-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
101 lines (84 loc) · 2.2 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package main
import (
"encoding/json"
"net/http"
"net/url"
"strings"
"sync"
"time"
)
const (
grantType = "partner_integration"
scope = "tachograph-partner.read"
expirySafetyMargin = 10 * time.Second
)
type authenticator struct {
tokenUrl string
clientID string
clientSecret string
integrationID string
httpClient *http.Client
mu sync.Mutex
token string
expiresAt time.Time
}
func NewAuthenticator(tokenUrl, clientID, clientSecret, integrationID string, httpClient *http.Client) *authenticator {
return &authenticator{
tokenUrl: tokenUrl,
clientID: clientID,
clientSecret: clientSecret,
integrationID: integrationID,
httpClient: httpClient,
}
}
func (a *authenticator) GetOrCreateToken() (string, error) {
if a.checkTokenValid() {
return a.token, nil
}
// optimistic locking to prevent multiple concurrent token creations
a.mu.Lock()
defer a.mu.Unlock()
if a.checkTokenValid() {
return a.token, nil
}
token, expiryTime, err := a.createToken()
if err != nil {
return "", err
}
a.token = token
a.expiresAt = expiryTime
return a.token, nil
}
func (a *authenticator) checkTokenValid() bool {
if a.token == "" || time.Until(a.expiresAt) < expirySafetyMargin {
return false
}
return true
}
func (a *authenticator) createToken() (string, time.Time, error) {
data := url.Values{}
data.Set("client_id", a.clientID)
data.Set("client_secret", a.clientSecret)
data.Set("integration_id", a.integrationID)
data.Set("grant_type", grantType)
data.Set("scope", scope)
req, err := http.NewRequest(http.MethodPost, a.tokenUrl, strings.NewReader(data.Encode()))
if err != nil {
return "", time.Now(), err
}
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
resp, err := a.httpClient.Do(req)
if err != nil {
return "", time.Now(), err
}
var tokenResponse struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
}
err = json.NewDecoder(resp.Body).Decode(&tokenResponse)
if err != nil {
return "", time.Now(), err
}
expiryTime := time.Now().Add(time.Duration(tokenResponse.ExpiresIn) * time.Second)
return tokenResponse.AccessToken, expiryTime, nil
}