Thales Machado
Aug 24, 2017 · 1 min read

On isHttp401Error() you're actually checking if it's 403.
There's a big difference on 401 and 403

403 means Forbidden, that is, you're trying to access resources that are not allowed to you. Basically it's the server side telling you "I know who you are, and you can't access this other user/scoped content".

Refreshing the token shouldn't make it accessible, as you're still the same identity, and will get 403 when trying to make the same request again.

401 on the other hand, means Unauthorized , which means that, "I know who you're telling you are, but am not quite sure", which can mean that your current token is expired, or, if there's a header WWW-Authenticate "I'm willing to trust you if you perform some kind of challenge chosen by me".

If the case is you're token is expired, and you refresh it, than when trying to make the first request again everything should be fine.

)

    Thales Machado

    Written by

    Sr Software Engineer @Uber. Allowed to do dad jokes.