maintainToken static method

Future<void> maintainToken({
  1. required String clientId,
  2. required String clientSecret,
  3. required String redirectUri,
  4. String? deviceName,
  5. String? state,
  6. String stateEncrypter(
    1. String plaintext
    )?,
  7. String tokenEncrypter(
    1. String plaintext
    )?,
  8. String tokenDecrypter(
    1. String ciphertext
    )?,
  9. bool reAuthOnFail = true,
})

This method maintains the token that is stored locally.

clientId Identifies the client that is making the request. The value passed in this parameter must exactly match the value you receive from hue.

clientSecret The client secret you have received from Hue when registering for the Hue Remote API.

redirectUri This parameter must exactly match the one configured in your hue developer account.

deviceName The device name should be the name of the app or device accessing the remote API. The deviceName is used in the user’s “My Apps” overview in the Hue Account (visualized as: “

state Provides any state that might be useful to your application upon receipt of the response. The Hue Authorization Server round-trips this parameter, so your application receives the same value it sent. To mitigate against cross-site request forgery (CSRF), a long (30+ digit), random number is prepended to state. When the response is received from Hue, it is recommended that you compare the string returned from this method, to the one that is returned from Hue.

tokenEncrypter When the token is stored locally, it is encrypted. This parameter allows you to provide your own encryption method. This will be used in addition to the default encryption method. This will be performed before the default encryption method.

stateEncrypter When the state value is stored locally, it is encrypted. This parameter allows you to provide your own encryption method. This will be used in addition to the default encryption method. This will be performed before the default encryption method.

tokenDecrypter When the old tokens are read from local storage, they are decrypted. This parameter allows you to provide your own decryption method. This will be used in addition to the default decryption method. This will be performed after the default decryption method.

reAuthOnFail If this is set to true, then if the token is expired, then the user will be re-authenticated. If this is set to false, then the ReauthRequiredException will be thrown.

Implementation

static Future<void> maintainToken({
  required String clientId,
  required String clientSecret,
  required String redirectUri,
  String? deviceName,
  String? state,
  String Function(String plaintext)? stateEncrypter,
  String Function(String plaintext)? tokenEncrypter,
  String Function(String ciphertext)? tokenDecrypter,
  bool reAuthOnFail = true,
}) async {
  Map<String, dynamic>? tokenData =
      await TokenRepo.fetchTokenData(decrypter: tokenDecrypter);

  if (tokenData == null) return;

  String? token = tokenData[ApiFields.accessToken];
  String? expirationDateStr = tokenData[ApiFields.expirationDate];
  String? refreshToken = tokenData[ApiFields.refreshToken];

  DateTime? expirationDate = DateTime.tryParse(expirationDateStr ?? "");

  try {
    if (token == null ||
        expirationDate == null ||
        expirationDate.difference(DateTime.now()).inDays <= 1) {
      await _refreshToken(
        refreshToken: refreshToken,
        clientId: clientId,
        clientSecret: clientSecret,
        encrypter: tokenEncrypter,
        decrypter: tokenDecrypter,
      );
    }
  } catch (_) {
    if (reAuthOnFail) {
      await BridgeDiscoveryRepo.remoteAuthRequest(
        clientId: clientId,
        redirectUri: redirectUri,
        deviceName: deviceName,
        state: state,
        encrypter: stateEncrypter,
      );
    } else {
      throw const ReauthRequiredException();
    }
  }
}