Refit: Oauth Authorization Extension

Created on 14 Apr 2016  路  12Comments  路  Source: reactiveui/refit

Firstly thanks for making Refit, I have been using on a couple of projects and I think its fantastic.

I notice that you have a sample for Authorization (Dynamic Headers redux) in the readme. Just wondering if there would be any appetite for an extension for Oauth that would bake in the authorization access token and refresh token calls when making the API calls. Or perhaps its already there an I鈥檓 missing something?

documentation

Most helpful comment

Ditto! considering how frequent this use case happens, it might be a good idea to bake it in or at least update the sample with easier to understand example because honestly it took me around an hour to get my head around it and implement it properly.

All 12 comments

I have same question about with expiration

I got my app to successfully auto refresh expired tokens by closely studying this part in the documentation: https://github.com/paulcbetts/refit#authorization-dynamic-headers-redux

Tip: the explanation is too generic. but simply implementing your own GetToken() and checking for authorization token existence and expiration will allow you to do desired outcome

Hi Korayem,

Thanks for the reply. Essentially I have done that. I have implemented an AuthenticatedHttpClientHandler which implements from HttpClientHandler.

It will get a refresh token if needed before making the API call. I was just wondering if there would be an appetite to include this in Refit (or as a separate module that would have it baked in).

Ditto! considering how frequent this use case happens, it might be a good idea to bake it in or at least update the sample with easier to understand example because honestly it took me around an hour to get my head around it and implement it properly.

+1

The challenge is that there's no single OAuth implementation. That's why there's a聽GetToken method instead that allows you to use your聽own聽flavor. Facebook, Google, Microsoft and others all do it differently. Likewise, some libraries, like Microsoft's ADAL, handle token caching, while others don't.

Open to suggestions though.

Reopening to track doc updates to explain better.

@onovotny, has this been clarified in the docs yet? (Can we close this, is what I'm getting at.)

We talk about auth here https://github.com/reactiveui/refit#authorization-dynamic-headers-redux, but I'm sure it could be better

GitHub
The automatic type-safe REST library for Xamarin and .NET - reactiveui/refit

I've felt for a long time that the docs could do with a serious overhaul. I should have some time soon to look at actually doing it. 馃ぃ馃帀

Do you want to keep this open as a reminder or should I start up a separate issue for docs overhaul and add this as a bullet point?

A new issue for the docs is probably better

Closing due to age. Please try Refit v6 and reopen if still an issue.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

sahinyyurt picture sahinyyurt  路  5Comments

ahmedalejo picture ahmedalejo  路  6Comments

jamiehowarth0 picture jamiehowarth0  路  5Comments

tstivers1990 picture tstivers1990  路  5Comments

hankovich picture hankovich  路  4Comments