Reputation: 6037
onAuthStateChanged for token refresh
I am using the Javascript Firebase SDK to authenticate my users and it is working fine for the "normal" sign-in/sign-out process.
Now i also have an open socket connection and REST-Api calls which depend on the validity of the auth token. Sadly it seems like the onAuthStateChanged function is not called when the token is expiring.
My onAuthStateChanged callback function is defined like this:
Auth._onAuthStateChanged = function() {
var that = this;
return function(oUser) {
// We can extend the User Object with values we need or want.
if (oUser && !that._oUser) {
that.onFirebaseSignIn(oUser);
} else if (oUser && that._oUser && oUser.uid !== that._oUser.uid) {
that.onFirebaseUserChanged();
} else if (oUser && that._oUser && oUser.uid === that._oUser.uid) {
that.onFirebaseTokenChanged();
} else if (!oUser) {
that.onFirebaseSignOut();
}
};
};
Now something similar is working fine in Android and correctly notifies me if the token is expiring. Defined like this:
mAuthListener = new FirebaseAuth.AuthStateListener() {
@Override
public void onAuthStateChanged(@NonNull FirebaseAuth firebaseAuth) {
if (firebaseAuth.getCurrentUser() != null && AccountTools.getCurrentUserId() == null) {
onFirebaseSignIn(firebaseAuth);
} else if (firebaseAuth.getCurrentUser() != null &&
AccountTools.getCurrentUserId() != null &&
!AccountTools.getCurrentUserId().equals(firebaseAuth.getCurrentUser().getUid())) {
onFirebaseUserChanged(); // This may be the same as just signIn!
} else if (firebaseAuth.getCurrentUser() != null &&
AccountTools.getCurrentUserId() != null &&
AccountTools.getCurrentUserId().equals(firebaseAuth.getCurrentUser().getUid())) {
getAuthToken(false);
} else if (firebaseAuth.getCurrentUser() == null){
onFirebaseSignOut();
}
}
};
Is the behaviour of the onAuthStateChanged callback not well enough defined to rely on this? If not. What are my options? I need a valid token everytime i do a REST call and would really like not have to rely on always calling getToken() before doing any REST call and would rather have it to be asynchronous to everything else. Thanks!
Upvotes: 0
Views: 2178
Answers (1)
Reputation: 6037
I think i understood this sentence inside the documenation on onAuthStateChanged for Android and thought it would mean that the function is called when the token expires. Instead it is only called then the token actually changes:
When there is a change in the current user's token
I have this now implemented in Javascript by decoding the jwt token and then using setTimeout function with the expiration date. In the function called i do a forced refresh for the token.
This should make sure that the token is always valid.
Upvotes: 1
Related Questions
- Firebase onAuthStateChanged keeps refreshing
- firebase.auth().onAuthStateChanged Not Working
- firebase.auth().onAuthStateChanged not executed after sign-in?
- Firebase onAuthStateChanged() keep refreshing the page
- Firebase onAuthStateChange() state does not change
- onAuthStateChanged inconsistent
- React-native - Firebase onAuthStateChanged not working correctly
- Firebase onAuthStateChanged not firing on login
- Using a refresh token to authenticate Firebase Admin
- Have I called the onAuthStateChanged function incorrectly?