also check that the AccessTokenExpiry has not passed (#181)

* also check that the AccessTokenExpiry has not passed * added changelog * fix existing test case with new check --------- Co-authored-by: lursu <leland.ursu@hashicorp.com>
hashicorp · Apr 13, 2023 · 4df81c8 · 4df81c8
1 parent abc76c9
commit 4df81c8
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 4 deletions.
diff --git a/.changelog/181.txt b/.changelog/181.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+Fixed issue of not regenerating auth token when AccessToken expires
+```
diff --git a/auth/user.go b/auth/user.go
@@ -29,9 +29,9 @@ func (s *UserSession) GetToken(ctx context.Context, conf *oauth2.Config) (*oauth
 	var tok *oauth2.Token
 	var err error
 
-	// Check the session expiry of the retrieved token.
-	// If session expiry has passed, then reauthenticate with browser login and reassign token.
-	if readErr != nil || cache.SessionExpiry.Before(time.Now()) {
+	// Check the expiry of the retrieved token.
+	// If session expiry or the AccessTokenExpiry has passed, then reauthenticate with browser login and reassign token.
+	if readErr != nil || cache.SessionExpiry.Before(time.Now()) || cache.AccessTokenExpiry.Before(time.Now()) {
 
 		// Login with browser.
 		log.Print("No credentials found, proceeding with browser login.")

diff --git a/auth/user_test.go b/auth/user_test.go
@@ -26,7 +26,7 @@ func TestGetToken_ExistingToken(t *testing.T) {
 	cache := Cache{
 		AccessToken:       "Test.Access.Token",
 		RefreshToken:      "TestRefreshToken",
-		AccessTokenExpiry: now,
+		AccessTokenExpiry: now.Add(time.Hour * 2),
 		SessionExpiry:     time.Now().Add(time.Hour * 24),
 	}