From dfc9c20306854ceac28cc4e98023c6cd8b478f2b Mon Sep 17 00:00:00 2001
From: Wagner Silveira <wagner.silveira@theta.co.nz>
Date: Tue, 29 Oct 2019 08:00:37 +1300
Subject: [PATCH] Aligning cache duration to token duration (#38)

* Update Backend OAuth2 Authentication With Cache.policy.xml

Remove token cache duration name value parameter and derive the value from the token received from token provider. Token duration and cache duration are now linked.

* Update Backend OAuth2 Authentication With Cache.policy.xml

Fixing typo.

* Update Backend OAuth2 Authentication With Cache.policy.xml

Strong typing tokenDurationSeconds

* Moved body result to variable.

Seems like the body result is in a stream so you can only read it once (after that you will probably be at the end of the stream). So trying to read twice for access_token and expires_in generated an error (not found on the second read). Moving the Body to a JObject variable solved the issue.
---
 .../Backend OAuth2 Authentication With Cache.policy.xml    | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/examples/Backend OAuth2 Authentication With Cache.policy.xml b/examples/Backend OAuth2 Authentication With Cache.policy.xml
index 6726d22..b82a6f5 100644
--- a/examples/Backend OAuth2 Authentication With Cache.policy.xml	
+++ b/examples/Backend OAuth2 Authentication With Cache.policy.xml	
@@ -7,7 +7,6 @@
 <!-- Parameters: scope - a URI encoded scope value -->
 <!-- Parameters: clientId - an id obtained during app registration -->
 <!-- Parameters: clientSecret - a URL encoded secret, obtained during app registration -->
-<!-- Parameters: tokenExpiresSeconds - a value indicating the time in seconds the token should be cached -->
 
 
 <!-- Copy the following snippet into the inbound section. -->
@@ -27,8 +26,10 @@
               return "client_id={{clientId}}&scope={{scope}}&client_secret={{clientSecret}}&grant_type=client_credentials";
                     }</set-body>
                 </send-request>
-                <set-variable name="bearerToken" value="@((String)((IResponse)context.Variables["accessToken"]).Body.As<JObject>()["access_token"])" />
-                <cache-store-value key="bearerToken" value="@((string)context.Variables["bearerToken"])" duration="{{tokenExpiresSeconds}}" />
+                <set-variable name="accessToken" value="@(((IResponse)context.Variables["accessTokenResult"]).Body.As<JObject>())" />
+                <set-variable name="bearerToken" value="@((string)((JObject)context.Variables["accessToken"])["access_token"])" />
+                <set-variable name="tokenDurationSeconds" value="@((int)((JObject)context.Variables["accessToken"])["expires_in"])" />
+                <cache-store-value key="bearerToken" value="@((string)context.Variables["bearerToken"])" duration="@((int)context.Variables["tokenDurationSeconds"])" />
             </when>
         </choose>
         <set-header name="Authorization" exists-action="override">