adapt existing functions to possibility that a mytoken is rotated

zachmann · zachmann · commit b7cbd169d212 · 2021-12-09T10:45:38.000+01:00
diff --git a/accesstoken.go b/accesstoken.go
@@ -4,11 +4,14 @@ import (
 	"github.com/oidc-mytoken/api/v0"
 )
 
-func (my *MytokenServer) GetAccessToken(mytoken, oidcIssuer string, scopes, audiences []string, comment string) (string, error) {
-	req := NewAccessTokenRequest(oidcIssuer, mytoken, scopes, audiences, comment)
+func (my *MytokenServer) GetAccessToken(mytoken *string, oidcIssuer string, scopes, audiences []string, comment string) (string, error) {
+	req := NewAccessTokenRequest(oidcIssuer, *mytoken, scopes, audiences, comment)
 	var resp api.AccessTokenResponse
 	if err := doHTTPRequest("POST", my.AccessTokenEndpoint, req, &resp); err != nil {
 		return "", err
 	}
+	if resp.TokenUpdate != nil {
+		*mytoken = resp.TokenUpdate.Mytoken
+	}
 	return resp.AccessToken, nil
 }
diff --git a/mytoken.go b/mytoken.go
@@ -8,15 +8,19 @@ import (
 	"github.com/oidc-mytoken/api/v0"
 )
 
-func (my *MytokenServer) GetMytoken(req interface{}) (string, error) {
+func (my *MytokenServer) GetMytoken(req interface{}) (string, *string, error) {
 	var resp api.MytokenResponse
 	if err := doHTTPRequest("POST", my.MytokenEndpoint, req, &resp); err != nil {
-		return "", err
+		return "", nil, err
+	}
+	var mtUpdate *string
+	if resp.TokenUpdate != nil {
+		mtUpdate = &resp.TokenUpdate.Mytoken
 	}
-	return resp.Mytoken, nil
+	return resp.Mytoken, mtUpdate, nil
 }
 
-func (my *MytokenServer) GetMytokenByMytoken(mytoken, issuer string, restrictions api.Restrictions, capabilities, subtokenCapabilities api.Capabilities, responseType, name string) (string, error) {
+func (my *MytokenServer) GetMytokenByMytoken(mytoken *string, issuer string, restrictions api.Restrictions, capabilities, subtokenCapabilities api.Capabilities, responseType, name string) (string, error) {
 	req := api.MytokenFromMytokenRequest{
 		GeneralMytokenRequest: api.GeneralMytokenRequest{
 			Issuer:               issuer,
@@ -27,17 +31,22 @@ func (my *MytokenServer) GetMytokenByMytoken(mytoken, issuer string, restriction
 			Name:                 name,
 			ResponseType:         responseType,
 		},
-		Mytoken: mytoken,
+		Mytoken: *mytoken,
+	}
+	mt, mtUpdate, err := my.GetMytoken(req)
+	if mtUpdate != nil {
+		*mytoken = *mtUpdate
 	}
-	return my.GetMytoken(req)
+	return mt, err
 }
 
 func (my *MytokenServer) GetMytokenByTransferCode(transferCode string) (string, error) {
 	req := api.ExchangeTransferCodeRequest{
 		GrantType:    api.GrantTypeTransferCode,
 		TransferCode: transferCode,
 	}
-	return my.GetMytoken(req)
+	mt, _, err := my.GetMytoken(req)
+	return mt, err
 }
 
 type PollingCallbacks struct {
@@ -116,7 +125,7 @@ func (my *MytokenServer) PollOnce(pollingCode string) (string, bool, error) {
 		PollingCode: pollingCode,
 	}
 
-	tok, err := my.GetMytoken(req)
+	tok, _, err := my.GetMytoken(req)
 	if err == nil {
 		return tok, true, nil
 	}
diff --git a/revoke.go b/revoke.go
@@ -4,7 +4,7 @@ import (
 	"github.com/oidc-mytoken/api/v0"
 )
 
