我正在尝试将Siesta swift软件包与服务器上的API一起使用。我们已经设置了带有Access和Refresh令牌的JWT身份验证。我们可以通过刷新过程成功进行身份验证并获取新的访问令牌。但是,我们制定的解决方案对我来说有点晦涩。
我们正在使用这样的请求修饰符
func init() {
service.configure("**") {
if let session = self.appSession {
$0.headers["Authorization"] = "Bearer \(session.tokens.access)"
}
$0.decorateRequests {
self.globalApiFailHandler(request: $1)
}
}
service.configure(authRefreshResource) {
if let session = self.appSession {
$0.headers["Authorization-Refresh"] = "Bearer \(session.tokens.refresh)"
}
$0.decorateRequests {
self.refreshTokenFailure(request: $1)
}
}
}
private func globalApiFailHandler(request: Siesta.Request) -> Request {
return request.chained { //special case to Refresh Token On Auth Failure
if case
.failure(let error) = $0.response, // Did request fail…
error.httpStatusCode == 401, // …because of expired token?
self.appSession != nil { // we have refreshToken
log.warning("Seems like Access Token is expired, Trying to refresh it!")
return .passTo(
self.refreshAuth().chained { // first request a new token, then:
if case .failure = $0.response { // If token request failed…
return .useThisResponse // …report that error.
} else {
return .passTo(request.repeated()) // We have a new token! Repeat the original request.
}
}
)
}
if case
.failure(let error) = $0.response,
error.httpStatusCode != 409 {
log.warning("Something went wrong during request: \(error)")
self.retryLaterEvent() // TODO: Really need this here?
}
return .useThisResponse // If not, use the response we got.
}
}
private func refreshTokenFailure(request: Siesta.Request) -> Request {
return request.chained {
if case
.failure(let error) = $0.response { // Did request fail…
log.error("Refresh token procedure failed with \(error).")
if error.httpStatusCode == 409 {
log.warning("409, Resetting app session storage! Relogin or app recreation is needed!")
self.relogin = true //Reset saved sessions to create new app
self.reloginEvent()
} else {
log.warning("Something went wrong during refresh token procedure. Please retry later!")
self.retryLaterEvent()
}
///let requestError = RequestError(userMessage: "Unable to refresh access token", cause: "")
let response = Response.failure(error) //(requestError)
let responseInfo = ResponseInfo(response: response)
return .useResponse(responseInfo) // If not, use the response we got.
}
return .useThisResponse // We have new token!
}
}
请注意409返回globalApiFailHandler中的代码检查。在那里是因为总是为authRefreshResource调用全局装饰器。如果我们忽略该检查,则由于某些服务器错误,API会陷入无限循环刷新令牌中。
问题是如何为所需的特定资源禁用全局装饰器?有了这个可以优雅地解决我们的问题。
答案 0 :(得分:0)
您可以将任意谓词传递给configure(whenURLMatches:),这样您就可以通过外科手术排除任何您喜欢的东西:
service.configure(whenURLMatches: { url in url.path != "/auth" }) {
...
}
或者,如您所要的那样,如果您想排除一个方便使用Resource的网址,则:
service.configure(whenURLMatches: { $0 != authRefreshResource.url }) {
...
}