCount < retryLimit {
completion(.retry)
return
}
completion(.doNotRetry)
}
}
//This method is called on every API call, check if a request has to be modified optionally
func adapt(_ urlRequest: URLRequest, for session: Session, completion: #escaping (Result<URLRequest, Error>) -> Void) {
//Add any extra headers here
//urlRequest.addValue(value: "", forHTTPHeaderField: "")
completion(.success(urlRequest))
}
}
Usage: For every API request, the adapt() method is called, and on validate() the retry method is used to validate the status code. retryLimit can be set by creating an instance of the interceptor here
Providing the retryLimit would call the API twice if the response was an error
let interceptor = RequestInterceptorWrapper()
func getDataFromAnyApi(completion: #escaping (User?) -> Void)) {
interceptor.retryLimit = 2
AF.request(router).validate().responseJSON { (response) in
guard let data = response.data else {
completion(nil)
return
}
// convert to User and return
completion(User)
}
}
Yes you can on Alamofire 4.0
The RequestRetrier protocol allows a Request that encountered an Error while being executed to be retried. When using both the RequestAdapter and RequestRetrier protocols together, you can create credential refresh systems for OAuth1, OAuth2, Basic Auth and even exponential backoff retry policies. The possibilities are endless. Here's an example of how you could implement a refresh flow for OAuth2 access tokens.
func should(_ manager: SessionManager, retry request: Request, with error: Error, completion: #escaping RequestRetryCompletion) {
lock.lock() ; defer { lock.unlock() }
if let response = request.task?.response as? HTTPURLResponse, response.statusCode == 401 {
requestsToRetry.append(completion)
if !isRefreshing {
refreshTokens { [weak self] succeeded, accessToken, refreshToken in
guard let strongSelf = self else { return }
strongSelf.lock.lock() ; defer { strongSelf.lock.unlock() }
if let accessToken = accessToken, let refreshToken = refreshToken {
strongSelf.accessToken = accessToken
strongSelf.refreshToken = refreshToken
}
strongSelf.requestsToRetry.forEach { $0(succeeded, 0.0) }
strongSelf.requestsToRetry.removeAll()
}
}
} else {
completion(false, 0.0)
}
}
Reference: AlamofireDocumentation
you can add interceptor
Alamofire.request(Constants.shared.getProfile, method: .get, parameters: nil, encoding: URLEncoding.default, headers: headers)
add the protocol RequestInterceptor
then implement this two protocol method
// retryCount number of time api need to retry
func adapt(_ urlRequest: URLRequest, for session: Session, completion: #escaping (Result<URLRequest, Error>) -> Void) {
completion(.success(urlRequest))
}
func retry(_ request: Request, for session: Session, dueTo error: Error, completion: #escaping (RetryResult) -> Void) {
guard request.retryCount < retryCount else {
completion(.doNotRetry)
return
}
/// Call UR API here
}
once api get fail this two method call, do
Could you just recursively call the function if it receives a 401? You would definitely need to create some type of exit condition so that if it continues to fail that it will break out, but it seems to me that it would work.

How to Authenticate a URLRequest Using Alamofire with OAuth1

I am having a problem trying to Authenticate a request using alamofire and OAuth1 and I am using this library to do so:
https://github.com/phenemann/Authentication/
but I am not able to succeed if you know how to use alamofire with OAuth1.
