// Refresh obtain a new access token using the refresh token.
func (c *LoginController) Refresh(ctx *app.RefreshLoginContext) error {
refreshToken := ctx.Payload.RefreshToken
if refreshToken == nil {
return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError("refresh_token", nil).Expected("not nil"))
}
client := &http.Client{Timeout: 10 * time.Second}
res, err := client.PostForm(configuration.GetKeycloakEndpointToken(), url.Values{
"client_id": {configuration.GetKeycloakClientID()},
"client_secret": {configuration.GetKeycloakSecret()},
"refresh_token": {*refreshToken},
"grant_type": {"refresh_token"},
})
if err != nil {
return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError("Error when obtaining token "+err.Error()))
}
switch res.StatusCode {
case 200:
// OK
case 401:
return jsonapi.JSONErrorResponse(ctx, errors.NewUnauthorizedError(res.Status+" "+readBody(res.Body)))
case 400:
return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError(readBody(res.Body), nil))
default:
return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError(res.Status+" "+readBody(res.Body)))
}
token, err := readToken(res, ctx)
if err != nil {
return err
}
return ctx.OK(&app.AuthToken{Token: token})
}
func TestNewUnauthorizedError(t *testing.T) {
t.Parallel()
resource.Require(t, resource.UnitTest)
msg := "Invalid token"
err := errors.NewUnauthorizedError(msg)
assert.Equal(t, msg, err.Error())
}