From b51831b6361dde4e63fa38bfd968ff729ab72dc5 Mon Sep 17 00:00:00 2001
From: jwijenbergh <jeroenwijenbergh@protonmail.com>
Date: Tue, 10 Jan 2023 12:15:01 +0100
Subject: Client + Discovery: Implement further organizations expiry

---
 client/server.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'client/server.go')

diff --git a/client/server.go b/client/server.go
index bf4ad6a..c136913 100644
--- a/client/server.go
+++ b/client/server.go
@@ -258,6 +258,10 @@ func (c *Client) AddSecureInternetHomeServer(orgID string) (srv server.Server, e
 	// Get the secure internet URL from discovery
 	org, dSrv, err := c.Discovery.SecureHomeArgs(orgID)
 	if err != nil {
+		// We mark the organizations as expired because we got an error
+		// Note that in the docs it states that it only should happen when the Org ID doesn't exist
+		// However, this is nice as well because it also catches the error where the SecureInternetHome server is not found
+		c.Discovery.MarkOrganizationsExpired()
 		c.goBackInternal()
 		return nil, err
 	}
@@ -554,6 +558,13 @@ func (c *Client) ensureLogin(srv server.Server, ct oauth.Token) (err error) {
 		return nil
 	}
 
+	// Mark organizations as expired if the server is a secure internet server
+	b, err := srv.Base()
+	// We only try to update it when we found the server base
+	if err == nil && b.Type == "secure_internet" {
+		c.Discovery.MarkOrganizationsExpired()
+	}
+
 	// Tokens are not valid or the client gave an error when updating tokens
 	// Otherwise, do the OAuth exchange
 	var url string
-- 
cgit v1.2.3