Reuse auth cookie

[anguriskit24]

I am working on an enhancement to re-use the auth cookie so it doesn't need to re-login every time. I am starting with writing the cookies to a file on the file system that can then be read back into memory on next run. Thoughts on this?

[anguriskit24]

I have started with code on fork here: https://github.com/anguriskit24/CareLinkJavaClient/tree/feature/reuse-auth

[benceszasz]

There is no reason to save the login cookie in the filesystem. The cookie is stored in the SimpleOkHttpCookieJar instace until it is expired or CareLink reports a login error when an API is called. In any of these cases the login cookie cannot be used anymore and a new login must be carried out The CareLinkClient doesn't execute a new login everytime, only when it is needed: logged in yet or previous login cookie cannot be used anymore, see getAuthorizationToken method of CareLinkClient class.

[anguriskit24]

Thanks for the response and thanks for sharing this code.

I was using this from the command line, so once the CLI client pulls down the data, the java process stops. Next time I run it from the command line, I was thinking it could check to see about re-using a token/cookie instead of doing the full login. This would help if its running like a cron job.

I can see when I am logged in to carelink from a browser, after a while, the website makes a call to https://carelink.minimed.eu/patient/sso/reauth passing the current auth token and it then gets a new token. And I saw that nightscout code is using this sso/reauth.

[benceszasz]

You can try to create a special custom version, in which the client state can be saved (for example by using serialization).

As far as I know Nigthscout is not killing the minimed connect js object instances after a request and mmconnect is not saving the cookie in the filesystem.

Reauth can be added to the client: it is for renewing the auth cookie before it expires without having to provide authentication data (username and password)., but it only works with using an existing and valid auth cookie.

[anguriskit24]

I focused on your last comment first and made changes in this fork here to get a new auth token when the existing token nears expiration instead of attempting a new login: https://github.com/anguriskit24/CareLinkJavaClient/tree/feature/get-new-auth-token