10

Sometimes I'm running in a situation where a Firbease ID token never gets refreshed.

On each app start I force a refresh of the token with getIdToken(true) and before every call to the server I get the cached token with getIdToken() which should refresh the token automatically when it is expired (am I right?)

But sometimes I receive an token expired exception every time. Only solution I found till now is to clear all app data. After that the user has to sign in again and everything works. Because the app data hasn't been saved to the server due to the expired token they are lost. So this isn't a solution I want to use.

Does anyone have an idea why that happens and how can I prevent it?

Update I'm using Firbease SDK version 11.6.0 (because there was an issue with notification icon in 11.8.0)

Thomas Meinhart
  • 659
  • 2
  • 7
  • 28
  • If want to refresh token forcefully you must delete instance id see this url = https://stackoverflow.com/a/37579912/7609347 – Vivek Barai Apr 03 '18 at 05:50
  • 1
    Why do i have to delete the instance id? Is this a workaround or is this a common way? Why does getIdToken(true) not work? – Thomas Meinhart Apr 03 '18 at 06:05
  • When you authenticate a user a unique id is generated this id is not deleted and can be re-used for authentication so it is not refresh for refreshing it you can delete that instance and regenerate it. – Vivek Barai Apr 03 '18 at 06:22
  • You can go through this link https://firebase.google.com/docs/auth/admin/manage-sessions – Vivek Barai Apr 03 '18 at 06:25
  • when calling getIdToken() with "true" as argument, you are forcing the SDK to get a new one, otherwise it will refresh it once the current IdToken expires. Without knowing the SDK version you are using, any logs from your app showing the mentioned behavior or a minimal example (https://stackoverflow.com/help/mcve) it would be hard to know what is causing this. Does it happen too when using one of the sample provided by Firebase? https://github.com/firebase/quickstart-android/tree/master/auth – Gerardo Apr 04 '18 at 00:14
  • I'm sorry. I updated my question. Unfortunately i can't show a code example. As i said on app start first call is executed with getIdToken(true) to force get a new one. All the other calls ar done with getIdToken() to fetch the cached version as long the token isn't expired. In 98% of the cases this works well. But in some cases there is the explained behavior. Maybe it happens when user reinstall my app? – Thomas Meinhart Apr 04 '18 at 04:41
  • Does anyone no why `getIdToken() with "true"` is returning a token but it does not consider the claims updates? – Omar Sep 24 '20 at 19:40
  • Side comment. You are on a public forum asking for volunteers to help you. https://stackoverflow.com/help/minimal-reproducible-example – John Hanley Feb 15 '22 at 01:44
  • See my answer on a similar question https://stackoverflow.com/a/63258235/4868790 – MAW Jun 15 '22 at 23:35

0 Answers0