Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add additional headers during token refresh #483

Open
andig opened this issue Mar 14, 2021 · 2 comments
Open

Add additional headers during token refresh #483

andig opened this issue Mar 14, 2021 · 2 comments

Comments

@andig
Copy link
Contributor

andig commented Mar 14, 2021

The VW api I'm working with (which is almost OAuth but then isn't) needs to receive the clientID in X-Client-ID header during token refresh. Would it be possible to add such header?
@andig andig mentioned this issue May 9, 2021
Open
@andig
Copy link
Contributor Author

andig commented May 19, 2021
edited
Loading

Here is an example token source that supports custom refreshers:

type TokenRefresher interface {
	RefreshToken(token *oauth2.Token) (*oauth2.Token, error)
}

type TokenSource struct {
	token     *oauth2.Token
	refresher TokenRefresher
}

func RefreshTokenSource(token *oauth2.Token, refresher TokenRefresher) oauth2.TokenSource {
	return &TokenSource{token, refresher}
}

func (ts *TokenSource) Token() (*oauth2.Token, error) {
	var err error
	if time.Until(ts.token.Expiry) < time.Minute {
		var token *oauth2.Token
		if token, err = ts.refresher.RefreshToken(ts.token); err == nil {
			if token.AccessToken == "" {
				err = errors.New("token refresh failed to obtain access token")
			} else {
				err = ts.mergeToken(token)
			}
		}
	}

	return ts.token, err
}

// mergeToken updates a token while preventing wiping the refresh token
func (ts *TokenSource) mergeToken(t *oauth2.Token) error {
	return mergo.Merge(ts.token, t, mergo.WithOverride)
}

One could easily take this forward and make the guard time configurable, too (#481).

@camilaac
Copy link

This would be useful to propagate tracing headers too. Besides, for new oauth2 requests, afaik the headers are hardcoded in an internal class: https://github.com/golang/oauth2/blob/master/internal/token.go#L173 (from current master c85d3e9)

@andig andig mentioned this issue Sep 23, 2022
Open
This was referenced Jul 17, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andig @camilaac