Working with expired token manager android manager

Question

Working with expired token manager android manager

Should I be invalid and request a new token every time I need to make a request using the Google authentication token from AccountManager, or is there an "expired-at" timestamp that I can use to see if it is valid.

+5

android authentication

Vitaly babiy Aug 30 '11 at 12:18

source share

4 answers

Ollie c · Answer 1 · 2011-08-30T12:40:40+0000

There is no expiration time in the HTTP response from Google, so I think you need to make sure that if the authentication token cannot provide access, you use it as a trigger to get a new authentication token. Or you can purchase a new token every time the application starts, or create your own timeout.

http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html

Josh Clemm · Answer 2 · 2012-02-08T03:04:55+0000

Looking at the HTTP response, the status code is 302 (it redirects you to provide an authentication token), and the "Set-Cookie" field is not in the header . You can disable this.

if (res.getStatusLine().getStatusCode() == 302 && res.getHeaders("Set-Cookie").length == 0) {
    // we need a new token
    // invalidate account manager logic here
}

Failure to receive this cookie from Google seems to mean time to grab a new token from AccountManager.

Purespider · Answer 3 · 2012-05-26T15:37:28+0000

As the answer has not yet been accepted: I do this by firing my requests in a try block, then catching any exceptions and checking if it is 401 s if (e.getMessage().equals("401 Unauthorized")) { ... }. Then cancel the authentication token, request a new one and retry the request.

Raunak · Answer 4 · 2011-08-30T13:23:01+0000

You need to call invalidateAuthToken (String, String) when you know that the token has expired. that is, when the request completed with an authentication error.

Working with expired token manager android manager

More articles: