Keeping socket open beyond access token expiry time

Options
stefanos
stefanos Newcomer
in WebSocket API

Hi

As soon as I connect to the websocket API I send a Login message with the access token which I got from the auth server. This works, I get a Login Refresh response and I can then subscribe to market updates.

This token expires at 5 minutes, at which case I imagine I need to refresh it, otherwise I get a token expired message.

Using the same process (and the same refresh token I had earlier) I get a new access token and send the same Authentication message. I do this 30 seconds before the expiry time of the first access token. The server responds nothing and later drops the connection.

Tagged:

Best Answer

  • wasin.w
    wasin.w admin
    Answer ✓

    Hello @stefanos

    The re-refresh JSON Login message needs a "Refresh": false parameter-value. The first JSON Login does not need a "Refresh" parameter.

    The re-refresh JSON Login request also will not receive a Login Refresh message from ERT in Cloud WebSocket server. Once the server accepts a re-login request message, all current streams will continue as usual.

    First Login:

    {
       "ID":1,
       "Domain":"Login",
       "Key":{
          "NameType":"AuthnToken",
          "Elements":{
             "ApplicationId":"<your app id>",
             "Position":"<your position>",
             "AuthenticationToken":"<your access token>"
          }
       }
    }

    Re-Refresh Token re-Login:

    {
       "ID":1,
       "Domain":"Login",
       "Key":{
          "NameType":"AuthnToken",
          "Elements":{
             "ApplicationId":"<your app id>",
             "Position":"<your position>",
             "AuthenticationToken":"<your new access token>"
          }
       },
       "Refresh": false
    }

    You can find an example code in Python from the "ELEKTRON REAL TIME IN CLOUD" section example download page.

    image

Answers

  • wasin.w
    wasin.w admin

    Hello @stefanos

    could you please give me your re-refresh token request message? Basically, the re-refresh token request mesage structure is different from access token request message. The re-refresh token request message need to set a "grant_type" parameter as "refresh_token", not "password" as access token request message.

    Re-refresh token request:

    {
       "username":"<username>",
       "refresh_token":"<your current refresh_token>",
       "grant_type":"refresh_token",
       "takeExclusiveSignOnControl": True
    }

    Access token request:

    {
       "username": "<username">,
       "password": "<your password>",
       "grant_type":"password",
       "takeExclusiveSignOnControl":True,
       "scope":"<your scope>"
    }

    If the problem still persist even you have changed a re-refresh token request message, plesae give me the following information:

    • You username/machine id
    • The EDP authentication URL that you sends request messages to
    • You authentication and re-refresh token post request messages (please remove your password from the message)
  • stefanos
    stefanos Newcomer

    Hi @wasin.w

    I'm talking about the web socket login

    The first message I sent is this (auth token hidden)
    {"Domain":"Login","ID":1,"Key":{"NameType":"AuthnToken","Elements":{"ApplicationId":"256","Position":"127.0.1.1","AuthenticationToken":"eyJ0e...Wnb2A"},"Name":"CopyDo"},"Refresh":false}

    This works fine and I can then subscribe to markets and receive market price updates

    In 4.30 minutes I send a new auth message like this:

    {"Domain":"Login","ID":3,"Key":{"NameType":"AuthnToken","Elements":{"ApplicationId":"256","Position":"127.0.1.1","AuthenticationToken":"eyJ0e...WDLoQ"},"Name":"CopyDo"},"Refresh":true}

    The only difference is that I set Refresh: true

    The authentication token is brand new, taken using the same refresh token that I used to get the first auth token

  • stefanos
    stefanos Newcomer

    Thanks @wasin.w

Categories