// TokenOAuthClient returns an oauth2 client for a specific token
func (c *client) TokenOAuthClient(ctx context.Context, config *oauth2.Config, userToken *oauth2.Token) (client *http.Client, err error) {
if !userToken.Valid() { // if user token is expired
userToken = &oauth2.Token{RefreshToken: userToken.RefreshToken}
}
return config.Client(ctx, userToken), err
}
// UserOAuthClient returns an oauth2 client for a specific user
func (c *client) UserOAuthClient(ctx context.Context, config *oauth2.Config, userID string) (client *http.Client, err error) {
var userToken *oauth2.Token
if userToken, err = c.GetCachedToken(userID); err != nil {
// if token for user is not cached then go through oauth2 flow
if userToken, err = c.newUserToken(ctx, config, userID); err != nil {
return
}
}
if !userToken.Valid() { // if user token is expired
userToken = &oauth2.Token{RefreshToken: userToken.RefreshToken}
}
return config.Client(ctx, userToken), err
}
// cachedToken returns the token saved in cacheFile. It specifically returns
// errTokenExpired if the token is expired.
func cachedToken(cacheFile string) (*oauth2.Token, error) {
tok := new(oauth2.Token)
tokenData, err := wkfs.ReadFile(cacheFile)
if err != nil {
return nil, err
}
if err = json.Unmarshal(tokenData, tok); err != nil {
return nil, err
}
if !tok.Valid() {
if tok != nil && time.Now().After(tok.Expiry) {
return nil, errExpiredToken
}
return nil, errors.New("invalid token")
}
return tok, nil
}
func getTokenContainer(ctx *gin.Context) (*TokenContainer, bool) {
var oauth_token *oauth2.Token
var tc *TokenContainer
var err error
if oauth_token, err = extractToken(ctx.Request); err != nil {
glog.Errorf("Can not extract oauth2.Token, caused by: %s", err)
return nil, false
}
if !oauth_token.Valid() {
glog.Infof("Invalid Token - nil or expired")
return nil, false
}
if tc, err = GetTokenContainer(oauth_token); err != nil {
glog.Errorf("Can not extract TokenContainer, caused by: %s", err)
return nil, false
}
return tc, true
}