Okhttp: Infinite request/response loop when using an Authenticator with invalid credentials

Yup. Are you implementing com.squareup.okhttp.Authenticator or java.net.Authenticator ?

I am implementing com.squareup.okhttp.Authenticator.

I think we want an API like this on Response:

  public List<Response> priorResponses() { ... }

Then you can just do this in your authenticator:

  if (response.priorResponses().size() > 5) return null;

(You could implement this in user code by looking at priorResponse() in a loop.)

I think we should still enforce the 20 redirect max we impose on 3xx
requests for this to ensure we never infinite loop.
On Jun 28, 2014 11:44 AM, "Jesse Wilson" [email protected] wrote:

(You could implement this in user code by looking at priorResponse() in a
loop.

—
Reply to this email directly or view it on GitHub
https://github.com/square/okhttp/issues/960#issuecomment-47435195.

Yup. Counting auth challenges against the 20 attempt limit is a good idea.

I do that:

        @Override
        public Request authenticate(Proxy arg0, Response response) throws IOException {
            String auth = ...;
            if (auth.equals(arg1.request().header("Authorization"))) {
                return null;
            }
            return response.request().newBuilder().header("Authorization", auth).build();
        }

Because a/ I don't want to call 20 times the server with the same authentication header if it is wrong and b/ the 20 requests limit results in a ProtocolException, instead of a 401 status.

Is there a way to change the 20x limit? We'd like to retry only 3 times.

Also, it seems that this is not working (or there's something wrong with my configuration?). When my authorization service returns 401 it goes into the endless loop.