Add support for OAuth Authentication with automatic token refresh

Question

Add support for OAuth Authentication with automatic token refresh

b1zzu opened this issue 3 years ago · 4 comments

Currently, the SDK supports only the access token which will expire within 15 minutes.

Current behavior:
The ApiClient is generated by default with the HttpBearerAuth authentication class and it can not substitute or overwrite therefore the only way to add a refresh token logic is to wrap the whole API and check if the token is expired before calling the API.

Expected behavior:
The ApiClient should support the OAuth token refresh logic or it should allow the user to pass/set/overwrite the authentication with a custom one.

From some of the existing issues on the openapi-generator project:

jersey2 should have pretty good Oauth support (e.g. automatic token refresh, etc) OpenAPITools/openapi-generator#8702 (comment)

which make me things that we only need to propose an improve to the openapi-generator project

Answer 1 · 2021-10-25T18:12:00.000Z

@secondsun WDYT?

Answer 2 · 2021-10-25T19:16:56.000Z

I think that this is probably something we can do with just a generator change. I'll take a look at it.

Answer 3 · 2021-10-26T08:00:09.000Z

I give it a look and I think this is mainly a missing feature with the resteasy java library: https://github.com/OpenAPITools/openapi-generator/tree/master/modules/openapi-generator/src/main/resources/Java/libraries/resteasy
and it's already solved in the jersey2 java library
https://github.com/OpenAPITools/openapi-generator/tree/master/modules/openapi-generator/src/main/resources/Java/libraries/jersey2

So maybe this could be even an opensource project for an intern

Answer 4 · 2021-10-26T08:42:09.000Z

We can regenerate OpenAPI with different client (assuming that API would not change much)