Dealing with expired auth token android account manager

Should I be invalidating and requesting a new token every time I need to make a request using a Google auth token from the AccountManager or is there an 'expired-at' time stam开发者_运维技巧p I can use to see if it is still valid.

There is no expiry time provided in the HTTP response from the Google service, so I think you need to ensure that if the auth-token fails to provide access, you use that as the trigger to get a new auth token. Or you could acquire a new token each time the application starts, or create your own timeout.

http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html

Looking at the HTTP response, the status code is 302 (it's redirecting you to provide auth token) and the "Set-Cookie" field in the header is not present. You could key off that.

if (res.getStatusLine().getStatusCode() == 302 && res.getHeaders("Set-Cookie").length == 0) {
    // we need a new token
    // invalidate account manager logic here
}

Failing to get that cookie from Google seems to signify it's time to grab a new token from AccountManager.

As there is no accepted answer yet: I do it by firing my requests in a try block, then catching any exceptions and check if it's a 401 with if (e.getMessage().equals("401 Unauthorized")) { ... }. Then, invalidate the auth token, request a new one and retry the request.

You need to call invalidateAuthToken(String, String) when you know the token has expired. i.e. when the request fails with an authentication error.