{"id":15412237,"url":"https://github.com/robthree/autorefreshtokenhttpmessagehandler","last_synced_at":"2025-04-19T11:33:44.484Z","repository":{"id":223287331,"uuid":"759834697","full_name":"RobThree/AutoRefreshTokenHttpMessageHandler","owner":"RobThree","description":"A thread-safe implementation of a DelegatingHandler that automatically refreshes the access token when the access token expires whilst **not** serializing all requests.","archived":false,"fork":false,"pushed_at":"2024-10-09T20:02:33.000Z","size":28,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-10-09T20:16:21.694Z","etag":null,"topics":["accesstoken","c-sharp","c-sharp-8","c-sharp-library","refreshtoken"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RobThree.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["RobThree"],"custom":["https://paypal.me/robiii"]}},"created_at":"2024-02-19T12:30:43.000Z","updated_at":"2024-10-09T20:00:12.000Z","dependencies_parsed_at":null,"dependency_job_id":"fb77b93c-87d4-4d5b-b0d4-06d3cbad333a","html_url":"https://github.com/RobThree/AutoRefreshTokenHttpMessageHandler","commit_stats":null,"previous_names":["robthree/autorefreshtokenhttpmessagehandler"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RobThree%2FAutoRefreshTokenHttpMessageHandler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RobThree%2FAutoRefreshTokenHttpMessageHandler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RobThree%2FAutoRefreshTokenHttpMessageHandler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RobThree%2FAutoRefreshTokenHttpMessageHandler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RobThree","download_url":"https://codeload.github.com/RobThree/AutoRefreshTokenHttpMessageHandler/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":220097434,"owners_count":16594154,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["accesstoken","c-sharp","c-sharp-8","c-sharp-library","refreshtoken"],"created_at":"2024-10-01T16:51:55.969Z","updated_at":"2024-10-17T16:03:58.631Z","avatar_url":"https://github.com/RobThree.png","language":"C#","readme":"# ![Logo](https://raw.githubusercontent.com/RobThree/AutoRefreshTokenHttpMessageHandler/main/icon.png) AutoRefreshTokenHttpMessageHandler\n\n![Build Status](https://img.shields.io/github/actions/workflow/status/RobThree/AutoRefreshTokenHttpMessageHandler/test.yml?branch=main\u0026style=flat-square) [![Nuget version](https://img.shields.io/nuget/v/AutoRefreshTokenHttpMessageHandler.svg?style=flat-square)](https://www.nuget.org/packages/AutoRefreshTokenHttpMessageHandler/)\n\nThis is a thread-safe implementation of a `DelegatingHandler`, available as [Nuget package](https://www.nuget.org/packages/AutoRefreshTokenHttpMessageHandler/), that automatically refreshes the access token when the access token expires whilst **not** serializing all requests. Most implementations use a lock internally which essentially makes all async actions synchronous again. This implementation only blocks during the actual refresh. Inspired by Bryan Helms' [Thread-Safe Auth Token Store Using ConcurrentDictionary and AsyncLazy](https://bryanhelms.com/2021/03/29/thread-safe-auth-token-store-using-concurrentdictionary-and-asynclazy.html).\n\n## Quickstart\n\n```c#\nvar builder = WebApplication.CreateBuilder(args);\n\nbuilder.Services.Configure\u003cTokenOptions\u003e(configuration.GetRequiredSection(\"MyClient\"))\n    .AddTransient\u003cTokenDelegatingHandler\u003e()\n    .AddHttpClient\u003cITokenAuthenticationService, TokenAuthenticationService\u003e()\n    .ConfigureHttpClient(c =\u003e c.BaseAddress = new Uri(\"http://auth.myservice.com\")).Services\n```\n\n## Custom service:\n```c#\nbuilder.Services.AddHttpClient\u003cMyService\u003e()\n    .ConfigureHttpClient(c =\u003e c.BaseAddress = new Uri(\"http://myservice.com\"))\n    .AddHttpMessageHandler\u003cTokenDelegatingHandler\u003e();\n\npublic class MyService(HttpClient client)\n{\n    public Task\u003cIEnumerable\u003cMyFoo\u003e\u003e GetFoos() =\u003e client.GetFromJsonAsync\u003cIEnumerable\u003cFoo\u003e\u003e(\"/api/v1/foos\");\n}\n```\n\n## ...or using [Refit](https://github.com/reactiveui/refit):\n```c#\n// ...or Refit:\nbuilder.Services.AddRefitClient\u003cIMyService\u003e()\n    .ConfigureHttpClient(c =\u003e c.BaseAddress = new Uri(\"http://myservice.com\"))\n    .AddHttpMessageHandler\u003cTokenDelegatingHandler\u003e();\n\npublic interface IMyService\n{\n    [Get(\"/api/v1/foos\")]\n    Task\u003cIEnumerable\u003cFoo\u003e\u003e GetFooss();\n}\n```\n\n## Adding [Polly](https://www.thepollyproject.org/) to the mix:\n```c#\nbuilder.Services.AddHttpClient\u003cMyService\u003e()\n    .ConfigureHttpClient(c =\u003e c.BaseAddress = new Uri(\"http://myservice.com\"))\n    .AddHttpMessageHandler\u003cTokenDelegatingHandler\u003e();\n    .AddPolicyHandler(HttpPolicyExtensions\n        .HandleTransientHttpError()\n        .WaitAndRetryAsync(Backoff.DecorrelatedJitterBackoffV2(TimeSpan.FromSeconds(1), 3))\n    ).Services\n```\n## Add options to appsettings:\n\n### Client credentials:\n```json\n{\n  \"MyClient\": {\n    \"ClientId\": \"myclient\",\n    \"ClientSecret\": \"clientsecretclientsecretclientsecret\",\n    \"TokenEndpoint\": \"http://auth.myservice.com/realms/myapi/protocol/openid-connect/token\"\n  }\n}\n```\n\n### ...or using username/password:\n```json\n{\n  \"MyClient\": {\n    \"ClientId\": \"myclient\",\n    \"ClientSecret\": \"clientsecretclientsecretclientsecret\",\n    \"Username\": \"admin\",\n    \"Password\": \"mysup3rs4f3p455w0rd\",\n    \"TokenEndpoint\": \"http://auth.myservice.com/realms/myapi/protocol/openid-connect/token\"\n  }\n}\n```\n\n## Attribution\n\nIcon by [Freepik](https://www.freepik.com/icon/key_908229)","funding_links":["https://github.com/sponsors/RobThree","https://paypal.me/robiii"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobthree%2Fautorefreshtokenhttpmessagehandler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobthree%2Fautorefreshtokenhttpmessagehandler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobthree%2Fautorefreshtokenhttpmessagehandler/lists"}