I am working with an Android app that uses both Retrofit and AsyncHttpClient libraries. I encounter a situation where I need to handle token expiration scenarios even when a 200 OK response is received from the server. My goal is to apply the same token management logic to both libraries without using Retrofit’s Interceptor or Authenticator.
The challenge is that the server responds with a HTTP status code 200 even when the token has expired, and I need to treat this as an error. Currently, I have implemented separate token expiration handling logic for Retrofit and AsyncHttpClient, but I would like to manage this with one common logic.
My questions are as follows:
How can I detect a token expiration situation within onSuccess of AsyncHttpClient? (The server returns a JSON response including "error_code": "TOKEN_EXPIRED" when the token has expired.) How can I implement a common logic that checks for token expiration before each request for both Retrofit and AsyncHttpClient, and refreshes the token if necessary?
Additional Information: Server response example: {"error_code": "TOKEN_EXPIRED", "message": "The token has expired."} with status code 200(not 401 or 407)
Also, I am facing a challenge in my app where multiple API requests are made almost simultaneously. The issue arises when the access token expires, and I need to manage the token refresh logic centrally for all these concurrent requests.
How can I detect the token expiration, pause all concurrent requests, refresh the token using a refresh token, and then continue the paused requests? Is there a pattern or method that allows paused requests to automatically resume after the token is refreshed? In case all retries fail, could you provide an example of using EventBus to notify the UI? I am looking for a common logic or class that could manage this process efficiently. I would appreciate any suggestions on the best practices, patterns, or libraries that could help with this scenario.
I have implemented a retry logic in my application; however, after refreshing and updating the token, I'm encountering a situation where other API calls still attempt to use the previously expired access token, leading to repeated token expiration issues. I would appreciate any assistance in resolving this.