mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-09 09:56:48 +00:00
b22c130e60
A client error response for the refresh grant is assumed to be an irrecoverable error; e.g. the refresh token is invalid, the authorization is invalid, user is logged out, etc. In such cases we will consider the session state to be invalid, and a new authorization grant should be performed.
60 lines
1.4 KiB
Go
60 lines
1.4 KiB
Go
package sessionrefresh
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"net/http"
|
|
|
|
mw "github.com/nais/wonderwall/pkg/middleware"
|
|
"github.com/nais/wonderwall/pkg/session"
|
|
)
|
|
|
|
type Source interface {
|
|
GetSessions() *session.Handler
|
|
}
|
|
|
|
func Handler(src Source, w http.ResponseWriter, r *http.Request) {
|
|
logger := mw.LogEntryFrom(r)
|
|
|
|
key, err := src.GetSessions().GetKey(r)
|
|
if err != nil {
|
|
logger.Infof("session/refresh: getting key: %+v", err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
data, err := src.GetSessions().Get(r)
|
|
if err != nil {
|
|
if errors.Is(err, session.KeyNotFoundError) {
|
|
logger.Infof("session/refresh: getting session: %+v", err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
logger.Warnf("session/refresh: getting session: %+v", err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
data, err = src.GetSessions().Refresh(r, key, data)
|
|
if err != nil {
|
|
if errors.Is(err, session.InvalidStateError) {
|
|
logger.Infof("session/refresh: refreshing: %+v", err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
logger.Warnf("session/refresh: refreshing: %+v", err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
err = json.NewEncoder(w).Encode(data.Metadata.VerboseWithRefresh())
|
|
if err != nil {
|
|
logger.Warnf("session/refresh: marshalling metadata: %+v", err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
}
|