400 error after successfully refreshing Oauth 2 Token using Retrofit2 / Kotlin in Android

Question

This is the code I have for the refreshing token in an android app using kotlin ad retrofit 2.

The gradle :

implementation "com.squareup.retrofit2:retrofit:2.9.0"
implementation "com.squareup.retrofit2:converter-moshi:retrofit:2.9.0"

And Authenticator is :

class OAuthAuthenticator(
        private val refreshTokenService: Repository,
        private val sessionManager: SessionManager
    ) : Authenticator {
        @Synchronized
        override fun authenticate(route: Route?, response: Response): Request? {
            try {
        //synchronized call to refresh the token
                val refreshTokenResponse =
                    refreshTokenService.refreshJWTToken(sessionManager.getAuthTokens())
                val sessionDataResponseBody = refreshTokenResponse.body()
                if (refreshTokenResponse.isSuccessful && sessionDataResponseBody != null && !sessionDataResponseBody.jwt.isNullOrEmpty()) {
                    sessionManager.jwtToken = sessionDataResponseBody.jwt
                    // retry request with the new tokens (I get 400 error)
                    return response.request()
                        .newBuilder()
                        .addHeader("Authorization", "Bearer ${sessionManager.jwtToken}")
                        .build()
                } else {
                    throw HttpException(refreshTokenResponse)
                }
            } catch (throwable: Throwable) {
                when (throwable) {
                    is HttpException -> {
                        onSessionExpiration()
                        return null
                    }
                }
            }
            return null
        }

        private fun onSessionExpiration() {
            sessionManager.clear()
        }
    }

This is the Repository class :

object Repository {
    fun refreshJWTToken(authTokens : AuthTokens) = RetrofitBuilder.userApi.getAuthenticationToken(authTokens).execute()
}

This is the API :

interface UserAPI {
    @Headers("Cache-Control: no-cache")
    @POST(AUTH_TOKENS_URL)
    fun getAuthenticationToken(
        @Header("Accept")  accept : String,
        @Header("Content-Type")  contentType : String,
        @Body params: AuthTokens
    ): Call<AuthTokenResponse>
}

The retrofit builder:

init {
    val connectivityManager =
        context.getSystemService(Context.CONNECTIVITY_SERVICE) as ConnectivityManager
    val sessionManager = SessionManager.getInstance(context)
    val httpLoggingInterceptor =
        HttpLoggingInterceptor() 
    httpLoggingInterceptor.level = HttpLoggingInterceptor.Level.BODY
    httpClient = OkHttpClient.Builder()
        .addInterceptor(httpLoggingInterceptor)
        .addInterceptor(ConnectivityCheckInterceptor(connectivityManager))
        .addInterceptor(AuthInterceptor(sessionManager))
        .authenticator(OAuth2Authenticator(UserRepository, sessionManager))
        .readTimeout(TIME_OUT, TimeUnit.SECONDS)
        .build()
}

Question : I can confirm that the code refreshes the Auth token and persists it successfully. However I get a 400 error after that. Any suggestions on what I am doing wrong?

Answer 1

I know this question is old, but for everyone who facing the same issue, it was just a simple mistake.

Please, use header(..., ...) instead of addHeader(..., ...) in the TokenAuthenticator class.

It worked for me.