-func (my *MytokenServer) Revoke(mytoken, oidcIssuer string, recursive bool) error {
+func (my *MytokenServer) Revoke(mytoken string, oidcIssuer string, recursive bool) error {
 	req := api.RevocationRequest{
 		Token:      mytoken,
 		Recursive:  recursive,
diff --git a/tokeninfo.go b/tokeninfo.go
@@ -15,36 +15,45 @@ func (my *MytokenServer) TokeninfoIntrospect(mytoken string) (*api.TokeninfoIntr
 	}
 	return &resp, nil
 }
-func (my *MytokenServer) TokeninfoHistory(mytoken string) (*api.TokeninfoHistoryResponse, error) {
+func (my *MytokenServer) TokeninfoHistory(mytoken *string) (api.EventHistory, error) {
 	req := api.TokenInfoRequest{
 		Action:  api.TokeninfoActionEventHistory,
-		Mytoken: mytoken,
+		Mytoken: *mytoken,
 	}
 	var resp api.TokeninfoHistoryResponse
 	if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {
 		return nil, err
 	}
-	return &resp, nil
+	if resp.TokenUpdate != nil {
+		*mytoken = resp.TokenUpdate.Mytoken
+	}
+	return resp.EventHistory, nil
 }
-func (my *MytokenServer) TokeninfoSubtokens(mytoken string) (*api.TokeninfoTreeResponse, error) {
+func (my *MytokenServer) TokeninfoSubtokens(mytoken *string) (*api.MytokenEntryTree, error) {
 	req := api.TokenInfoRequest{
 		Action:  api.TokeninfoActionSubtokenTree,
-		Mytoken: mytoken,
+		Mytoken: *mytoken,
 	}
 	var resp api.TokeninfoTreeResponse
 	if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {
 		return nil, err
 	}
-	return &resp, nil
+	if resp.TokenUpdate != nil {
+		*mytoken = resp.TokenUpdate.Mytoken
+	}
+	return &resp.Tokens, nil
 }
-func (my *MytokenServer) TokeninfoListMytokens(mytoken string) (*api.TokeninfoListResponse, error) {
+func (my *MytokenServer) TokeninfoListMytokens(mytoken *string) ([]api.MytokenEntryTree, error) {
 	req := api.TokenInfoRequest{
 		Action:  api.TokeninfoActionListMytokens,
-		Mytoken: mytoken,
+		Mytoken: *mytoken,
 	}
 	var resp api.TokeninfoListResponse
 	if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {
 		return nil, err
 	}
-	return &resp, nil
+	if resp.TokenUpdate != nil {
+		*mytoken = resp.TokenUpdate.Mytoken
+	}
+	return resp.Tokens, nil
 }

