Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Maui App Invalid Refresh Tokens Cause App To Quit #11618


User avatar
0
rickfrankel created

Using 11.2.

When using the MAUI app, if the refresh token fails due to it being invalid then the MAUI app automatically quits and there isn't a way to recover other than to uninstall the app (or clear the app data/cache) and then you are ok.

The quit happens because UserConfigurationManager has an error handler in the call to _userConfigurationService.GetAsync

The failure looks to be in AccessTokenmanager.cs in the RefreshTokenAsync call.

The ReceiveJson section of the client triggers the AbpExceptionHandler code to run. In our case the call to the RefreshTokenAsync is returning a 500 internal server error (on the server side we can see it is a refresh token is not valid error). This then gets handled as an error. We don't see any dialogs and the code fails all the way out to the error handle in the GetAsync call at the top and quits the app.

Expected result: If the refresh token is not valid then you should just see a login screen and the _userConfigurationService.GetAsync call should be treated as if the user wasn't authenticated and there was no saved session for them.

Easiest way to reproduce it is to debug and modify the refresh token on the call such that it becomes invalid. The actual scenario we have is that we're debugging another completely random issue and switching between environments. This causes all sorts of issues with our tokens. However in prod this could become a real issue when the refresh tokens eventuall expire.

Thanks Rick


1 Answer(s)