forked from cloudfoundry/cli
-
Notifications
You must be signed in to change notification settings - Fork 0
/
refresh_token.go
77 lines (63 loc) · 2.26 KB
/
refresh_token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package uaa
import (
"fmt"
"net/http"
"net/url"
"strings"
"code.cloudfoundry.org/cli/api/uaa/constant"
"code.cloudfoundry.org/cli/api/uaa/internal"
)
// RefreshedTokens represents the UAA refresh token response.
type RefreshedTokens struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
Type string `json:"token_type"`
}
// AuthorizationToken returns formatted authorization header.
func (refreshTokenResponse RefreshedTokens) AuthorizationToken() string {
return fmt.Sprintf("%s %s", refreshTokenResponse.Type, refreshTokenResponse.AccessToken)
}
// RefreshAccessToken refreshes the current access token.
func (client *Client) RefreshAccessToken(refreshToken string) (RefreshedTokens, error) {
var values url.Values
switch client.config.UAAGrantType() {
case string(constant.GrantTypeClientCredentials):
values = client.clientCredentialRefreshBody()
case "", string(constant.GrantTypePassword): // CLI used to write empty string for grant type in the case of password; preserve compatibility with old config.json files
values = client.refreshTokenBody(refreshToken)
}
body := strings.NewReader(values.Encode())
request, err := client.newRequest(requestOptions{
RequestName: internal.PostOAuthTokenRequest,
Header: http.Header{"Content-Type": {"application/x-www-form-urlencoded"}},
Body: body,
})
if err != nil {
return RefreshedTokens{}, err
}
if client.config.UAAGrantType() != string(constant.GrantTypeClientCredentials) {
request.SetBasicAuth(client.config.UAAOAuthClient(), client.config.UAAOAuthClientSecret())
}
var refreshResponse RefreshedTokens
response := Response{
Result: &refreshResponse,
}
err = client.connection.Make(request, &response)
if err != nil {
return RefreshedTokens{}, err
}
return refreshResponse, nil
}
func (client *Client) clientCredentialRefreshBody() url.Values {
return url.Values{
"client_id": {client.config.UAAOAuthClient()},
"client_secret": {client.config.UAAOAuthClientSecret()},
"grant_type": {string(constant.GrantTypeClientCredentials)},
}
}
func (client *Client) refreshTokenBody(refreshToken string) url.Values {
return url.Values{
"refresh_token": {refreshToken},
"grant_type": {string(constant.GrantTypeRefreshToken)},
}
}