[FRPAL-5609] Add support for redirects from API endpoints #46
Conversation
[FRPAL-5609] Add support for redirects from API endpoints
Test Results 3 files 3 suites 3s ⏱️ Results for commit 5556d2d. ♻️ This comment has been updated with latest results. |
There was a problem hiding this comment.
There is a subtle, hard-to-reproduce bug with this approach.
If a user has an expired access token, but a valid refresh token, they will get a 403 Forbidden result code (but with the same URL); the code in lines 189-198 will get a new access token and retry the request.
This request will get redirected, but then result in ForbiddenRedirectException getting thrown to the caller and not handled in Float.Core.
There was a problem hiding this comment.
Can you look into the HttpClientHandler.AllowAutoRedirect property?
It seems like maybe we can set this value to false and then we would receive the original redirected response (and be able to check the status of code 301/302 as opposed to assuming an unsuccessful response should be retried).
This may also be able to be done directly in the implementing application as opposed to Float.Core (the implementing application is what defines the HttpClientHandler).
|
@mediabounds After setting the value to false now the 301/302 is returned, now Im validating if a redirect status code is returned and also that the host of both the original request and the redirect is the same to avoid sending the request to a unknown location |
FRPAL-5609 Add support for redirects from API endpoints