Bellow is my progress till this moment
class HttpRestManager{
public static func sendRequest(url: String, authorizationType: AuthorizationType, method: HTTPMethod, parameters: [String: Any]?, headers: NSMutableDictionary, complition: #escaping (_ results: String?, _ errors: Error?, _ statusCode: Int?) -> Void){
let preparedHeaders = prepareHeaders(headers: headers, authorizationType: authorizationType)
let manager = Alamofire.SessionManager.default
manager.session.configuration.timeoutIntervalForRequest = 10
manager.adapter = AuthorizationAdapter()
manager.request(url, method: method, parameters: parameters, encoding: JSONEncoding.default, headers: preparedHeaders).responseString { (response) in
switch response.result{
case .success(let value):
complition(value, nil, response.response?.statusCode)
case .failure(let error):
complition(nil, error, response.response?.statusCode)
}
}
}
}
and this is the adapter I am using:
class AuthorizationAdapter: RequestAdapter {
private let CONSUMER_KEY = "****";
private let CONSUMER_SECRET = "****";
private let TOKEN_ID = "****";
private let TOKEN_SECRET = "****";
func adapt(_ urlRequest: URLRequest) throws -> URLRequest {
let oAuthMethod = AuthenticationMethod.oauth1(consumerKey: CONSUMER_KEY,
consumerSecret: CONSUMER_SECRET,
accessKey: TOKEN_ID,
accessSecret: TOKEN_SECRET)
let authorizer = Authenticator(method: oAuthMethod)
let authorizedRequest = try? authorizer.signRequest(request: urlRequest)
return authorizedRequest!
}
}
please note that I have the ConsumerKey, ConsumerSecret, TokenID and TokenSecret there is no CallBackUrl or anything I Just need to generate the "oauth_signiture" value, based on the request URL and it's parameters, I have generated it but the response I get is "INVALID_LOGIN_ATTEMPT", and whenever I test the API on Postman it succeeds even though the generated header is similar to the one I generate, please help me or tell me what I am doing wrong, many thanks.

Right way to refresh the token

There is a function getUser in RequestManager class that called in my VC.
func getUser(onCompletion: #escaping (_ result: User?, error: String?) -> Void) {
Alamofire.request(Router.getUser).responseJSON { (response) in
// here is the work with response
}
}
If this request returns 403 it means access_token is expired. I need to refresh token and repeat the request from my VC.
Now the question.
How to refresh token and repeat the request in the right way?
To handle the error and refresh token in MyViewController or getUser method is not good idea because I have a lot of VCs and request methods.
I need something like: VC calls the method and gets the User even if token is expired and refreshToken must not be in all request methods.
EDIT
refreshToken method
func refreshToken(onCompletion: #escaping (_ result: Bool?) -> Void) {
Alamofire.request(Router.refreshToken).responseJSON { (response) in
print(response)
if response.response?.statusCode == 200 {
guard let data = response.data else { return onCompletion(false) }
let token = try? JSONDecoder().decode(Token.self, from: data)
token?.setToken()
onCompletion(true)
} else {
onCompletion(false)
}
}
}
To solve this, I created a class from which we will call every API, say BaseService.swift.
BaseService.swift :
import Foundation
import Alamofire
import iComponents
struct AlamofireRequestModal {
var method: Alamofire.HTTPMethod
var path: String
var parameters: [String: AnyObject]?
var encoding: ParameterEncoding
var headers: [String: String]?
init() {
method = .get
path = ""
parameters = nil
encoding = JSONEncoding() as ParameterEncoding
headers = ["Content-Type": "application/json",
"X-Requested-With": "XMLHttpRequest",
"Cache-Control": "no-cache"]
}
}
class BaseService: NSObject {
func callWebServiceAlamofire(_ alamoReq: AlamofireRequestModal, success: #escaping ((_ responseObject: AnyObject?) -> Void), failure: #escaping ((_ error: NSError?) -> Void)) {
// Create alamofire request
// "alamoReq" is overridden in services, which will create a request here
let req = Alamofire.request(alamoReq.path, method: alamoReq.method, parameters: alamoReq.parameters, encoding: alamoReq.encoding, headers: alamoReq.headers)
// Call response handler method of alamofire
req.validate(statusCode: 200..<600).responseJSON(completionHandler: { response in
let statusCode = response.response?.statusCode
switch response.result {
case .success(let data):
if statusCode == 200 {
Logs.DLog(object: "\n Success: \(response)")
success(data as AnyObject?)
