MCPcopy
hub / github.com/openai/openai-go / refreshToken

Method refreshToken

auth/workloadidentity.go:169–260  ·  view source on GitHub ↗
(ctx context.Context, httpClient HTTPDoer)

Source from the content-addressed store, hash-verified

167}
168
169func (w *WorkloadIdentityAuth) refreshToken(ctx context.Context, httpClient HTTPDoer) (string, error) {
170 if httpClient == nil {
171 httpClient = http.DefaultClient
172 }
173
174 subjectToken, err := w.config.Provider.GetToken(ctx, httpClient)
175 if err != nil {
176 return "", err
177 }
178
179 subjectTokenType := w.config.Provider.TokenType()
180 var subjectTokenTypeURN string
181 switch subjectTokenType {
182 case SubjectTokenTypeJWT:
183 subjectTokenTypeURN = JWTTokenType
184 case SubjectTokenTypeID:
185 subjectTokenTypeURN = IDTokenType
186 default:
187 return "", fmt.Errorf("unsupported subject token type %q", subjectTokenType)
188 }
189
190 requestBody := tokenExchangeRequest{
191 GrantType: TokenExchangeGrantType,
192 ClientID: w.config.ClientID,
193 SubjectToken: subjectToken,
194 SubjectTokenType: subjectTokenTypeURN,
195 IdentityProviderID: w.config.IdentityProviderID,
196 ServiceAccountID: w.config.ServiceAccountID,
197 }
198
199 jsonBody, err := json.Marshal(requestBody)
200 if err != nil {
201 return "", fmt.Errorf("failed to marshal token exchange request: %w", err)
202 }
203
204 req, err := http.NewRequestWithContext(ctx, "POST", TokenExchangeURL, bytes.NewReader(jsonBody))
205 if err != nil {
206 return "", fmt.Errorf("failed to create token exchange request: %w", err)
207 }
208 req.Header.Set("Content-Type", "application/json")
209
210 resp, err := httpClient.Do(req)
211 if err != nil {
212 return "", fmt.Errorf("failed to exchange token: %w", err)
213 }
214 defer resp.Body.Close()
215
216 body, err := io.ReadAll(resp.Body)
217 if err != nil {
218 return "", fmt.Errorf("failed to read token exchange response: %w", err)
219 }
220
221 if resp.StatusCode == http.StatusBadRequest || resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
222 var oauthErr struct {
223 Error string `json:"error"`
224 ErrorDescription string `json:"error_description"`
225 }
226 if json.Unmarshal(body, &oauthErr) == nil {

Callers 2

GetTokenMethod · 0.95

Calls 5

OAuthErrorCodeTypeAlias · 0.92
GetTokenMethod · 0.65
TokenTypeMethod · 0.65
DoMethod · 0.65
CloseMethod · 0.65

Tested by

no test coverage detected