Client + Discovery: Implement further organizations expiry

2 files changed, 16 insertions, 0 deletions

diff --git a/client/client.go b/client/client.go
index 6dae665..c443528 100644
--- a/client/client.go
+++ b/client/client.go
@@ -188,6 +188,11 @@ func (c *Client) DiscoOrganizations() (orgs *types.DiscoveryOrganizations, err e
 		return nil, errors.Errorf("discovery with Let's Connect is not supported")
 	}
 
+	// Mark organizations as expired if we have not set an organization yet
+	if !c.Servers.HasSecureInternet() {
+		c.Discovery.MarkOrganizationsExpired()
+	}
+
 	return c.Discovery.Organizations()
 }
 
diff --git a/client/server.go b/client/server.go
index bf4ad6a..c136913 100644
--- a/client/server.go
+++ b/client/server.go
@@ -258,6 +258,10 @@ func (c *Client) AddSecureInternetHomeServer(orgID string) (srv server.Server, e
 	// Get the secure internet URL from discovery
 	org, dSrv, err := c.Discovery.SecureHomeArgs(orgID)
 	if err != nil {
+		// We mark the organizations as expired because we got an error
+		// Note that in the docs it states that it only should happen when the Org ID doesn't exist
+		// However, this is nice as well because it also catches the error where the SecureInternetHome server is not found
+		c.Discovery.MarkOrganizationsExpired()
 		c.goBackInternal()
 		return nil, err
 	}
@@ -554,6 +558,13 @@ func (c *Client) ensureLogin(srv server.Server, ct oauth.Token) (err error) {
 		return nil
 	}
 
+	// Mark organizations as expired if the server is a secure internet server
+	b, err := srv.Base()
+	// We only try to update it when we found the server base
+	if err == nil && b.Type == "secure_internet" {
+		c.Discovery.MarkOrganizationsExpired()
+	}
+
 	// Tokens are not valid or the client gave an error when updating tokens
 	// Otherwise, do the OAuth exchange
 	var url string