-
Notifications
You must be signed in to change notification settings - Fork 67
Token Refreshing
After access token gets expired all requests that require authorization will fail unless new valid access token is provided.
The token can be refreshed manually or with the auto-refresh mechanism.
To enable auto-refresh you need to call setRefreshStrategy with TokenRefreshStrategy.refresh on Coinbase instance.
coinbase.setRefreshStrategy(.refresh(clientID: <client_id>,
clientSecret: <client_secret>,
refreshToken: <refresh_token>,
onUserTokenUpdate: { token in
// handle new tokens. In example: securely store them
}))Note:
In onUserTokenUpdate you can provide closure which gets called on every token update.
Coinbase does not store any tokens in a permanent secure storage. To keep user authorized between application sessions, it is recommended to store tokens in a secure storage and provide them every time you set up a new instance of Coinbase.
After auto-refreshing token Coinbase instance automatically starts using new accessToken so you don't have to set received accessToken manually.
Important:
Enabling auto-refresh does not guarantee that requests won't fail with a token not valid error (e.g. token was revoked). It is highly recommended to handle such situations (e.g. to ask a user to log in again).
After performing a request with the expired token you will receive Result.failure with an associated error:
NetworkError.responseError(errorResponse, _)where errorResponse.errors contains an error with id equal to ClientErrorID.expiredToken.
To refresh token you should do next:
-
Get a new pair of tokens using
refresh()method ofTokenResource.coinbase.tokenResource .refresh(clientID: <client_id>, clientSecret: <client_secret>, refreshToken: <refresh_token>) { result in switch result { case .success(let userToken): // use new tokens case .failure(let error): // handle case when refresh failed } }
-
Set received access token into the property of your
Coinbaseinstance.coinbase.accessToken = accessToken