} else if statusCode == 403 {
// Access token expire
self.requestForGetNewAccessToken(alaomReq: alamoReq, success: success, failure: failure)
} else {
let errorDict: [String: Any] = ((data as? NSDictionary)! as? [String: Any])!
Logs.DLog(object: "\n \(errorDict)")
failure(errorTemp as NSError?)
}
case .failure(let error):
Logs.DLog(object: "\n Failure: \(error.localizedDescription)")
failure(error as NSError?)
}
})
}
}
extension BaseService {
func getAccessToken() -> String {
if let accessToken = UserDefaults.standard.value(forKey: UserDefault.userAccessToken) as? String {
return "Bearer " + accessToken
} else {
return ""
}
}
// MARK: - API CALL
func requestForGetNewAccessToken(alaomReq: AlamofireRequestModal, success: #escaping ((_ responseObject: AnyObject?) -> Void), failure: #escaping ((_ error: NSError?) -> Void) ) {
UserModal().getAccessToken(success: { (responseObj) in
if let accessToken = responseObj?.value(forKey: "accessToken") {
UserDefaults.standard.set(accessToken, forKey: UserDefault.userAccessToken)
}
// override existing alaomReq (updating token in header)
var request: AlamofireRequestModal = alaomReq
request.headers = ["Content-Type": "application/json",
"X-Requested-With": "XMLHttpRequest",
"Cache-Control": "no-cache",
"X-Authorization": self.getAccessToken()]
self.callWebServiceAlamofire(request, success: success, failure: failure)
}, failure: { (_) in
self.requestForGetNewAccessToken(alaomReq: alaomReq, success: success, failure: failure)
})
}
}
For calling the API from this call, we need to create a object of AlamofireRequestModal and override it with necessary parameter.
For example I created a file APIService.swift in which we have a method for getUserProfileData.
APIService.swift :
import Foundation
let GET_USER_PROFILE_METHOD = "user/profile"
struct BaseURL {
// Local Server
static let urlString: String = "http://192.168.10.236: 8084/"
// QAT Server
// static let urlString: String = "http://192.171.286.74: 8080/"
static let staging: String = BaseURL.urlString + "api/v1/"
}
class APIService: BaseService {
func getUserProfile(success: #escaping ((_ responseObject: AnyObject?) -> Void), failure: #escaping ((_ error: NSError?) -> Void)) {
var request: AlamofireRequestModal = AlamofireRequestModal()
request.method = .get
request.path = BaseURL.staging + GET_USER_PROFILE_METHOD
request.headers = ["Content-Type": "application/json",
"X-Requested-With": "XMLHttpRequest",
"Cache-Control": "no-cache",
"X-Authorization": getAccessToken()]
self.callWebServiceAlamofire(request, success: success, failure: failure)
}
}
Explanation:
In code block:
else if statusCode == 403 {
// Access token expire
self.requestForGetNewAccessToken(alaomReq: alamoReq, success: success, failure: failure)
}
I call getNewAccessToken API (say refresh-token, in your case), with the request( it could be any request based from APIService.swift).
When we get new token I save it user-defaults then I will update the request( the one I am getting as a parameter in refresh-token API call), and will pass the success and failure block as it is.
You can create generic refresher class:
protocol IRefresher {
associatedtype RefreshTarget: IRefreshing
var target: RefreshTarget? { get }
func launch(repeats: Bool, timeInterval: TimeInterval)
func invalidate()
}
class Refresher<T: IRefreshing>: IRefresher {
internal weak var target: T?
private var timer: Timer?
