Hi Sanjeewa, Looks like this error code is generic?. Could you pls point me where it's initiating?. In my user case it starts with user invoking /token and getting a valid user token. So token revoke won't be applicable? (unless someone intentionally did).
@Sameera, I believe keeping track of the expiry time wouldn't be the correct approach here. One reason is that expiry time will change(reduce) if same user requests /token again (via diff app., etc). Also it would be a overhead to keep a timer until the token expires.. On Wed, Jul 17, 2013 at 6:33 PM, Sameera Jayasoma <[email protected]> wrote: > Or else you can use the expiry time of an access token as a mesure. When > you request the access token first time, you get the access token, refresh > token as well as the expire time. Whenever you need to invoke the API > again, check the expiry time with the current time. > > If the token is expired then use the refresh token to get a new token. > This method should be efficient IMO. Otherwise you will have to do a call > to get to know whether the access token is expired or not. > > Thanks, > Sameera. > > > On Wed, Jul 17, 2013 at 5:12 PM, Sanjeewa Malalgoda <[email protected]>wrote: > >> Hi supun, >> >> On Wed, Jul 17, 2013 at 4:18 PM, Supun Malinga <[email protected]> wrote: >> >>> Hi, >>> >>> I can see the response for API invocation with an expired token is, >>> <ams:fault >>> xmlns:ams="http://wso2.org/apimanager/security";><ams:code>900904</ams:code><ams:message>Access >>> Token Inactive</ams:message><ams:description>Access failure for API: /test, >>> version: 1.0.0 with key: >>> 2974848455beee48d9012df0bb9a72</ams:description></ams:fault> >>> >>> So can I user the given error code (900904) specifically detect a token >>> expiry scenario?. >>> >> We used this code to indicate that access token is inactive state(It can >> be revoked or expired). You can use generally this code to detect token is >> in invalid state. >> >> Thanks, >> Sanjeewa. >> >>> >>> If not what is the correct way to do this?. >>> >>> thanks, >>> -- >>> Supun Malinga, >>> >>> Senior Software Engineer, >>> WSO2 Inc. >>> http://wso2.com >>> http://wso2.org >>> email - [email protected] <[email protected]> >>> mobile - 071 56 91 321 >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> * >> * >> *Sanjeewa Malalgoda* >> WSO2 Inc. >> Mobile : +94713068779 >> >> <http://sanjeewamalalgoda.blogspot.com/>blog >> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/> >> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Sameera Jayasoma, > Architect, > > WSO2, Inc. (http://wso2.com) > email: [email protected] > blog: http://sameera.adahas.org > twitter: https://twitter.com/sameerajayasoma > flickr: http://www.flickr.com/photos/sameera-jayasoma/collections > > Lean . Enterprise . Middleware > -- Supun Malinga, Senior Software Engineer, WSO2 Inc. http://wso2.com http://wso2.org email - [email protected] <[email protected]> mobile - 071 56 91 321
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
