diff options
| author | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-09-07 17:44:07 +0200 |
|---|---|---|
| committer | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-09-07 17:44:07 +0200 |
| commit | e1bd5ec1c939f5431925ab3bb83352d0a275ebd9 (patch) | |
| tree | 5272a8592b52757ca288e20a759c244ecb962a3b /internal/server/api.go | |
| parent | 9be031fda160f7bb8e3294ab6620a1510828bd97 (diff) | |
Refactor: Remove the usage of the FSM in other internal packages
This removes the FSM from being imported and thus used in other
internal packages such as `oauth` or `server`. The benefit is that it
becomes much easier now to reason about the FSM as it's only used in
the public package. Additionally, we do not have to re-initialize the
server and the oauth structure with the FSM pointer.
Diffstat (limited to 'internal/server/api.go')
| -rw-r--r-- | internal/server/api.go | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/internal/server/api.go b/internal/server/api.go index 57d91c6..80ecf2e 100644 --- a/internal/server/api.go +++ b/internal/server/api.go @@ -10,7 +10,6 @@ import ( httpw "github.com/jwijenbergh/eduvpn-common/internal/http" "github.com/jwijenbergh/eduvpn-common/internal/types" - "github.com/jwijenbergh/eduvpn-common/internal/util" ) func APIGetEndpoints(baseURL string) (*ServerEndpoints, error) { @@ -51,19 +50,14 @@ func apiAuthorized( url := base.Endpoints.API.V3.API + endpoint - // Ensure we have valid tokens - stateBefore := base.FSM.Current + // Make sure the tokens are valid, this will return an error if re-login is needed oauthErr := EnsureTokens(server) - - // we reset the state so that we go from the authorized state to the state we want - base.FSM.Current = stateBefore - if oauthErr != nil { return nil, nil, &types.WrappedErrorMessage{Message: errorMessage, Err: oauthErr} } headerKey := "Authorization" - headerValue := fmt.Sprintf("Bearer %s", server.GetOAuth().Token.Access) + headerValue := fmt.Sprintf("Bearer %s", GetHeaderToken(server)) if opts.Headers != nil { opts.Headers.Add(headerKey, headerValue) } else { @@ -86,8 +80,8 @@ func apiAuthorizedRetry( // Only retry authorized if we get a HTTP 401 if errors.As(bodyErr, &error) && error.Status == 401 { - // Tell the method that the token is expired - server.GetOAuth().Token.ExpiredTimestamp = util.GetCurrentTime() + // Mark the token as expired and retry so we trigger the refresh flow + MarkTokenExpired(server) retryHeader, retryBody, retryErr := apiAuthorized(server, method, endpoint, opts) if retryErr != nil { return nil, nil, &types.WrappedErrorMessage{Message: errorMessage, Err: retryErr} @@ -205,6 +199,7 @@ func APIConnectOpenVPN(server Server, profile_id string) (string, time.Time, err } // This needs no further return value as it's best effort +// FIXME: doAuth should not be needed here func APIDisconnect(server Server) { apiAuthorized(server, http.MethodPost, "/disconnect", nil) } |