Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not use coroutine APIs in the access token interceptor #2733

Open
MiSikora opened this issue Aug 27, 2024 · 0 comments
Open

Do not use coroutine APIs in the access token interceptor #2733

MiSikora opened this issue Aug 27, 2024 · 0 comments
Labels
[Area] Network Things related to the web connection or communiaction [Type] Tech Debt Involving upgrades or refactoring to maintain or enhance the codebase.

Comments

@MiSikora
Copy link
Contributor

We have this piece of code:

pocket-casts-android/modules/services/servers/src/main/java/au/com/shiftyjelly/pocketcasts/servers/di/ServersModule.kt

Lines 248 to 273 in f354e0b

@Provides
@TokenInterceptor
@Singleton
internal fun provideTokenInterceptor(tokenHandler: TokenHandler): Interceptor {
val unauthenticatedEndpoints = setOf("security") // Don't attach a token to these methods because they get the token
return Interceptor { chain ->
val original = chain.request()
if (unauthenticatedEndpoints.contains(original.url.encodedPathSegments.firstOrNull())) {
chain.proceed(original)
} else {
val token = runBlocking { tokenHandler.getAccessToken() }
return@Interceptor if (token != null) {
val response = chain.proceed(buildRequestWithToken(original, token))
if (response.code == HttpURLConnection.HTTP_UNAUTHORIZED) {
tokenHandler.invalidateAccessToken()
val newToken = runBlocking { tokenHandler.getAccessToken() }
chain.proceed(buildRequestWithToken(original, newToken))
} else {
response
}
} else {
chain.proceed(original)
}
}
}
}

Using runBlocking can lead to problems. While we don't have any issues at the moment it is a potential footgun. See: square/okhttp#7164
@MiSikora MiSikora added [Type] Tech Debt Involving upgrades or refactoring to maintain or enhance the codebase. [Area] Network Things related to the web connection or communiaction labels Aug 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
[Area] Network Things related to the web connection or communiaction [Type] Tech Debt Involving upgrades or refactoring to maintain or enhance the codebase.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MiSikora