Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add ability to refresh token automatically before expiration. #242

Merged
merged 10 commits into from
Jan 16, 2018

Conversation

nolanmar511
Copy link
Contributor

This pull request makes it possible to refresh the token when it is not expired but will expire in some period of time.
This can be used to address the issues described in #133, by allowing users to specify that tokens should be refreshed if they will expire soon. This is also necessary to fix googleapis/cloud-profiler-nodejs#94

For earlier discussion of these changes, see PR #208.

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Jan 10, 2018
@@ -33,8 +33,8 @@ export class Compute extends OAuth2Client {
* Retrieve access token from the metadata server.
* See: https://developers.google.com/compute/docs/authentication
*/
constructor() {
super();
constructor(refreshTokenEarlyMillis?: number) {

This comment was marked as spam.

This comment was marked as spam.

@nolanmar511
Copy link
Contributor Author

PTAL

/**
* @param {number=} refreshTokenEarlyMillis The token should be refreshed if it will expire within this many milliseconds.
*/
constructor(public refreshTokenEarlyMillis?: number) {}

This comment was marked as spam.

This comment was marked as spam.

@@ -87,6 +87,11 @@ export class GoogleAuth {
*/
static DefaultTransporter = DefaultTransporter;

/**
* @param {number=} refreshTokenEarlyMillis The token should be refreshed if it will expire within this many milliseconds.

This comment was marked as spam.

This comment was marked as spam.

@@ -20,6 +20,8 @@ import {RequestError} from './../transporters';
import {CredentialRequest, Credentials} from './credentials';
import {GetTokenResponse, OAuth2Client} from './oauth2client';

export interface ComputeOptions { refreshTokenEarlyMillis?: number; }

This comment was marked as spam.

This comment was marked as spam.

constructor(
clientId?: string, clientSecret?: string, refreshToken?: string,
refreshTokenEarlyMillis?: number);

This comment was marked as spam.

This comment was marked as spam.

@@ -66,6 +66,19 @@ describe('Compute auth client', () => {
});
});

it('should refresh if access token has expired', (done) => {

This comment was marked as spam.

This comment was marked as spam.

Copy link
Contributor

@ofrobots ofrobots left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM once nits are addressed.

clientId?: string;
clientSecret?: string;
redirectUri?: string;
authBaseUrl?: string;
tokenUrl?: string;
}

export interface RefreshOptions {
// The token should be refreshed if it will expire within this many
// milliseconds.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

@JustinBeckwith JustinBeckwith changed the title feat: Add abilit to refresh token automatically before expiration. feat: Add ability to refresh token automatically before expiration. Jan 11, 2018
import {GetTokenResponse, OAuth2Client} from './oauth2client';
import {GetTokenResponse, OAuth2Client, RefreshOptions} from './oauth2client';

export interface ComputeOptions extends RefreshOptions {}

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

super();
constructor(options?: ComputeOptions) {
options = options || {};
super({refreshTokenEarlyMillis: options.refreshTokenEarlyMillis});

This comment was marked as spam.

This comment was marked as spam.

@@ -58,6 +58,8 @@ interface CredentialResult {
default: {email: string;};
}

export interface GoogleAuthOptions extends RefreshOptions {}

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

/**
* Export DefaultTransporter as a static property of the class.
*/
static DefaultTransporter = DefaultTransporter;

constructor(options?: GoogleAuthOptions) {

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

@@ -936,4 +932,16 @@ export class OAuth2Client extends AuthClient {
const buffer = new Buffer(b64String, 'base64');
return buffer.toString('utf8');
}

/**
* Returns true iff a token is expired or will expire within

This comment was marked as spam.

This comment was marked as spam.

compute = new Compute({refreshTokenEarlyMillis: 10000});
compute.credentials.access_token = 'initial-access-token';
compute.credentials.expiry_date = (new Date()).getTime() + 5000;
compute.request({url: 'http://foo'}, () => {

This comment was marked as spam.

.reply(200, {access_token: 'abc123', expires_in: 10000});
compute.credentials.access_token = 'initial-access-token';
compute.credentials.expiry_date = (new Date()).getTime() + 11000;
compute.request({url: 'http://foo'}, () => {

This comment was marked as spam.

This comment was marked as spam.

};

createGTokenMock({access_token: 'abc123'});
jwt.request({url: 'http://bar'}, () => {

This comment was marked as spam.

expiry_date: (new Date()).getTime() + 5000
};

jwt.request({url: 'http://bar'}, () => {

This comment was marked as spam.

* refreshTokenEarlyMillis milliseconds.
* If there is no expiry time, assumes the token is not expired or expiring.
*/
protected isTokenExpiring(): boolean {

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

@JustinBeckwith
Copy link
Contributor

Does this address #67?

@nolanmar511
Copy link
Contributor Author

This change does not address #67, though I assume that it would make errors like those in #67 less common.

@theacodes
Copy link
Contributor

@nolanmar511 nolanmar511 force-pushed the early-refresh branch 3 times, most recently from ed32d20 to 9303172 Compare January 12, 2018 18:32
@nolanmar511
Copy link
Contributor Author

PTAL

@JustinBeckwith
Copy link
Contributor

LGTM! Please rebase to master, and I'll merge this in. Thank you!

@nolanmar511
Copy link
Contributor Author

Just rebased against master.

@tnguyen14
Copy link

Is there any update to the docs? How should this change be used?

@JustinBeckwith
Copy link
Contributor

Greetings! You can learn how to us this in the reference docs:
https://google.github.io/google-auth-library-nodejs/classes/_auth_googleauth_.googleauth.html#getapplicationdefault

@rublev
Copy link

rublev commented Apr 29, 2020

Greetings! You can learn how to us this in the reference docs:
https://google.github.io/google-auth-library-nodejs/classes/_auth_googleauth_.googleauth.html#getapplicationdefault

404

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

"Unauthorized" error when credentials expire
7 participants