Original file line number	Diff line number	Diff line change
`@@ -4,11 +4,14 @@ import (`
`4`	`4`	`"github.com/oidc-mytoken/api/v0"`
`5`	`5`	`)`
`6`	`6`
`7`		`-func (my *MytokenServer) GetAccessToken(mytoken, oidcIssuer string, scopes, audiences []string, comment string) (string, error) {`
`8`		`- req := NewAccessTokenRequest(oidcIssuer, mytoken, scopes, audiences, comment)`
	`7`	`+func (my MytokenServer) GetAccessToken(mytoken string, oidcIssuer string, scopes, audiences []string, comment string) (string, error) {`
	`8`	`+ req := NewAccessTokenRequest(oidcIssuer, *mytoken, scopes, audiences, comment)`
`9`	`9`	`var resp api.AccessTokenResponse`
`10`	`10`	`if err := doHTTPRequest("POST", my.AccessTokenEndpoint, req, &resp); err != nil {`
`11`	`11`	`return "", err`
`12`	`12`	`}`
	`13`	`+ if resp.TokenUpdate != nil {`
	`14`	`+ *mytoken = resp.TokenUpdate.Mytoken`
	`15`	`+ }`
`13`	`16`	`return resp.AccessToken, nil`
`14`	`17`	`}`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ import (`
`4`	`4`	`"github.com/oidc-mytoken/api/v0"`
`5`	`5`	`)`
`6`	`6`
`7`		`-func (my *MytokenServer) Revoke(mytoken, oidcIssuer string, recursive bool) error {`
	`7`	`+func (my *MytokenServer) Revoke(mytoken string, oidcIssuer string, recursive bool) error {`
`8`	`8`	`req := api.RevocationRequest{`
`9`	`9`	`Token: mytoken,`
`10`	`10`	`Recursive: recursive,`
Original file line number	Diff line number	Diff line change
`@@ -15,36 +15,45 @@ func (my MytokenServer) TokeninfoIntrospect(mytoken string) (api.TokeninfoIntr`
`15`	`15`	`}`
`16`	`16`	`return &resp, nil`
`17`	`17`	`}`
`18`		`-func (my MytokenServer) TokeninfoHistory(mytoken string) (api.TokeninfoHistoryResponse, error) {`
	`18`	`+func (my MytokenServer) TokeninfoHistory(mytoken string) (api.EventHistory, error) {`
`19`	`19`	`req := api.TokenInfoRequest{`
`20`	`20`	`Action: api.TokeninfoActionEventHistory,`
`21`		`- Mytoken: mytoken,`
	`21`	`+ Mytoken: *mytoken,`
`22`	`22`	`}`
`23`	`23`	`var resp api.TokeninfoHistoryResponse`
`24`	`24`	`if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {`
`25`	`25`	`return nil, err`
`26`	`26`	`}`
`27`		`- return &resp, nil`
	`27`	`+ if resp.TokenUpdate != nil {`
	`28`	`+ *mytoken = resp.TokenUpdate.Mytoken`
	`29`	`+ }`
	`30`	`+ return resp.EventHistory, nil`
`28`	`31`	`}`
`29`		`-func (my MytokenServer) TokeninfoSubtokens(mytoken string) (api.TokeninfoTreeResponse, error) {`
	`32`	`+func (my MytokenServer) TokeninfoSubtokens(mytoken string) (*api.MytokenEntryTree, error) {`
`30`	`33`	`req := api.TokenInfoRequest{`
`31`	`34`	`Action: api.TokeninfoActionSubtokenTree,`
`32`		`- Mytoken: mytoken,`
	`35`	`+ Mytoken: *mytoken,`
`33`	`36`	`}`
`34`	`37`	`var resp api.TokeninfoTreeResponse`
`35`	`38`	`if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {`
`36`	`39`	`return nil, err`
`37`	`40`	`}`
`38`		`- return &resp, nil`
	`41`	`+ if resp.TokenUpdate != nil {`
	`42`	`+ *mytoken = resp.TokenUpdate.Mytoken`
	`43`	`+ }`
	`44`	`+ return &resp.Tokens, nil`
`39`	`45`	`}`
`40`		`-func (my MytokenServer) TokeninfoListMytokens(mytoken string) (api.TokeninfoListResponse, error) {`
	`46`	`+func (my MytokenServer) TokeninfoListMytokens(mytoken string) ([]api.MytokenEntryTree, error) {`
`41`	`47`	`req := api.TokenInfoRequest{`
`42`	`48`	`Action: api.TokeninfoActionListMytokens,`
`43`		`- Mytoken: mytoken,`
	`49`	`+ Mytoken: *mytoken,`
`44`	`50`	`}`
`45`	`51`	`var resp api.TokeninfoListResponse`
`46`	`52`	`if err := doHTTPRequest("POST", my.TokeninfoEndpoint, req, &resp); err != nil {`
`47`	`53`	`return nil, err`
`48`	`54`	`}`
`49`		`- return &resp, nil`
	`55`	`+ if resp.TokenUpdate != nil {`
	`56`	`+ *mytoken = resp.TokenUpdate.Mytoken`
	`57`	`+ }`
	`58`	`+ return resp.Tokens, nil`
`50`	`59`	`}`