问题描述
我正在为受OAuth2保护的服务器编写一个小型iOS客户端。
I'm writing a small iOS client for a server protected with OAuth2.
我想知道是否可以使用 AFOAuth2Manager 自动刷新过期的令牌。
I'm wondering if is it possible using AFOAuth2Manager [here] auto-refreshing the expired token.
这个想法是当服务器用401响应时刷新客户端的逻辑,或者当刷新方法返回401时引发错误的逻辑应该很常见,所以可能它集成在某个库中。
The idea is that the logic for refreshing the client when the server responds with a 401, or raise an error when the refresh method returns a 401 should be quite common, so probably it is integrated in some library.
推荐答案
我创建了 AFOAuth2Manager的子类
在这个子类中,我重写了这个方法:
In this subclass I override this method:
- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)request
success:(void (^)(AFHTTPRequestOperation *operation, id responseObject))success
failure:(void (^)(AFHTTPRequestOperation *operation, NSError *error))failure {
return [self HTTPRequestOperationWithRequest:request
success:success
failure:failure
checkIfTokenIsExpired:YES];
}
使用附加参数调用自定义方法: checkIfTokenIsExpired 。这是为了避免无限循环所必需的。
calling a custom method with an additional parameter: checkIfTokenIsExpired. This is required in order to avoid infinite loops.
这种方法的实现是向前的:如果我们不需要检查令牌就调用超类。
The implementation of this method is straigth forward: if we don't need to check the token just call the super class.
if (!checkIfTokenIsExpired) {
return [super HTTPRequestOperationWithRequest:request
success:success
failure:failure];
}
否则我们使用自定义故障块执行请求
otherwise we perform the request with a custom failure block
else {
return [super HTTPRequestOperationWithRequest:request
success:success
failure: ^(AFHTTPRequestOperation *operation, NSError *error) {
if (operation.response.statusCode == ERROR_CODE_UNAUTHORIZED) { //1
[self reauthorizeWithSuccess: ^{ //2
NSURLRequest *req = [self.requestSerializer requestByAddingHeadersToRequest:request]; //3
AFHTTPRequestOperation *moperation = [self HTTPRequestOperationWithRequest:req //4
success:success
failure:failure
checkIfTokenIsExpired:NO];
[self.operationQueue addOperation:moperation]; //5
} failure: ^(NSError *error) {
failure(nil, error);
}];
}
else {
failure(operation, error); //6
}
}];
}
- // 1:检查
http状态代码,如果401尝试自动重新授权。 - // 2:重新授权是一个使用 AFOAuthManager 刷新令牌。
- // 3:在这种情况下,我们成功重新授权,我们想重新提交上一个请求的副本。方法
requestByAddingHeadersToRequest:只需复制上一个请求中的所有标题字段。 - // 4:创建上一个请求的副本,但这次最后一个参数是假的,因为我们不想再检查!
successBlock和failureBlock与之前的请求相同。 - / / 5:将操作添加到队列中。
- // 6:如果重新授权方法失败,则只需调用失败块。
- //1: check the
http status code, if 401 try to automatically re-authorize. - //2: reauthorize is a private mathod that uses
AFOAuthManagerto refresh the token. - //3: In this case we are re-authorized with success and we want to resubmit a copy of the previous request. The method
requestByAddingHeadersToRequest:just copy all the header fields from the previous request. - //4: Create a copy of the previous request, but this time the last parameter is false because we don't want check again! The
successBlockandfailureBlockare the same of the previous request. - //5: Add the operation to the queue.
- //6: If the reauthorize method fails just call the failure block.
这篇关于如何使用AFOAuth2Manager自动刷新过期的令牌?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!