-
Notifications
You must be signed in to change notification settings - Fork 5
/
http_client_bearer_token_auth.go
107 lines (86 loc) · 3.25 KB
/
http_client_bearer_token_auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
// http_client_bearer_token_auth.go
/* The http_client_auth package focuses on authentication mechanisms for an HTTP client.
It provides structures and methods for handling both basic and bearer token based authentication
*/
package http_client
import (
"encoding/json"
"net/http"
"time"
)
// BearerTokenAuthCredentials represents the username and password for basic authentication.
type BearerTokenAuthCredentials struct {
Username string
Password string
}
// SetBearerTokenAuthCredentials sets the BearerTokenAuthCredentials (Username and Password)
// for the client instance. These credentials are used for obtaining and refreshing
// bearer tokens for authentication.
func (c *Client) SetBearerTokenAuthCredentials(credentials BearerTokenAuthCredentials) {
c.BearerTokenAuthCredentials = credentials
}
// ObtainToken fetches and sets an authentication token using the stored basic authentication credentials.
func (c *Client) ObtainToken() error {
authenticationEndpoint := c.ConstructAPIAuthEndpoint(BearerTokenEndpoint)
c.logger.Debug("Attempting to obtain token for user", "Username", c.BearerTokenAuthCredentials.Username)
req, err := http.NewRequest("POST", authenticationEndpoint, nil)
if err != nil {
c.logger.Error("Failed to create new request for token", "Error", err)
return err
}
req.SetBasicAuth(c.BearerTokenAuthCredentials.Username, c.BearerTokenAuthCredentials.Password)
resp, err := c.httpClient.Do(req)
if err != nil {
c.logger.Error("Failed to make request for token", "Error", err)
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
c.logger.Warn("Received non-OK response while obtaining token", "StatusCode", resp.StatusCode)
return c.HandleAPIError(resp)
}
tokenResp := &TokenResponse{}
err = json.NewDecoder(resp.Body).Decode(tokenResp)
if err != nil {
c.logger.Error("Failed to decode token response", "Error", err)
return err
}
c.Token = tokenResp.Token
c.Expiry = tokenResp.Expires
tokenDuration := time.Until(c.Expiry)
c.logger.Info("Token obtained successfully", "Expiry", c.Expiry, "Duration", tokenDuration)
return nil
}
// RefreshToken refreshes the current authentication token.
func (c *Client) RefreshToken() error {
c.tokenLock.Lock()
defer c.tokenLock.Unlock()
tokenRefreshEndpoint := c.ConstructAPIAuthEndpoint(TokenRefreshEndpoint)
req, err := http.NewRequest("POST", tokenRefreshEndpoint, nil)
if err != nil {
c.logger.Error("Failed to create new request for token refresh", "error", err)
return err
}
req.Header.Add("Authorization", "Bearer "+c.Token)
c.logger.Debug("Attempting to refresh token", "URL", tokenRefreshEndpoint)
resp, err := c.httpClient.Do(req)
if err != nil {
c.logger.Error("Failed to make request for token refresh", "error", err)
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
c.logger.Warn("Token refresh response status is not OK", "StatusCode", resp.StatusCode)
return c.HandleAPIError(resp)
}
tokenResp := &TokenResponse{}
err = json.NewDecoder(resp.Body).Decode(tokenResp)
if err != nil {
c.logger.Error("Failed to decode token response", "error", err)
return err
}
c.logger.Info("Token refreshed successfully", "Expiry", tokenResp.Expires)
c.Token = tokenResp.Token
c.Expiry = tokenResp.Expires
return nil
}