react-native-sdk icon indicating copy to clipboard operation
react-native-sdk copied to clipboard
verified publisher icon Iterable

App crashes when JWT token expired before it retried to refresh it on init

Open buuuudzik opened this issue 1 year ago • 11 comments

We are using the Iterable SDK in our project, currently at version 1.3.19: "@iterable/react-native-sdk": "1.3.19",

Recently, we have encountered errors in production, which I have also been able to reproduce in development mode. It appears that if the app is left logged in and then fully closed for a period longer than the JWT token expiration time, the Iterable SDK does not attempt to refresh the token before using it. This results in a complete app crash, and we have no means to prevent it.

Could you ensure that your SDK cannot cause the app to crash entirely? There should be an error handler to allow us to check what happened in the SDK without encountering an unmanageable low-level error.

Additionally, it would be helpful if we could pass a new auth token via Iterable.setEmail(email, token) while still utilizing the auto-refresh mechanism. Currently, when we pass the token using the mentioned method, the auto-refresh mechanism stops working.

Here is the error we found that causes the app to crash completely: CleanShot 2024-07-25 at 15 57 19

buuuudzik avatar Jul 25 '24 14:07 buuuudzik

Hi @buuuudzik, thanks for sharing -- I've reached out through your Support ticket for additional details; please share the full crash log and device info. We will look into this :)

jena-chakour avatar Jul 25 '24 18:07 jena-chakour

Below you can find the whole crashlog from BugSnag from the production:

java.lang.RuntimeException: An error occurred while executing doInBackground()
        at android.os.AsyncTask$4.done(AsyncTask.java:399)
        at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:383)
        at java.util.concurrent.FutureTask.setException(FutureTask.java:252)
        at java.util.concurrent.FutureTask.run(FutureTask.java:271)
        at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:289)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.lang.Thread.run(Thread.java:929)

Caused by: java.lang.AbstractMethodError: abstract method "void com.iterable.iterableapi.IterableAuthHandler.onAuthFailure(com.iterable.iterableapi.AuthFailure)"
        at com.iterable.iterableapi.IterableAuthManager.handleAuthFailure(IterableAuthManager.java:176)
        at com.iterable.iterableapi.IterableRequestTask.executeApiRequest(IterableRequestTask.java:193)
        at com.iterable.iterableapi.IterableRequestTask.doInBackground(IterableRequestTask.java:61)
        at com.iterable.iterableapi.IterableRequestTask.doInBackground(IterableRequestTask.java:34)
        at android.os.AsyncTask$3.call(AsyncTask.java:378)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:289)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.lang.Thread.run(Thread.java:929)

buuuudzik avatar Jul 26 '24 05:07 buuuudzik

If it's about a device, it can be reproduced on every Android phone, we detected it also on OS version from Android 10 to 14. Personally I'm using for tests Samsung Note 10 Plus.

buuuudzik avatar Jul 26 '24 05:07 buuuudzik

In our case it looks that this helps (no crash and lib can continue fetching new JWT token and sending events): CleanShot 2024-07-27 at 08 18 58@2x

buuuudzik avatar Jul 27 '24 06:07 buuuudzik

Maybe it's related with this issue: https://github.com/Iterable/iterable-android-sdk/issues/741

buuuudzik avatar Jul 31 '24 11:07 buuuudzik

Hi all. Can you confirm whether or not this is still an issue?

lposen avatar Jun 06 '25 22:06 lposen

@lposen It was caused by the incorrect version of the Android Iterable SDK, resulting from the our patch and the version wildcard "*" inside the patch. There was a breaking change between the Android Iterable SDK versions.

But what still appears is some race condition in the authToken refreshing mechanism. Please ensure that the register or unregister won't trigger before the up-to-date token is successfully fetched, or will be retried if the register/unregister call fails.

buuuudzik avatar Jun 09 '25 11:06 buuuudzik

@buuuudzik Have you patched the Iterable RN SDK with a newer version of the Android SDK, by any chance?

The Iterable RN SDK hasn't incorporated newer versions of the Iterable Android SDK, so there will likely be several breaking issues if you have patched it with a newer version. The way that token refreshes are handled changed quite substantially in the newer versions of the Iterable Android SDK.

We are currently working on bringing the RN SDK up to speed with the newer Android and iOS versions.

lposen avatar Jun 13 '25 18:06 lposen

FYI for anyone watching this thread -- JWT is currently in development, and we plan on releasing it before the end of Q4.

lposen avatar Oct 16 '25 20:10 lposen

Thanks @lposen

buuuudzik avatar Oct 20 '25 06:10 buuuudzik