SecureCredentialsManager throws unexpected exception

sproctor · September 16, 2020, 12:49pm

I’m using the SecureCredentialsManager in an Android app. When the id token expires, getCredentials throws CredentialsManagerException("No Credentials were previously set."). The documentation says it’s supposed to automatically renew the tokens with the refresh token when they expire.

The code causing this exception is:

    val token = suspendCoroutine<String?> { cont ->
        manager.getCredentials(object :
            BaseCallback<Credentials, CredentialsManagerException> {
            override fun onSuccess(credentials: Credentials) {
                cont.resume(credentials.idToken)
            }

            override fun onFailure(error: CredentialsManagerException) {
                cont.resumeWithException(error)
            }
        })
    }

manager.hasValidCredentials() returns true before this code executes.

sproctor · September 16, 2020, 2:00pm

A bit further investigation and I see that the refresh token hasn’t been set. It seems that WebAuthProvider.login is giving credentials without a refresh token.

sproctor · September 16, 2020, 4:29pm

And further investigation, WebAuthProvider needs to be called with scope offline_access to get the refresh token. Problem solved.