vcert/v4/pkg: Expose API for refreshing the access token

RefreshAccessToken() api is not exposed in Connector interface at the moment. Adding the same by introducing a wrapper over RefreshAccessToken() which returns an interface instead of tpp specific struct. Other possible approach can be - moving out the struct OauthRefreshAccessTokenResponse to endpoint.go file and add RefreshAccessToken() to Connector interface. But the stuct is TPP specific so placing it in endpoint pkg does not look right therefor going with current approac
Venafi · Aug 18, 2023 · 8a3adb1 · 8a3adb1
1 parent 395a7c3
commit 8a3adb1
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 1 deletion.
diff --git a/client.go b/client.go
@@ -121,6 +121,5 @@ func getNewClientArguments(args []interface{}) (*newClientArgs, error) {
 // The returned connector will be authenticated by default, but it's possible to pass a bool argument to indicate if it's
 // desired to get the connector authenticated already or not.
 func NewClient(cfg *Config, args ...interface{}) (endpoint.Connector, error) {
-        // temp comment
 	return cfg.newClient(args)
 }
diff --git a/pkg/endpoint/endpoint.go b/pkg/endpoint/endpoint.go
@@ -133,6 +133,13 @@ type Connector interface {
 	RetrieveCertificateMetaData(dn string) (*certificate.CertificateMetaData, error)
 	RetrieveSystemVersion() (string, error)
 	WriteLog(req *LogRequest) error
+	RefreshAccessTokenValidity(auth *Authentication) (RefreshTokenResponse, error)
+}
+
+// RefreshTokenResponse provides the information of refreshed token
+type RefreshTokenResponse interface {
+	GetRefreshedAccessTokenInfo() (string, int)
+	GetRefreshTokenInfo() (string, int)
 }
 
 type Filter struct {

diff --git a/pkg/venafi/cloud/connector.go b/pkg/venafi/cloud/connector.go
@@ -1889,3 +1889,8 @@ func getCertificateAuthorityInfoFromCloud(caName, caAccountId, caProductOptionId
 
 	return &info, nil
 }
+
+// RefreshAccessTokenValidity is a wrapper over RefreshAccessToken which refreshes OAuth access token
+func (c *Connector) RefreshAccessTokenValidity(auth *endpoint.Authentication) (endpoint.RefreshTokenResponse, error) {
+	return nil, fmt.Errorf("RefreshAccessTokenValidity is not implemented for venafi cloud")
+}
diff --git a/pkg/venafi/fake/connector.go b/pkg/venafi/fake/connector.go
@@ -412,3 +412,8 @@ func (c *Connector) ListCertificates(filter endpoint.Filter) ([]certificate.Cert
 func (c *Connector) WriteLog(logReq *endpoint.LogRequest) (err error) {
 	return fmt.Errorf("Logging is not supported in -test-mode")
 }
+
+// RefreshAccessTokenValidity is a wrapper over RefreshAccessToken which refreshes OAuth access token
+func (c *Connector) RefreshAccessTokenValidity(auth *endpoint.Authentication) (endpoint.RefreshTokenResponse, error) {
+	return nil, fmt.Errorf("RefreshAccessTokenValidity is not implemented for fake")
+}
diff --git a/pkg/venafi/firefly/connector.go b/pkg/venafi/firefly/connector.go
@@ -392,3 +392,8 @@ func (c *Connector) RetrieveCertificateMetaData(_ string) (*certificate.Certific
 func (c *Connector) RetireCertificate(_ *certificate.RetireRequest) error {
 	panic("operation is not supported yet")
 }
+
+// RefreshAccessTokenValidity is a wrapper over RefreshAccessToken which refreshes OAuth access token
+func (c *Connector) RefreshAccessTokenValidity(auth *endpoint.Authentication) (endpoint.RefreshTokenResponse, error) {
+	return nil, fmt.Errorf("RefreshAccessTokenValidity is not implemented for fake")
+}
diff --git a/pkg/venafi/tpp/connector.go b/pkg/venafi/tpp/connector.go
@@ -238,6 +238,27 @@ func (c *Connector) RefreshAccessToken(auth *endpoint.Authentication) (resp Oaut
 	}
 }
 
+// RefreshAccessTokenValidity is a wrapper over RefreshAccessToken which refreshes OAuth access token
+func (c *Connector) RefreshAccessTokenValidity(auth *endpoint.Authentication) (endpoint.RefreshTokenResponse, error) {
+	var resp endpoint.RefreshTokenResponse
+	var err error
+	resp, err = c.RefreshAccessToken(auth)
+	if err != nil {
+		return nil, err
+	}
+	return resp, nil
+}
+
+// GetRefreshedAccessTokenInfo returns refreshed access token and its validity
+func (o OauthRefreshAccessTokenResponse) GetRefreshedAccessTokenInfo() (string, int) {
+	return o.Access_token, o.Expires
+}
+
+// GetRefreshTokenInfo returns refresh token and its validity
+func (o OauthRefreshAccessTokenResponse) GetRefreshTokenInfo() (string, int) {
+	return o.Refresh_token, o.Refresh_until
+}
+
 // VerifyAccessToken - call to check whether token is valid and, if so, return its properties
 func (c *Connector) VerifyAccessToken(auth *endpoint.Authentication) (resp OauthVerifyTokenResponse, err error) {