Thread safety and #refresh_token

[tristanm]

I realise this is a generic question which could apply to many similar situations but I thought I'd bring it up in case anyone thinks it's useful to mention it in createsend-ruby's README.md.

In multi-threaded applications, it is possible to get into an unsafe situation when refreshing tokens, e.g.:

record = SomeModel.find(...)
cs = CreateSend::CreateSent.new(
    record.access_token,
    record.refresh_token
)

begin
  tries = 2
  cs.clients
rescue CreateSend::ExpiredOAuthToken => e
  access_token, expires_in, request_token = cs.refresh_token
  record.access_token = access_token
  record.request_token = request_token
  record.save
  retry if (trues -= 1).zero?
  raise e
end

1. record.access_token expires
2. Thread A encounters ExpiredOAuthToken
3. Thread A calls #refresh_token
4. Thread B encounters ExpiredOAuthToken
5. Thread B calls #refresh_token but fails because record.refresh_token is now invalid
6. Thread A persists new token
7. Thread A continues

I'm assuming others have encountered this possibility. Anyone have any favoured suggestions for dealing with it?

I've created a question on SO too (modified the code to make it broader than createsend-ruby) if anyone would like some points!

[asadighi]

Hi,

Thanks for reaching out. My name is Aidin and I am the Technical Lead for Integrations and APIs in Campaign Monitor. I would be more than happy to help out.

Were you able to find a solution for this particular issue?

Thanks,
Aidin