add token refresher

Author: zendesk-mradmacher

lib/zendesk_api.rb

@@ -6,3 +6,4 @@ module ZendeskAPI; end
 require 'zendesk_api/helpers'
 require 'zendesk_api/core_ext/inflection'
 require 'zendesk_api/client'
+require 'zendesk_api/token_refresher'

lib/zendesk_api/client.rb

@@ -240,7 +240,8 @@ def set_authentication(builder, config)
         # Upon refreshing the access token, the configuration is updated accordingly.
         # Utilizing the proc here ensures that the token used is always valid.
         builder.request :authorization, "Bearer", -> { config.access_token }
-        builder.use ZendeskAPI::Middleware::Response::TokenRefresher, config
+        # TODO: If you decide to use TokenRefresher as a middleware, uncomment the below line.
+        # builder.use ZendeskAPI::Middleware::Response::TokenRefresher, config
       elsif config.access_token
         builder.use ZendeskAPI::Middleware::Request::UrlBasedAccessToken, config.access_token
       else

lib/zendesk_api/middleware/response/token_refresher.rb

@@ -16,50 +16,11 @@ def initialize(app, config)
         def on_complete(env)
           return unless ERROR_CODES.include?(env[:status])
 
-          return unless @config.client_id
-          return unless @config.client_secret
-          return unless @config.refresh_token
-
-          refresh_token
-        end
-
-        def refresh_token
-          response = connection.post "/oauth/tokens" do |req|
-            req.body = {
-              grant_type: "refresh_token",
-              refresh_token: @config.refresh_token,
-              client_id: @config.client_id,
-              client_secret: @config.client_secret
-            }.tap do |params|
-              params.merge!(expires_in: @config.access_token_expiration) if @config.access_token_expiration
-              params.merge!(refresh_token_expires_in: @config.refresh_token_expiration) if @config.refresh_token_expiration
+          ZendeskAPI::TokenRefresher.new(@config).refresh_token do |access_token, refresh_token|
+            if @config.refresh_token_callback.is_a?(Proc)
+              @config.refresh_token_callback.call(access_token, refresh_token)
             end
           end
-          @config.access_token = response.body["access_token"]
-          @config.refresh_token = response.body["refresh_token"]
-
-          return unless @config.refresh_token_callback.is_a?(Proc)
-
-          @config.refresh_token_callback.call(@config.access_token, @config.refresh_token)
-        end
-
-        def connection
-          @connection ||= Faraday.new(faraday_options) do |builder|
-            builder.use ZendeskAPI::Middleware::Response::RaiseError
-            builder.use ZendeskAPI::Middleware::Response::Logger, @config.logger if @config.logger
-            builder.use ZendeskAPI::Middleware::Response::ParseJson
-            builder.use ZendeskAPI::Middleware::Response::SanitizeResponse
-            builder.use ZendeskAPI::Middleware::Request::EncodeJson
-
-            adapter = @config.adapter || Faraday.default_adapter
-            builder.adapter(*adapter, &@config.adapter_proc)
-          end
-        end
-
-        def faraday_options
-          {
-            url: @config.url
-          }
         end
       end
     end

lib/zendesk_api/token_refresher.rb

@@ -0,0 +1,62 @@
+module ZendeskAPI
+  # Obtains new OAuth access and refresh tokens.
+  class TokenRefresher
+    def initialize(config)
+      @config = config
+    end
+
+    def valid_config?
+      return false unless @config.client_id
+      return false unless @config.client_secret
+      return false unless @config.refresh_token
+
+      true
+    end
+
+    def refresh_token
+      return unless valid_config?
+
+      response = connection.post "/oauth/tokens" do |req|
+        req.body = {
+          grant_type: "refresh_token",
+          refresh_token: @config.refresh_token,
+          client_id: @config.client_id,
+          client_secret: @config.client_secret
+        }.tap do |params|
+          params.merge!(expires_in: @config.access_token_expiration) if @config.access_token_expiration
+          params.merge!(refresh_token_expires_in: @config.refresh_token_expiration) if @config.refresh_token_expiration
+        end
+      end
+      new_access_token = response.body["access_token"]
+      new_refresh_token = response.body["refresh_token"]
+      @config.access_token = new_access_token
+      @config.refresh_token = new_refresh_token
+
+      yield new_access_token, new_refresh_token if block_given?
+    end
+
+    private
+
+    def connection
+      @connection ||= Faraday.new(faraday_options) do |builder|
+        builder.use ZendeskAPI::Middleware::Response::RaiseError
+        builder.use ZendeskAPI::Middleware::Response::Logger, @config.logger if @config.logger
+        builder.use ZendeskAPI::Middleware::Response::ParseJson
+        builder.use ZendeskAPI::Middleware::Response::SanitizeResponse
+        builder.use ZendeskAPI::Middleware::Request::EncodeJson
+
+        # TODO: Should it also use Request::Retry and Request::RaiseRateLimited ZendeskAPI::Middleware
+        # if those options are enabled in client config?
+
+        adapter = @config.adapter || Faraday.default_adapter
+        builder.adapter(*adapter, &@config.adapter_proc)
+      end
+    end
+
+    def faraday_options
+      {
+        url: @config.url
+      }
+    end
+  end
+end

