Merge pull request #2 from oidc-mytoken/dev

Dev
oidc-mytoken · Jan 31, 2022 · 35c89f9 · 35c89f9
2 parents 9dacea3 + cc70eba
commit 35c89f9
Show file tree

Hide file tree

Showing 18 changed files with 882 additions and 1,002 deletions.
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020-2021 Gabriel Zachmann
+Copyright (c) 2020-2022 Gabriel Zachmann
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -12,7 +12,8 @@
 `mytokenlib` is a go library for communicating with amytoken server.
 `mytoken` is a central web service with the goal to easily obtain OpenID Connect access tokens across devices.
 
-A mytoken command line client can be found at [https://github.com/oidc-mytoken/client](https://github.com/oidc-mytoken/client).
+A mytoken command line client can be found
+at [https://github.com/oidc-mytoken/client](https://github.com/oidc-mytoken/client).
 
 The mytoken server can be found at [https://github.com/oidc-mytoken/server](https://github.com/oidc-mytoken/server).
 

diff --git a/accesstoken.go b/accesstoken.go
@@ -2,28 +2,54 @@ package mytokenlib
 
 import (
 	"github.com/oidc-mytoken/api/v0"
-	"github.com/oidc-mytoken/server/shared/httpClient"
 )
 
-func (my *MytokenProvider) GetAccessToken(mytoken, oidcIssuer string, scopes, audiences []string, comment string) (string, error) {
+// AccessTokenEndpoint is type representing a mytoken server's Access Token Endpoint and the actions that can be
+// performed there.
+type AccessTokenEndpoint struct {
+	endpoint string
+}
+
+func newAccessTokenEndpoint(endpoint string) *AccessTokenEndpoint {
+	return &AccessTokenEndpoint{
+		endpoint: endpoint,
+	}
+}
+
+// DoHTTPRequest performs an http request to the access token endpoint
+func (at AccessTokenEndpoint) DoHTTPRequest(method string, req, resp interface{}) error {
+	return doHTTPRequest(method, at.endpoint, req, resp)
+}
+
+// APIGet uses the passed mytoken to return an access token with the specified attributes. If a non-empty string
+// is passed as the oidcIssuer it must match the oidc issuer of the mytoken. If scopes and audiences are passed the
+// access token is requested with these parameters, if omitted the default values for this mytoken / provider are used.
+// Multiple scopes are passed as a space separated string. The comment details how the access token is intended to be
+// used.
+// If the used mytoken changes (due to token rotation), the new mytoken is included in the api.AccessTokenResponse
+func (at AccessTokenEndpoint) APIGet(
+	mytoken string, oidcIssuer string, scopes, audiences []string, comment string,
+) (resp api.AccessTokenResponse, err error) {
 	req := NewAccessTokenRequest(oidcIssuer, mytoken, scopes, audiences, comment)
-	resp, err := httpClient.Do().R().SetBody(req).SetResult(&api.AccessTokenResponse{}).SetError(&api.Error{}).Post(my.AccessTokenEndpoint)
+	err = at.DoHTTPRequest("POST", req, &resp)
+	return
+}
+
+// Get uses the passed mytoken to return an access token with the specified attributes. If a non-empty string
+// is passed as the oidcIssuer it must match the oidc issuer of the mytoken. If scopes and audiences are passed the
+// access token is requested with these parameters, if omitted the default values for this mytoken / provider are used.
+// Multiple scopes are passed as a space separated string. The comment details how the access token is intended to be
+// used.
+// If the used mytoken changes (due to token rotation), the passed variable is updated accordingly.
+func (at AccessTokenEndpoint) Get(
+	mytoken *string, oidcIssuer string, scopes, audiences []string, comment string,
+) (string, error) {
+	resp, err := at.APIGet(*mytoken, oidcIssuer, scopes, audiences, comment)
 	if err != nil {
-		return "", newMytokenErrorFromError("error while sending http request", err)
-	}
-	if e := resp.Error(); e != nil {
-		if errRes := e.(*api.Error); errRes != nil && errRes.Error != "" {
-			return "", &MytokenError{
-				err:          errRes.Error,
-				errorDetails: errRes.ErrorDescription,
-			}
-		}
+		return "", err
 	}
-	atRes, ok := resp.Result().(*api.AccessTokenResponse)
-	if !ok {
-		return "", &MytokenError{
-			err: unexpectedResponse,
-		}
+	if resp.TokenUpdate != nil {
+		*mytoken = resp.TokenUpdate.Mytoken
 	}
-	return atRes.AccessToken, nil
+	return resp.AccessToken, nil
 }
diff --git a/error.go b/error.go
@@ -6,20 +6,18 @@ type MytokenError struct {
 	errorDetails string
 }
 
-func (err *MytokenError) Error() string {
+// Error implements the error interface and returns a string representation of this MytokenError
+func (err MytokenError) Error() string {
 	e := err.err
 	if err.errorDetails != "" {
 		e += ": " + err.errorDetails
 	}
 	return e
 }
 
-func newMytokenErrorFromError(e string, err error) *MytokenError {
-	return &MytokenError{
+func newMytokenErrorFromError(e string, err error) MytokenError {
+	return MytokenError{
 		err:          e,
 		errorDetails: err.Error(),
 	}
 }
-
-const unexpectedResponse = "unexpected response from mytoken server"
-const errorWhileHttp = "error while sending http request"
diff --git a/go.mod b/go.mod
@@ -2,7 +2,4 @@ module github.com/oidc-mytoken/lib
 
 go 1.13
 
-require (
-	github.com/oidc-mytoken/api v0.3.0
-	github.com/oidc-mytoken/server v0.2.0
-)
+require github.com/oidc-mytoken/api v0.4.0