Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow accessing credentials without an attempt to refresh #378

Open
5 tasks done
MilesAdamson opened this issue Dec 11, 2023 · 0 comments
Open
5 tasks done

Allow accessing credentials without an attempt to refresh #378

MilesAdamson opened this issue Dec 11, 2023 · 0 comments
Labels
feature request A feature has been asked for or suggested by the community

Comments

@MilesAdamson
Copy link

MilesAdamson commented Dec 11, 2023
edited

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

For apps which are designed around the user being offline frequently, the following flow would be great:

  • user is logged in
  • user goes offline
  • user returns to the app while offline, access token expired
  • user can continue to browse the app with their identity in the state they last saw it
  • upon coming back online, access token refresh happens

Currently, this is harder to achieve because credentials of DefaultCredentialsManager will always try to refresh the token, which fails without internet. Since this is the only method which access credentials, there is no way to just get the cached (expired) credentials. This would be convenient to have so that in the offline state, we can still restore the users id/roles/permissions as to what they should be able to view in that offline state.

Describe the ideal solution

Add a method to CredentialsManager to get the cached credentials, without any attempt to refresh them. Or, add a boolean to the input of CredentialsManager.credentials to do the same behavior.

Alternatives and current workarounds

Alternatively it would be possible to cache the users id/roles/permissions ourselves to use in the app during the offline state. But this would be redundant with the credentials already in the manager, if we could access them.

It would also be possible to write our own implementation of credentials manager, to returns expired credentials from credentials if it fails to refresh while offline. But it defeats the purpose of the default manager to need to re-write the api calls to refresh the tokens and such

Additional context

No response
@MilesAdamson MilesAdamson added the feature request A feature has been asked for or suggested by the community label Dec 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request A feature has been asked for or suggested by the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MilesAdamson