init(target: T?) {
self.target = target
}
public func launch(repeats: Bool, timeInterval: TimeInterval) {
timer = Timer.scheduledTimer(withTimeInterval: timeInterval, repeats: repeats) { [weak self] (timer) in
self?.target?.refresh()
}
}
public func invalidate() {
timer?.invalidate()
}
}
And the refresh target protocol:
protocol IRefreshing: class {
func refresh()
}
Define new typealias:
typealias RequestManagerRefresher = Refresher<RequestManager>
Now create refresher and store it:
class RequestManager {
let refresher: RequestManagerRefresher
init() {
refresher = Refresher(target: self)
refresher?.launch(repeats: true, timeInterval: 15*60)
}
}
And expand RequestManager:
extension RequestManager: IRefreshing {
func refresh() {
updateToken()
}
}
Every 15 minutes your RequestManager's token will be updated
UPDATE
Of course, you also can change the update time. Create a static var that storing update time you need. For example inside the RequestManager:
class RequestManager {
static var updateInterval: TimeInterval = 0
let refresher: RequestManagerRefresher
init() {
refresher = Refresher(target: self)
refresher?.launch(repeats: true, timeInterval: updateInterval)
}
}
So now you can ask the token provider server for token update interval and set this value to updateInterval static var:
backendTokenUpdateIntervalRequest() { interval in
RequestManager.updateInterval = interval
}
You can easily Refresh token and retry your previous API call using Alamofire
RequestInterceptor
NetworkManager.Swift:-
import Alamofire
class NetworkManager {
static let shared: NetworkManager = {
return NetworkManager()
}()
typealias completionHandler = ((Result<Data, CustomError>) -> Void)
var request: Alamofire.Request?
let retryLimit = 3
func request(_ url: String, method: HTTPMethod = .get, parameters: Parameters? = nil,
encoding: ParameterEncoding = URLEncoding.queryString, headers: HTTPHeaders? = nil,
interceptor: RequestInterceptor? = nil, completion: #escaping completionHandler) {
AF.request(url, method: method, parameters: parameters, encoding: encoding, headers: headers, interceptor: interceptor ?? self).validate().responseJSON { (response) in
if let data = response.data {
completion(.success(data))
} else {
completion(.failure())
}
}
}
}
RequestInterceptor.swift :-
import Alamofire
extension NetworkManager: RequestInterceptor {
func adapt(_ urlRequest: URLRequest, for session: Session, completion: #escaping (Result<URLRequest, Error>) -> Void) {
var request = urlRequest
guard let token = UserDefaultsManager.shared.getToken() else {
completion(.success(urlRequest))
return
}
let bearerToken = "Bearer \(token)"
request.setValue(bearerToken, forHTTPHeaderField: "Authorization")
print("\nadapted; token added to the header field is: \(bearerToken)\n")
completion(.success(request))
}
func retry(_ request: Request, for session: Session, dueTo error: Error,
completion: #escaping (RetryResult) -> Void) {
guard let statusCode = request.response?.statusCode else {
completion(.doNotRetry)
return
}
guard request.retryCount < retryLimit else {
completion(.doNotRetry)
return
}
print("retry statusCode....\(statusCode)")
switch statusCode {
case 200...299:
completion(.doNotRetry)
case 401:
refreshToken { isSuccess in isSuccess ? completion(.retry) : completion(.doNotRetry) }
break
default:
completion(.retry)
}
}
func refreshToken(completion: #escaping (_ isSuccess: Bool) -> Void) {
let params = [
"refresh_token": Helpers.getStringValueForKey(Constants.REFRESH_TOKEN)
]
AF.request(url, method: .post, parameters: params, encoding: JSONEncoding.default).responseJSON { response in
if let data = response.data, let token = (try? JSONSerialization.jsonObject(with: data, options: [])
as? [String: Any])?["access_token"] as? String {
UserDefaultsManager.shared.setToken(token: token)
print("\nRefresh token completed successfully. New token is: \(token)\n")
completion(true)
} else {
completion(false)
}
}
}
}
Alamofire v5 has a property named RequestInterceptor.
RequestInterceptor has two method, one is Adapt which assign
access_token to any Network call header, second one is Retry method.
In Retry method we can check response status code and call
refresh_token block to get new token and retry previous API again.

Resources