// Refresh obtain a new access token using the refresh token. func (c *LoginController) Refresh(ctx *app.RefreshLoginContext) error { refreshToken := ctx.Payload.RefreshToken if refreshToken == nil { return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError("refresh_token", nil).Expected("not nil")) } client := &http.Client{Timeout: 10 * time.Second} res, err := client.PostForm(configuration.GetKeycloakEndpointToken(), url.Values{ "client_id": {configuration.GetKeycloakClientID()}, "client_secret": {configuration.GetKeycloakSecret()}, "refresh_token": {*refreshToken}, "grant_type": {"refresh_token"}, }) if err != nil { return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError("Error when obtaining token "+err.Error())) } switch res.StatusCode { case 200: // OK case 401: return jsonapi.JSONErrorResponse(ctx, errors.NewUnauthorizedError(res.Status+" "+readBody(res.Body))) case 400: return jsonapi.JSONErrorResponse(ctx, errors.NewBadParameterError(readBody(res.Body), nil)) default: return jsonapi.JSONErrorResponse(ctx, errors.NewInternalError(res.Status+" "+readBody(res.Body))) } token, err := readToken(res, ctx) if err != nil { return err } return ctx.OK(&app.AuthToken{Token: token}) }
func TestNewUnauthorizedError(t *testing.T) { t.Parallel() resource.Require(t, resource.UnitTest) msg := "Invalid token" err := errors.NewUnauthorizedError(msg) assert.Equal(t, msg, err.Error()) }