Thread
#general
    teebot

    teebot

    7 months ago
    Hi, I have a peculiar case to handle on react native. One of our native integration is making an authenticated call but since we're not in react native land it will not contain the cookie header. I don't know how to retrieve the cookie so that I could include it in that native call?
    maybe with
    getAccessTokenPayloadSecurely
    ?
    or taking it from async storage maybe?
    r

    rp

    7 months ago
    getAccessTokenPayloadSecurely
    is in RN land, so it's not available in native land.
    so you would have to read from async storage yourself manually and fetch the access token + id refresh token from there. Then add them to the cookies when making the request
    teebot

    teebot

    7 months ago
    no but we can pass a message to the native
    r

    rp

    7 months ago
    Hmmm. I see.
    teebot

    teebot

    7 months ago
    if we can get the cookie content from RN it's fine
    r

    rp

    7 months ago
    React native - native land cookie fetching
    @User can help with this.
    n

    nkshah2

    7 months ago
    @User calling getAccessTokenPayload would not retrieve the cookie headers so that wont work for you. The SDK itself relies on react-native's networking layer for cookie handling so theres no way to fetch the headers manually unfortunately
    If it is an option you could try making the request itself from react native's side of things and return the response back to native (if the native module is in your control that is)
    Other than that you could try and leverage React Native's native implementation of networking (okhttp on Android and URLSession on iOS) and use their cookie manager for your request too. Ill get back to you with more details on this because ill have to do a deep dive myself but these are the only options I can think of
    teebot

    teebot

    7 months ago
    what we're trying now is get the content of sftoken from async-storage and then put its content into the cookie header . that should work too right?
    we don't have the option of making that request from RN because it's a 3rd party integration
    r

    rp

    7 months ago
    I don't think that the session tokens we generate are stored in async-storage.
    is that right @User ?
    n

    nkshah2

    7 months ago
    So the front token (sFrontToken) wont work as a cookie header, and yes thats right @User we dont store the session tokens in async storage
    r

    rp

    7 months ago
    So one more idea @User is that if you could see which lib the third party integration uses and add interceptors to it, and then in your interceptors, you can make a request to the RN land and then back to the native land. Maybe that should work?
    Another idea is to enable JWT in the sessions. This way, the JWT is stored in the async-storage and can be fetched via
    getAccessTokenPayloadSecurely
    function. Then that can be added as an authorisation bearer token to the request made by the third party, and your APIs would then need to also be able to verify a JWT as an alternate was of doing sessions.
    teebot

    teebot

    7 months ago
    ok thanks that's indeed 2 good options
    are you sure we can get the access token from
    getAccessTokenPayloadSecurely
    ? it seemed to be only the payload of the JWT without its signature
    can't we use directly storage's
    sFrontToken
    as JWT token ?
    r

    rp

    7 months ago
    So the session contains the access token, which is a signed cookie. In that, you have the access token payload which can be fetched via
    getAccessTokenPayloadSecurely
    . If you enable JWT, we create a separate JWT and put that inside the session's access token payload with the key as
    jwt
    (by default). So if you do
    await getAccessTokenPayloadSecurely()["jwt"]
    , you will actually get the JWT string which you can then pass to your backend
    teebot

    teebot

    7 months ago
    this is the content I get from getAccessTokenPayloadSecurely :
    {
      "phoneNumber": "+32468214620"
    }
    r

    rp

    7 months ago
    Have you enabled JWT on the backend?
    teebot

    teebot

    7 months ago
    ah damn no
    ok doing this
    r

    rp

    7 months ago
    hehe ok
    teebot

    teebot

    7 months ago
    so we'll be able to use both JWT and session with this right?
    r

    rp

    7 months ago
    Yea
    teebot

    teebot

    7 months ago
    So we still don't have a jwt in the getAccessTokenPayloadSecurely in a new login with
    Session.init({
            jwt: {
              enable: true
            }
          })
    could it because of this override?
    const session = await Session.createNewSession(
                      input.options.res,
                      user.id,
                      {
                        // we are adding the phoneNumber to the access token payload.
                        // This will also be accessible in all API calls + on the frontend.
                        phoneNumber
                      },
                      {}
                    );
    r

    rp

    7 months ago
    hmm. That's odd
    Can you please open a github issue about this and we shall have a look asap
    n

    nkshah2

    7 months ago
    What output do you get when you call get access token payload?
    Also what sdk and version are you using for the backend?
    teebot

    teebot

    7 months ago
    oh wait it was a brainfart we actually have it !
    sorry about this
    r

    rp

    7 months ago
    oh great!
    n

    nkshah2

    7 months ago
    Glad it works!
    teebot

    teebot

    7 months ago
    yes I can confirm it totally works! awesome
    thx for your help and super quick reaction 💪 💪 💪