0

HI i have a service AuthenticationService to refresh token and an interceptor that intercepts AuthHttp calls, the problem is that in the interceptor method when the call fails i make the refreshToken call subscribing the observable then when i get the response i need to call the first http call that was made and cant get it work :

refreshToken(): Observable<any>{
    return this.authHttp.get(GLOBAL.apiurl+'/refresh-token',"").map(
            (response) => {
                    let token = response.json() && response.json().token;
                    if (token){
                        console.log('refresh token');
                        localStorage.setItem('token', token);
                        return true;
                    }
                    else{
                        console.log('no token');
                        this.resetLocalStorage();
                        return false;
                    }
                }
    );
}

then i have an interceptor for authttp:

request(url: string | Request, options?: RequestOptionsArgs): Observable<Response> {
    return this.intercept(super.request(url, options));
  }

intercept(observable: Observable<Response>): Observable<Response> {

    return observable.catch((err, source) => {

      if (this.isUnauthorized(err.status)) {
        //logout the user or do what you want
          this.authService.refreshToken().subscribe(result => {
                    if(!result){
                    }
                    HERE THE FIRST FAILED CALL MUST BE CALLED
                },
                err => {
                }
            );
        if (err instanceof Response) {
          return Observable.throw(err.json().message || 'backend server error');
        }
        return Observable.empty();
      } else {
        return Observable.throw(err);
      }
    })

  }
Rodrigo Garcia Kosinski
  • 1
  • Just curious. If the initial call fails b/c the token has expired, wouldn't it be too late to refresh it? How can the server know that it's ok to issue a fresh token to someone who is not currently authenticated? In my app, tokens get refreshed *before* they become unusable. – BeetleJuice Nov 08 '17 at 18:43
  • because the server only refresh if the expired token is in blacklist (you also need the expired token to refresh it) so it is a user that had a valid token that expired and also the refresh can be done only within a week. – Rodrigo Garcia Kosinski Nov 08 '17 at 19:01
  • This seems problematic. Basically your server will accept an expired token as proof that the user is authentic. Isn't the point of expiration that the token should no longer be accepted for anything that requires authentication (e.g: getting a valid token)? – BeetleJuice Nov 08 '17 at 20:27

1 Answers1

0

In this block you are returning the Observable.empty(); outside the async call, I think you need to assign this inside your service call. I think right now you would be getting the empty return as you have returned the observable without waiting for the service call (given below is the pseudo code you might need to correct it based on your requirement)

if (this.isUnauthorized(err.status)) {
        //logout the user or do what you want
          this.authService.refreshToken().subscribe(result => {
                    if(!result){
                    }
                    HERE THE FIRST FAILED CALL MUST BE CALLED
                    // your return must be somewhere here
                    return Observable.empty();
                },
                err => {
                    return Observable.throw(err.json().message || 'backend server error');
                }
            );

      }
Deepak Jha
  • 1,539
  • 12
  • 17