我们正在使用:
BMSClient.getInstance().registerAuthenticationListener("realm", new CustomAuthentication(this));
和:
AuthorizationManager.createInstance(this.getApplicationContext());
AuthorizationManager.getInstance().setAuthorizationPersistencePolicy(AuthorizationManager.PersistencePolicy.ALWAYS);
将授权数据存储在手机上。“授权数据将保存在本地存储”设置为始终。
上面的代码总是在启动时在我们的启动画面上运行,所以它总是在应用程序重新启动时运行。
我们遇到的问题是,在我们怀疑令牌过期的一段时间(数小时或数天)之后,我们会收到HTTP 307形式的响应。即使在重新启动应用程序后,我们仍然会收到对我们请求的响应。解决它的唯一方法是从设置进入应用程序并清除所有数据。
以下问题将帮助我们继续进行测试和可能的解决方案:
- 令牌在 BMSClient 中缓存了多长时间?(测试目的)
- AuthorizationManager 可以以任何方式帮助我们强制获取新的令牌吗?
- 他们是否正在开发注销功能?
我们的自定义监听器:
public class CustomAuth implements AuthenticationListener {
private Context activityContext;
public CustomAuth(Context activityContext) {
this.activityContext = activityContext;
}
@Override
public void onAuthenticationChallengeReceived(AuthenticationContext authContext, JSONObject challenge, Context context) {
//1. read the challenge JSONObject
//2. handle the challenge (use the context for handling UI based operations)
//3. return response using the AuthenticationContext authContext
SharedPreferences preferences = activityContext.getSharedPreferences("UserPreference", Context.MODE_PRIVATE);
String email = preferences.getString("email", "");
if(email.equals("")) {
email = "unidentified-user@error.com";
}
JSONObject jsonEmail = new JSONObject();
try {
jsonEmail.put("email", email);
} catch (JSONException e) {
authContext.submitAuthenticationChallengeAnswer(null);
}
authContext.submitAuthenticationChallengeAnswer(jsonEmail);
}
@Override
public void onAuthenticationSuccess(Context context, JSONObject info) {
//additional operations in case of authentication success
Log.d("Authentication", "Auth success: " + String.valueOf(info));
}
@Override
public void onAuthenticationFailure(Context context, JSONObject info) {
//additional operations in case of authentication failure
Log.d("Authentication", "Auth failure ." + String.valueOf(info));
}
}