spec/core/middleware/response/token_refresher_spec.rb

@@ -13,6 +13,8 @@
   end
 
   before do
+    skip "TODO: If you decide to use TokenRefresher as a middleware, remove this skip."
+
     client.config.client_id = "client"
     client.config.client_secret = "secret"
     client.config.refresh_token = "abc"
@@ -30,23 +32,19 @@
           body: "",
           headers: { content_type: "application/json" }
         )
+        stub_request(:post, %r{/oauth/tokens}).to_return(
+          status: refresh_token_status,
+          body: refresh_token_body.to_json,
+          headers: { content_type: "application/json" }
+        )
       end
 
       describe "when refreshing token succeeds" do
         let(:refresh_token_status) { 200 }
 
-        before do
-          stub_request(:post, %r{/oauth/tokens}).to_return(
-            status: refresh_token_status,
-            body: refresh_token_body.to_json,
-            headers: { content_type: "application/json" }
-          )
-        end
-
         it "refreshes token" do
           expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
 
-          assert_requested :post, %r{oauth/tokens}
           expect(client.config.access_token).to eq "nt"
           expect(client.config.refresh_token).to eq "nrt"
         end
@@ -64,85 +62,17 @@
           expect(new_refresh_token).to eq "nrt"
         end
 
-        it "does not include expiration params when not configured" do
-          expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
-
-          assert_requested(:post, %r{oauth/tokens}) do |req|
-            expect(req.body).to_not match(/expires_in/)
-            expect(req.body).to_not match(/refresh_token_expires_in/)
-          end
-        end
-
-        it "includes expiration params when configured" do
-          client.config.access_token_expiration = 300
-          client.config.refresh_token_expiration = 604800
-          expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
-
-          assert_requested(:post, %r{oauth/tokens}) do |req|
-            expect(req.body).to match(/expires_in/)
-            expect(req.body).to match(/refresh_token_expires_in/)
-          end
-        end
-
         it "raises unauthorized exception" do
           expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
         end
       end
 
-      describe "with client id not configuration" do
-        before do
-          client.config.client_id = nil
-        end
-
-        it "does not try to refresh token" do
-          expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
-
-          refute_requested :post, %r{/oauth/tokens}
-          expect(client.config.access_token).to eq "xyz"
-        end
-      end
-
-      describe "with client secret not configuration" do
-        before do
-          client.config.client_secret = nil
-        end
-
-        it "does not try to refresh token" do
-          expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
-
-          refute_requested :post, %r{/oauth/tokens}
-          expect(client.config.access_token).to eq "xyz"
-        end
-      end
-
-      describe "with client secret not configuration" do
-        before do
-          client.config.refresh_token = nil
-        end
-
-        it "does not try to refresh token" do
-          expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
-
-          refute_requested :post, %r{oauth/tokens}
-          expect(client.config.access_token).to eq "xyz"
-        end
-      end
-
       describe "when refreshing token fails" do
         let(:refresh_token_status) { 500 }
 
-        before do
-          stub_request(:post, %r{/oauth/tokens}).to_return(
-            status: refresh_token_status,
-            body: refresh_token_body.to_json,
-            headers: { content_type: "application/json" }
-          )
-        end
-
-        it "does not change token configuration" do
+        it "does not update configuration" do
           expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::NetworkError)
 
-          assert_requested :post, %r{oauth/tokens}
           expect(client.config.access_token).to eq "xyz"
           expect(client.config.refresh_token).to eq "abc"
         end
@@ -158,15 +88,10 @@
         )
       end
 
-      it "succeeds" do
-        result = client.connection.get "/whatever"
-        expect(result.status).to eq 200
-      end
-
       it "does not refresh token" do
         client.connection.get "/whatever"
 
-        refute_requested :post, %r{oauth/tokens}
+        expect_any_instance_of(ZendeskAPI::TokenRefresher).to receive(:refresh_token).never
         expect(client.config.access_token).to eq "xyz"
       end
     end
@@ -182,18 +107,12 @@
         body: "",
         headers: { content_type: "application/json" }
       )
-
-      stub_request(:post, %r{/oauth/tokens}).to_return(
-        status: 200,
-        body: refresh_token_body.to_json,
-        headers: { content_type: "application/json" }
-      )
     end
 
     it "refreshes token" do
       expect { client.connection.get "/whatever" }.to raise_error(ZendeskAPI::Error::Unauthorized)
 
-      refute_requested :post, %r{oauth/tokens}
+      expect_any_instance_of(ZendeskAPI::TokenRefresher).to receive(:refresh_token).never
     end
   end
 end