oauth2
oauth2 copied to clipboard
golang
Add additional headers during token refresh
The VW api I'm working with (which is almost OAuth but then isn't) needs to receive the clientID in X-Client-ID header during token refresh. Would it be possible to add such header?
Here is an example token source that supports custom refreshers:
type TokenRefresher interface {
RefreshToken(token *oauth2.Token) (*oauth2.Token, error)
}
type TokenSource struct {
token *oauth2.Token
refresher TokenRefresher
}
func RefreshTokenSource(token *oauth2.Token, refresher TokenRefresher) oauth2.TokenSource {
return &TokenSource{token, refresher}
}
func (ts *TokenSource) Token() (*oauth2.Token, error) {
var err error
if time.Until(ts.token.Expiry) < time.Minute {
var token *oauth2.Token
if token, err = ts.refresher.RefreshToken(ts.token); err == nil {
if token.AccessToken == "" {
err = errors.New("token refresh failed to obtain access token")
} else {
err = ts.mergeToken(token)
}
}
}
return ts.token, err
}
// mergeToken updates a token while preventing wiping the refresh token
func (ts *TokenSource) mergeToken(t *oauth2.Token) error {
return mergo.Merge(ts.token, t, mergo.WithOverride)
}
One could easily take this forward and make the guard time configurable, too (https://github.com/golang/oauth2/issues/481).
This would be useful to propagate tracing headers too. Besides, for new oauth2 requests, afaik the headers are hardcoded in an internal class: https://github.com/golang/oauth2/blob/master/internal/token.go#L173 (from current master c85d3e98c914)
