Wednesday , June 29 2022

Retrofit Authenticator Refresh Token Tutorial – Android Coding by DMTechnolab

Ever heard of the latest token? The refresh token can get you a new access token, without prompting the user to login again. In this post we will learn how you can use Retrofit Authenticator to refresh tokens. And refresh token means getting a new access token with the help of refresh token.

Building Backend API

Now, to follow this post you need to know about access tokens and refresh tokens, and you must have an API to provide these. If you do not have an API, the first thing you may want to know about API development.

You can follow this step by step tutorial to build a learn Reputed API with OAuth2 authentication. I am using the larva framework here to create an API. said that the government has taken several steps to prevent such incidents.

So I hope you already have an API to let the user login (if you don’t have them, you can get the source code from the tutorial above). And when the user logs in your API is giving the following response.

Retrofit Authenticator Refresh TokenRetrofit Authenticator Refresh Token
User login response

As you can see on successful login, API is coming back access token And Refresh_token.

What are access and refresh tokens?

Now, let’s understand the token. When a user successfully authenticates in our backend, we provide him with two tokens. Access the token, and refresh the token.

The access token is mandatory for every other request that requires authentication and with the access token we identify the authenticated user in the backend. If the access token has expired, we can use the refresh token to regenerate the access token without prompting the user to login again.

To generate a new access token using fresh tokens, we have another API endpoint, in my case it is /To refreshToken And we will pass a fresh token for this API and it will return a new access token.

Now let us understand how we can use it in our Android project.

But before proceeding further I hope you know the basics about Retrofit and Hitting API from Android side.

Retrofit Authenticator Refresh Token

I hope you already have a retrofit and networking setup in your project. After this, the first thing we have to do is we have to create an interface to define ourselves To refreshToken Your call

This app call will give us a new access token And Refresh_token .

Creating an Authenticator

Now we need to build a Authenticator .

Here you can see that we have a function Certified()) , This function will be told that your AP will return 401 Error; it means that Unconfirmed .

Inside this function we are calling the function getUpdatedToken()) . This function will either receive the new token successfully, or we may receive an error. If we get the token successfully, we will update the token in our local storage. And we will also create a new request with updates access token . If we get an error, we will become null so that our API does not attempt to refresh the token only.

We will now use this certifier for our Retrofit client.

And all. Now every time you get a 401 error, the authenticator will try to refresh the token. If the refresh is successful, your user will not be logged out, and if it fails the user will be logged out.

Get full source code

Do you need complete source code for this project? Of course you can get it.

So all this post is for friends, and if you learn anything from this post, please share it with your friends. Thank you 🙂

Belal Khan ProfileBelal Khan Profile

Hi, my name is Belal Khan and I am Google Developers Specialist (GDE) for Android. A passion for teaching made me this blog. If you are an Android developer, or you are learning about Android development, I can help you a lot with simplified coding.

Source link

About dmtechnolab

Check Also

Simplified Coding

Android Hilt Tutorial – Injecting Dependencies with Hilt – Android Coding by DMTechnolab

You are welcome Android Hilt tutorial. I hope you all are aware of it Dependency …

Leave a Reply

Your email address will not be published. Required fields are marked *