Fix JWT handling

RobinTTY · Dec 9, 2022 · 7995833 · 7995833
1 parent 60fec17
commit 7995833
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 11 deletions.
diff --git a/src/RobinTTY.NordigenApiClient/NordigenClient.cs b/src/RobinTTY.NordigenApiClient/NordigenClient.cs
@@ -80,8 +80,8 @@ internal async Task<NordigenApiResponse<TResponse, TError>> MakeRequest<TRespons
         ) where TResponse : class where TError : class
     {
         var requestUri = query != null ? UriQueryBuilder.BuildUriWithQueryString(uri, query) : uri;
-        var authToken = useAuthentication ? await TryGetValidTokenPair(cancellationToken) : null;
-        var client = useAuthentication ? _httpClient.UseNordigenAuthenticationHeader(authToken) : _httpClient;
+        JwtTokenPair = useAuthentication ? await TryGetValidTokenPair(cancellationToken) : null;
+        var client = useAuthentication ? _httpClient.UseNordigenAuthenticationHeader(JwtTokenPair) : _httpClient;
 
         HttpResponseMessage ? response;
         if (method == HttpMethod.Get)
@@ -110,20 +110,17 @@ internal async Task<NordigenApiResponse<TResponse, TError>> MakeRequest<TRespons
         if (JwtTokenPair == null || JwtTokenPair.RefreshToken.IsExpired(TimeSpan.FromMinutes(1)))
         {
             var response = await TokenEndpoint.GetTokenPair(cancellationToken);
-            JwtTokenPair = new JsonWebTokenPair(response.Result!.AccessToken.EncodedToken, response.Result!.AccessToken.EncodedToken);
             return response.IsSuccess ? response.Result : null;
         }
 
         // Refresh the current access token if it's expired (or valid for less than a minute)
         if (JwtTokenPair.AccessToken.IsExpired(TimeSpan.FromMinutes(1)))
         {
             var response = await TokenEndpoint.RefreshAccessToken(JwtTokenPair.RefreshToken, cancellationToken);
-            if (!response.IsSuccess) return null;
-
-            // Update the token pair with the response
-            JwtTokenPair.AccessToken = response.Result!.AccessToken;
-            JwtTokenPair.AccessExpires = response.Result!.AccessExpires;
-            return JwtTokenPair;
+            return response.IsSuccess ?
+                // Return a new token pair consisting of the new access token and existing refresh token
+                new JsonWebTokenPair(response.Result!.AccessToken, JwtTokenPair.RefreshToken, response.Result!.AccessExpires, JwtTokenPair.RefreshExpires)
+                : null;
         }
 
         // Token pair is still valid and can be returned

diff --git a/src/RobinTTY.NordigenApiClient/RobinTTY.NordigenApiClient.csproj b/src/RobinTTY.NordigenApiClient/RobinTTY.NordigenApiClient.csproj
@@ -14,7 +14,7 @@
     <PackageTags>Nordigen; API; client</PackageTags>
     <PackageReleaseNotes>$([System.IO.File]::ReadAllText("$(MSBuildProjectDirectory)/release-notes.txt"))</PackageReleaseNotes>
     <PackageLicenseExpression>MIT</PackageLicenseExpression>
-    <Version>2.0.2</Version>
+    <Version>2.0.3</Version>
   </PropertyGroup>
 
   <ItemGroup>

diff --git a/src/RobinTTY.NordigenApiClient/release-notes.txt b/src/RobinTTY.NordigenApiClient/release-notes.txt
@@ -1 +1 @@
-Fixed BankAccountDetails ignoring BIC in json responses.
+Fixes JWT handling/updating. Prior implementation could cause a NullReferenceException if JWT refresh fails due to API not being reachable.
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		Fixed BankAccountDetails ignoring BIC in json responses.
		Fixes JWT handling/updating. Prior implementation could cause a NullReferenceException if JWT refresh fails due to API not being reachable.