-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
Copy pathsession.cr
56 lines (48 loc) · 1.73 KB
/
session.cr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# An OAuth2 session makes it easy to implement APIs that need to refresh
# an access token once its expired before executing an HTTP request.
class OAuth2::Session
getter oauth2_client : Client
getter access_token : AccessToken
getter expires_at : Time?
# Creates an `OAuth2::Session`.
#
# Params:
# * *oauth2_client*: the OAuth2::Client used to refresh an access token.
# * *access_token*: the OAuth2::AccessToken to make requests.
# * *expires_at*: the Time when the access token expires.
# * *callback*: invoked when an access token is refreshed, giving you a chance to persist it.
def initialize(@oauth2_client : Client, @access_token : AccessToken, @expires_at = Time.utc, &@callback : OAuth2::Session ->)
end
# Authenticates an `HTTP::Client`, refreshing the access token if it is expired.
#
# Invoke this method on an `HTTP::Client` before executing an HTTP request.
def authenticate(http_client) : Nil
check_refresh_token
@access_token.authenticate http_client
end
private def check_refresh_token
if access_token_expired?
refresh_access_token
@callback.call(self)
end
end
private def access_token_expired?
if expires_at = @expires_at
Time.utc >= expires_at
else
false
end
end
private def refresh_access_token
old_access_token = @access_token
@access_token = @oauth2_client.get_access_token_using_refresh_token(@access_token.refresh_token)
expires_in = @access_token.expires_in
if expires_in
@expires_at = Time.utc + expires_in.seconds
else
# If there's no expires_in in the access token, we assume it never expires
@expires_at = nil
end
@access_token.refresh_token ||= old_access_token.refresh_token
end
end