Skip to content

Commit

Permalink
access_service_tokens: add method for refreshing tokens instead of re…
Browse files Browse the repository at this point in the history
…placing
  • Loading branch information
jacobbednarz committed Aug 30, 2022
1 parent c7f1c06 commit 993280f
Show file tree
Hide file tree
Showing 2 changed files with 82 additions and 0 deletions.
41 changes: 41 additions & 0 deletions access_service_tokens.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,17 @@ type AccessServiceTokenUpdateResponse struct {
ClientID string `json:"client_id"`
}

// AccessServiceTokenRefreshResponse represents the response from the API
// when an existing service token is refreshed to last longer.
type AccessServiceTokenRefreshResponse struct {
CreatedAt *time.Time `json:"created_at"`
UpdatedAt *time.Time `json:"updated_at"`
ExpiresAt *time.Time `json:"expires_at"`
ID string `json:"id"`
Name string `json:"name"`
ClientID string `json:"client_id"`
}

// AccessServiceTokenCreateResponse is the same API response as the Update
// operation with the exception that the `ClientSecret` is present in a
// Create operation.
Expand Down Expand Up @@ -78,6 +89,15 @@ type AccessServiceTokensUpdateDetailResponse struct {
Result AccessServiceTokenUpdateResponse `json:"result"`
}

// AccessServiceTokensRefreshDetailResponse is the API response, containing a
// single Access Service Token.
type AccessServiceTokensRefreshDetailResponse struct {
Success bool `json:"success"`
Errors []string `json:"errors"`
Messages []string `json:"messages"`
Result AccessServiceTokenRefreshResponse `json:"result"`
}

// AccessServiceTokens returns all Access Service Tokens for an account.
//
// API reference: https://api.cloudflare.com/#access-service-tokens-list-access-service-tokens
Expand Down Expand Up @@ -213,3 +233,24 @@ func (api *API) deleteAccessServiceToken(ctx context.Context, id, uuid string, r

return accessServiceTokenUpdate.Result, nil
}

// RefreshAccessServiceToken updates the expiry of an Access Service Token
// in place.
//
// API reference: https://api.cloudflare.com/#access-service-tokens-refresh-a-service-token
func (api *API) RefreshAccessServiceToken(ctx context.Context, rc *ResourceContainer, id string) (AccessServiceTokenRefreshResponse, error) {
uri := fmt.Sprintf("/%s/%s/access/service_tokens/%s/refresh", rc.Level, rc.Identifier, id)

res, err := api.makeRequestContext(ctx, http.MethodPost, uri, nil)
if err != nil {
return AccessServiceTokenRefreshResponse{}, err
}

var accessServiceTokenRefresh AccessServiceTokensRefreshDetailResponse
err = json.Unmarshal(res, &accessServiceTokenRefresh)
if err != nil {
return AccessServiceTokenRefreshResponse{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
}

return accessServiceTokenRefresh.Result, nil
}
41 changes: 41 additions & 0 deletions access_service_tokens_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,47 @@ func TestUpdateAccessServiceToken(t *testing.T) {
}
}

func TestRefreshAccessServiceToken(t *testing.T) {
setup()
defer teardown()

handler := func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, http.MethodPost, r.Method, "Expected method 'POST', got %s", r.Method)
w.Header().Set("content-type", "application/json")
fmt.Fprintf(w, `{
"success": true,
"errors": [],
"messages": [],
"result": {
"created_at": "2014-01-01T05:20:00.12345Z",
"updated_at": "2014-01-01T05:20:00.12345Z",
"expires_at": "2015-01-01T05:20:00.12345Z",
"id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
"name": "CI/CD token",
"client_id": "88bf3b6d86161464f6509f7219099e57.access.example.com"
}
}
`)
}

expected := AccessServiceTokenRefreshResponse{
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
ExpiresAt: &expiresAt,
ID: "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
Name: "CI/CD token",
ClientID: "88bf3b6d86161464f6509f7219099e57.access.example.com",
}

mux.HandleFunc("/accounts/"+testAccountID+"/access/service_tokens/f174e90a-fafe-4643-bbbc-4a0ed4fc8415/refresh", handler)

actual, err := client.RefreshAccessServiceToken(context.Background(), AccountIdentifier(testAccountID), "f174e90a-fafe-4643-bbbc-4a0ed4fc8415")

if assert.NoError(t, err) {
assert.Equal(t, expected, actual)
}
}

func TestDeleteAccessServiceToken(t *testing.T) {
setup()
defer teardown()
Expand Down

0 comments on commit 993280f

Please sign in to comment.