MyDriving app needs to handle expired/invalid access tokens for authentication

[nicolehaugen]

Before we dive into the issue, first let’s look at how the MyDriving app implements authentication. The MyDriving app uses server flow authentication provided by the Azure Mobile Apps client SDK to login users with their Facebook, Twitter, and MSA accounts. Specifically, the app calls the SDK’s LoginAsync method to open a web view for the selected provider and login the user. A key point is that currently, the LoginAsync method does not automatically attempt to re-login the user or refresh the user’s access token once it expires or is invalid. Fortunately, we have all the tools we need to implement this behavior since the mobile service does provide an end point to refresh the access token. And, as already mentioned, we can continue to use the SDK’s LoginAsync method to prompt the user to re-login as needed.

Now we’re ready to look at what’s missing in the current implementation of the MyDriving app.
The issue is that the MyDriving app only handles logging in the user the first time that the app is launched. The app does not handle the situation where the user’s access token has expired (MSA access tokens expire in only 1 hour) or become invalid (for example, the user may have changed their password). The negative side effect of this is that the MyDriving app continues to run and save/read data from the local data store, but because the user is no longer authenticated, this data never gets saved to or refreshed from the mobile service. Even worse, is that the MyDriving app never prompts the user to login again – this means that once the user’s access token expires or is invalid, the MyDriving app can never connect to the mobile service again. The only solution is to uninstall and reinstall the app.

[nicolehaugen]

Closing since this has been fixed and checked in.