-
Notifications
You must be signed in to change notification settings - Fork 23
/
api.go
141 lines (114 loc) · 3.55 KB
/
api.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package api
import (
"encoding/json"
"fmt"
"io"
"net/http"
"github.com/10gen/realm-cli/auth"
"github.com/10gen/realm-cli/user"
)
// DefaultBaseURL is the default prod base url for Realm apps
const DefaultBaseURL = "https://realm.mongodb.com"
// DefaultAtlasBaseURL is the default atlas prod base url
const DefaultAtlasBaseURL = "https://cloud.mongodb.com"
const (
adminBaseURL = "/api/admin/v3.0"
authSessionRoute = adminBaseURL + "/auth/session"
)
// Client represents something that is capable of making HTTP requests
type Client interface {
ExecuteRequest(method, path string, options RequestOptions) (*http.Response, error)
}
// RequestOptions represents a simple set of options to use with HTTP requests
type RequestOptions struct {
Body io.Reader
Header http.Header
}
type basicAPIClient struct {
baseURL string
}
const (
// RealmRequestOriginHeader is the name of the header for where the api request
// is coming from (UI, CLI, ADMIN API)
RealmRequestOriginHeader = "X-BAAS-Request-Origin"
// RealmCLIHeaderValue is the value of the RealmRequestOriginHeader if the request
// is from the CLI
RealmCLIHeaderValue = "mongodb-baas-cli"
)
// ExecuteRequest makes an HTTP request to the provided path
func (apiClient *basicAPIClient) ExecuteRequest(method, path string, options RequestOptions) (*http.Response, error) {
req, err := http.NewRequest(method, apiClient.baseURL+path, options.Body)
if err != nil {
return nil, err
}
req.Header = options.Header
if req.Header == nil {
req.Header = http.Header{}
}
req.Header.Set(RealmRequestOriginHeader, RealmCLIHeaderValue)
client := &http.Client{}
return client.Do(req)
}
// NewClient returns a new Client
func NewClient(baseURL string) Client {
return &basicAPIClient{
baseURL: baseURL,
}
}
// NewAuthClient returns a new *AuthClient
func NewAuthClient(client Client, user *user.User) *AuthClient {
return &AuthClient{
Client: client,
user: user,
}
}
// AuthClient is a Client that is aware of a User's auth credentials
type AuthClient struct {
Client
user *user.User
}
// RefreshAuth makes a call to the session endpoint using the user's refresh token in order to obtain a new access token
func (ac *AuthClient) RefreshAuth() (auth.Response, error) {
res, err := ac.Client.ExecuteRequest(http.MethodPost, authSessionRoute, RequestOptions{
Header: http.Header{
"Authorization": []string{"Bearer " + ac.user.RefreshToken},
},
})
if err != nil {
return auth.Response{}, err
}
if res.StatusCode != http.StatusCreated {
return auth.Response{}, fmt.Errorf("%s: failed to refresh auth", res.Status)
}
decoder := json.NewDecoder(res.Body)
defer res.Body.Close()
var authResponse auth.Response
if err := decoder.Decode(&authResponse); err != nil {
return auth.Response{}, err
}
return authResponse, nil
}
// ExecuteRequest makes a call to the provided path, supplying the user's access token
func (ac *AuthClient) ExecuteRequest(method, path string, options RequestOptions) (*http.Response, error) {
if options.Header == nil {
options.Header = http.Header{}
}
options.Header.Add("Authorization", "Bearer "+ac.user.AccessToken)
res, err := ac.Client.ExecuteRequest(method, path, options)
if err != nil {
return nil, err
}
if res.StatusCode == http.StatusUnauthorized {
res.Body.Close()
authResponse, refreshErr := ac.RefreshAuth()
if refreshErr != nil {
return nil, refreshErr
}
return ac.Client.ExecuteRequest(method, path, RequestOptions{
Header: http.Header{
"Authorization": []string{"Bearer " + authResponse.AccessToken},
},
})
}
return res, err
}