-
Notifications
You must be signed in to change notification settings - Fork 1
/
auth_clientcredentials.go
97 lines (84 loc) · 2.63 KB
/
auth_clientcredentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package gcloudcx
import (
"context"
"net/http"
"time"
"github.com/gildas/go-errors"
"github.com/gildas/go-request"
"github.com/google/uuid"
)
// ClientCredentialsGrant implements GCloud's Client Credentials Grants
//
// When the Token is updated, the new token is sent to the TokenUpdated chan along with the CustomData
//
// See: https://developer.mypurecloud.com/api/rest/authorization/use-client-credentials.html
type ClientCredentialsGrant struct {
ClientID uuid.UUID
Secret string
Token AccessToken
CustomData interface{}
TokenUpdated chan UpdatedAccessToken
}
// GetID gets the client Identifier
//
// Implements core.Identifiable
func (grant *ClientCredentialsGrant) GetID() uuid.UUID {
return grant.ClientID
}
// Authorize this Grant with GCloud CX
//
// Implements Authorizable
func (grant *ClientCredentialsGrant) Authorize(context context.Context, client *Client) (err error) {
log := client.GetLogger(context).Child("client", "authorize", "grant", "client_credentials", "token", grant.Token.ID)
log.Infof("Authenticating with %s using Client Credentials grant", client.Region)
// Validates the Grant
if grant.ClientID == uuid.Nil {
return errors.ArgumentMissing.With("ClientID")
}
if len(grant.Secret) == 0 {
return errors.ArgumentMissing.With("Secret")
}
// Resets the token before authenticating
grant.Token.Reset()
response := struct {
AccessToken string `json:"access_token,omitempty"`
TokenType string `json:"token_type,omitempty"`
ExpiresIn int64 `json:"expires_in,omitempty"`
Error string `json:"error,omitempty"`
}{}
err = client.SendRequest(
context,
NewURI("%s/oauth/token", client.LoginURL),
&request.Options{
Method: http.MethodPost,
Authorization: request.BasicAuthorization(grant.ClientID.String(), grant.Secret),
Payload: map[string]string{
"grant_type": "client_credentials",
},
},
&response,
)
if err != nil {
return err
}
// Saves the token
grant.Token.Type = response.TokenType
grant.Token.Token = response.AccessToken
grant.Token.ExpiresOn = time.Now().Add(time.Duration(response.ExpiresIn) * time.Second)
log.Debugf("New %s token expires on %s", grant.Token.Type, grant.Token.ExpiresOn)
if grant.TokenUpdated != nil {
log.Debugf("Sending new token to TokenUpdated Go channel")
grant.TokenUpdated <- UpdatedAccessToken{
AccessToken: grant.Token,
CustomData: grant.CustomData,
}
}
client.Organization, _ = client.GetMyOrganization(context)
return
}
// AccessToken gives the access Token carried by this Grant
//
// Implements Authorizable
func (grant *ClientCredentialsGrant) AccessToken() *AccessToken {
return &grant.Token
}