Firebase Token Expires every hour, subscriptions stop working

[arpitjacob]

Hi there, I am using firebase to validate the JWT. but it expires every one hour.
Where should I put a condition in the code to get a new token every time it expires
I also have subscriptions, so I am getting "Try again..." repeated in the logs every 2 seconds when the token expires.

[rajababu3]

You can create a client something like this.

class HasuraClient {
  HasuraConnect get hasuraConnect =>
      HasuraConnect("https://<your-url>/v1/graphql", headers: {
        "X-Hasura-Role": "user",
      }, token: (isError) async {
        //sharedPreferences or other storage logic
        final currentUser = await UserRepository().getCurrentUser();
        final idToken = await currentUser.getIdToken(refresh: true);
        return "Bearer ${idToken.token}";
      });
}

[arpitjacob]

Thanks I was using exactly this code and I had removed refresh : true from getIdToken(refresh: true).

I think I did it because it's called on every query. Does it not make all the queries slower to process if it does a force refresh? or does it return only when a new token is available?

[rajababu3]

Nope. It will be called when token expires.

…

On Thu, 6 Aug 2020, 5:00 pm Arpit Jacob, ***@***.***> wrote: Thanks I was using exactly this code and I had removed refresh : true from getIdToken(refresh: true). I think I did it because it's called on every query. Does it not make all the queries slower to process if it does a force refresh? or does it return only when a new token is available? — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#67 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AEJWUCPWMSVJ3TNEY6ZEAGDR7KH3RANCNFSM4PK6NDTA> .

[arpitjacob]

Ah ok the documentation on firebase is a bit confusing then. I need to read it again.

[arpitjacob]

This doesn't work for subscriptions. I left the app open for more than an hour. I am still seeing this error.

flutter: Try again...

[rajababu3]

If I am not wrong he might have implemented this. https://github.com/Flutterando/hasura_connect/blob/master/lib/src/core/hasura_connect_base.dart#L199

[arpitjacob]

Link doesn't work anymore, I don't think it check for token expiration its only checks if token in not null. So you can have a valid token which has expired.

[arpitjacob]

Hi guys is there any solution to this or a temporary fix I can use till you guys send out an update?

[Bwolfs2]

If u are using 2.0+ u will need to implement a auth_interceptor to make this:

class TokenInterceptor extends Interceptor {
  final FirebaseAuth auth;
  TokenInterceptor(this.auth);

  @override
  Future<void> onConnected(HasuraConnect connect) {}

  @override
  Future<void> onDisconnected() {}

  @override
  Future onError(HasuraError request) async {
    return request;
  }

  @override
  Future<Request> onRequest(Request request) async {
    var user = await auth.currentUser();
    var token = await user.getIdToken(refresh: true);
    if (token != null) {
      try {
        request.headers["Authorization"] = "Bearer ${token.token}";
        return request;
      } catch (e) {
        return null;
      }
    } else {
      Modular.to.pushReplacementNamed("/login");
    }
  }

  @override
  Future onResponse(Response data) async {
    return data;
  }

  @override
  Future<void> onSubscription(Request request, Snapshot snapshot) {}

  @override
  Future<void> onTryAgain(HasuraConnect connect) {}
}

[osaxma]

@Bwolfs2

How to make this work with an ongoing subscription (i.e. when the token expires in the middle of an active subscription)?

[osaxma]

Here's my workaround if anyone is interested:

https://gist.github.com/osaxma/141d6be2b522f8bfe8673af14eb20bd1