ibm mobilefirst - Check if user is already logged in or or not in MFP V8.0 -

i have written adapter procedure in mfp v8.0. procedure secured bu security check. want check user logged-in before calling adapter procedure:

procedure mapped scope below:

<procedure name="searchdata" scope="restrictedresource"/> 

security check defined below:

<securitycheckdefinition name="uservalidationsecuritycheck" class="com.sample.uservalidationsecuritycheck"> 

i have done the scope element mapping server also.

i have written below method calls adapter method:

function calladapterprocedure(invocationdata){     var procedurename = invocationdata.procedure;     var successhandler = invocationdata.successhandler;     var failurehandler = invocationdata.failurehandler;     var parameters = invocationdata.parameters;      var isuserloggedin = checkforloggedinuser();     alert('is logged in' + isuserloggedin);     if(isuserloggedin){         var datarequest = new wlresourcerequest(getadapterpath(procedurename), wlresourcerequest.get);         datarequest.setqueryparameter("params", [json.stringify(parameters)]);         datarequest.send().then(successhandler,failurehandler);     }else{         hideprogressbar();         showalert(messages.alert_session_time_out);         logoutwithoutconfirmation();         openlogin();     } } 

below implementation of checkforloggedinuser() method:

function checkforloggedinuser(){     var useralreadyloggedin = undefined;//wl.client.isuserauthenticated(mrmglobal.realms.authenticationrealm,null);     wlauthorizationmanager.obtainaccesstoken("restrictedresource").then(         function (accesstoken) {             alert("obtainaccesstoken onsuccess");             useralreadyloggedin = true;         },         function (response) {             alert("obtainaccesstoken onfailure: " + json.stringify(response));             useralreadyloggedin = false;     });      return useralreadyloggedin; } 

i know wlauthorizationmanager.obtainaccesstoken sends asynchronous call server that's why useralreadyloggedin coming undefined. there way through can check user session not timed out before making adapter call? want implement wl.client.isuserauthenticated (which there in earlier versions).

--update--

plus have observed 1 more thing handlers method of wlauthorizationmanager.obtainaccesstoken not getting called.

from code:

 wlauthorizationmanager.obtainaccesstoken("restrictedresource").then(         function (accesstoken) {             alert("obtainaccesstoken onsuccess");             useralreadyloggedin = true;         },         function (response) {             alert("obtainaccesstoken onfailure: " + json.stringify(response));             useralreadyloggedin = false;     }); 

it common misconception think obtainaccesstoken's onfailure means user not logged in. that's not how works.

when call obtainaccesstoken, there 3 possible outcomes:

• success: user logged in, , obtainaccesstoken onsuccess called (along challenge handler's success method).
• challenge: user not logged in, security check sent challenge client. this challenge received challenge handler. obtain remain on hold until answer challenge. happens in case, not explain why none of obtain's handlers being called.
• failure: went wrong during authentication. server down, networking issue, scope not exist, or user blocked, etc. in case, obtainaccesstoken's onfailure called.

there no api check if scope granted without triggering challenge. have opened internal feature request, feel free submit own (https://www.ibm.com/developerworks/rfe ).

in meantime add own internal boolean flag, set true whenever login , false whenever logout.