Giters

capacitor-community / generic-oauth2

Generic Capacitor OAuth 2 client plugin. Stop the war in Ukraine!

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Bug: Detection of Network Errors when refreshing Tokens

phal0r opened this issue · comments

commented

Capacitor version:

Run npx cap doctor:

Any Capacitor 3 version

Library version:

  • 3.0.1

OAuth Provider:

  • Other: Ory Hydra

Your Plugin Configuration

{}

Affected Platform(s):

  • Android

    • Version/API Level: All

  • iOS

    • Version/API Level: All

Current Behavior

Error handling for refreshToken is not en par between iOS and Android, also with the current error codes, it's not possible to distinguish network errors and provider errors.

For iOS: https://github.com/moberwasserlechner/capacitor-oauth2/blob/main/ios/ByteowlsCapacitorOauth2/Source/ByteowlsCapacitorOauth2.swift#L148

Codes:

  • .cancelled, .accessDenied -> do they make sense here? Also the returned error code from the plugin is ERR_USER_CANCELED, which is imho not applicable, because there is no user interaction while refreshing
  • .stateNotEqual -> a refresh request does not include state, so this code can never occur here
  • all other errors return ERR_AUTHORIZATION_FAILED and as an app developer it is impossible to detect, if it was due to a network error or a provider error

Expected Behavior

It should be possible to detect, what went wrong during token refresh. If the refresh token is expired, the user should be logged out, but in case of network errors, it would be better to show network problem message or something similar and not just log the user out, which leads to a bad user experience on mobile.