diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/oauth/token-protected-service-invokers.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/oauth/token-protected-service-invokers.js index d29498a3180..ed40ee7de8a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/oauth/token-protected-service-invokers.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/oauth/token-protected-service-invokers.js @@ -117,15 +117,44 @@ var invokers = function () { log.debug("Response status : " + xmlHttpRequest.status); log.debug("Response payload if any : " + xmlHttpRequest.responseText); - if (xmlHttpRequest.status == 401 && (xmlHttpRequest.responseText == TOKEN_EXPIRED || - xmlHttpRequest.responseText == TOKEN_INVALID ) && count < 5) { - tokenUtil.refreshTokenPair(); - return privateMethods.execute(httpMethod, requestPayload, endpoint, responseCallback, ++count, headers); - } else { + if (xmlHttpRequest.status == 401) { + if ((xmlHttpRequest.responseText == TOKEN_EXPIRED || + xmlHttpRequest.responseText == TOKEN_INVALID ) && count < 5) { + tokenUtil.refreshTokenPair(); + return privateMethods.execute(httpMethod, requestPayload, endpoint, responseCallback, ++count, headers); + } else if (privateMethods.isInvalidCredential(xmlHttpRequest.responseText)) { + tokenUtil.refreshTokenPair(); + return privateMethods.execute(httpMethod, requestPayload, endpoint, responseCallback, ++count, headers); + } + } else { return responseCallback(xmlHttpRequest); - } + } }; + + /** + * This method verify whether the access token is expired using response payload. + * This is required when using API gateway. + * @param responsePayload response payload. + * return true if it is invalid otherwise false. + */ + privateMethods["isInvalidCredential"] = + function (responsePayload) { + if (responsePayload) { + try { + payload = parse(responsePayload); + if (payload["fault"]["code"] == 900901) { + log.debug("Access token is invalid: " + payload["fault"]["code"]); + log.debug(payload["fault"]["description"]); + return true; + } + } catch (err) { + // do nothing + } + } + return false; + }; + /** * This method add Oauth authentication header to outgoing XML-HTTP Requests if Oauth authentication is enabled. * @param httpMethod HTTP request type.