feat: add context to all client calls (#345)

BREAKING CHANGE closes #309
2023-03-23 16:31:38 +02:00 · 2023-03-23 16:31:38 +02:00 · 6af94fded0
commit 6af94fded0
parent 33c716ddcf
14 changed files with 124 additions and 99 deletions
--- a/pkg/client/profile/jwt_profile.go
+++ b/pkg/client/profile/jwt_profile.go
@ -1,6 +1,7 @@
 package profile

 import (
+	"context"
 	"net/http"
 	"time"

@ -11,9 +12,12 @@ import (
 	"github.com/zitadel/oidc/v3/pkg/oidc"
 )

-// jwtProfileTokenSource implement the oauth2.TokenSource
-// it will request a token using the OAuth2 JWT Profile Grant
-// therefore sending an `assertion` by singing a JWT with the provided private key
+type TokenSource interface {
+	oauth2.TokenSource
+	TokenCtx(context.Context) (*oauth2.Token, error)
+}
+
+// jwtProfileTokenSource implements the TokenSource
 type jwtProfileTokenSource struct {
 	clientID      string
 	audience      []string
@ -23,23 +27,38 @@ type jwtProfileTokenSource struct {
 	tokenEndpoint string
 }

-func NewJWTProfileTokenSourceFromKeyFile(issuer, keyPath string, scopes []string, options ...func(source *jwtProfileTokenSource)) (oauth2.TokenSource, error) {
-	keyData, err := client.ConfigFromKeyFile(keyPath)
+// NewJWTProfileTokenSourceFromKeyFile returns an implementation of TokenSource
+// It will request a token using the OAuth2 JWT Profile Grant,
+// therefore sending an `assertion` by singing a JWT with the provided private key from jsonFile.
+//
+// The passed context is only used for the call to the Discover endpoint.
+func NewJWTProfileTokenSourceFromKeyFile(ctx context.Context, issuer, jsonFile string, scopes []string, options ...func(source *jwtProfileTokenSource)) (TokenSource, error) {
+	keyData, err := client.ConfigFromKeyFile(jsonFile)
 	if err != nil {
 		return nil, err
 	}
-	return NewJWTProfileTokenSource(issuer, keyData.UserID, keyData.KeyID, []byte(keyData.Key), scopes, options...)
+	return NewJWTProfileTokenSource(ctx, issuer, keyData.UserID, keyData.KeyID, []byte(keyData.Key), scopes, options...)
 }

-func NewJWTProfileTokenSourceFromKeyFileData(issuer string, data []byte, scopes []string, options ...func(source *jwtProfileTokenSource)) (oauth2.TokenSource, error) {
-	keyData, err := client.ConfigFromKeyFileData(data)
+// NewJWTProfileTokenSourceFromKeyFileData returns an implementation of oauth2.TokenSource
+// It will request a token using the OAuth2 JWT Profile Grant,
+// therefore sending an `assertion` by singing a JWT with the provided private key in jsonData.
+//
+// The passed context is only used for the call to the Discover endpoint.
+func NewJWTProfileTokenSourceFromKeyFileData(ctx context.Context, issuer string, jsonData []byte, scopes []string, options ...func(source *jwtProfileTokenSource)) (TokenSource, error) {
+	keyData, err := client.ConfigFromKeyFileData(jsonData)
 	if err != nil {
 		return nil, err
 	}
-	return NewJWTProfileTokenSource(issuer, keyData.UserID, keyData.KeyID, []byte(keyData.Key), scopes, options...)
+	return NewJWTProfileTokenSource(ctx, issuer, keyData.UserID, keyData.KeyID, []byte(keyData.Key), scopes, options...)
 }

-func NewJWTProfileTokenSource(issuer, clientID, keyID string, key []byte, scopes []string, options ...func(source *jwtProfileTokenSource)) (oauth2.TokenSource, error) {
+// NewJWTProfileSource returns an implementation of oauth2.TokenSource
+// It will request a token using the OAuth2 JWT Profile Grant,
+// therefore sending an `assertion` by singing a JWT with the provided private key.
+//
+// The passed context is only used for the call to the Discover endpoint.
+func NewJWTProfileTokenSource(ctx context.Context, issuer, clientID, keyID string, key []byte, scopes []string, options ...func(source *jwtProfileTokenSource)) (TokenSource, error) {
 	signer, err := client.NewSignerFromPrivateKeyByte(key, keyID)
 	if err != nil {
 		return nil, err
@ -55,7 +74,7 @@ func NewJWTProfileTokenSource(issuer, clientID, keyID string, key []byte, scopes
 		opt(source)
 	}
 	if source.tokenEndpoint == "" {
-		config, err := client.Discover(issuer, source.httpClient)
+		config, err := client.Discover(ctx, issuer, source.httpClient)
 		if err != nil {
 			return nil, err
 		}
@ -64,13 +83,13 @@ func NewJWTProfileTokenSource(issuer, clientID, keyID string, key []byte, scopes
 	return source, nil
 }

-func WithHTTPClient(client *http.Client) func(*jwtProfileTokenSource) {
+func WithHTTPClient(client *http.Client) func(source *jwtProfileTokenSource) {
 	return func(source *jwtProfileTokenSource) {
 		source.httpClient = client
 	}
 }

-func WithStaticTokenEndpoint(issuer, tokenEndpoint string) func(*jwtProfileTokenSource) {
+func WithStaticTokenEndpoint(issuer, tokenEndpoint string) func(source *jwtProfileTokenSource) {
 	return func(source *jwtProfileTokenSource) {
 		source.tokenEndpoint = tokenEndpoint
 	}
@ -85,9 +104,13 @@ func (j *jwtProfileTokenSource) HttpClient() *http.Client {
 }

 func (j *jwtProfileTokenSource) Token() (*oauth2.Token, error) {
+	return j.TokenCtx(context.Background())
+}
+
+func (j *jwtProfileTokenSource) TokenCtx(ctx context.Context) (*oauth2.Token, error) {
 	assertion, err := client.SignedJWTProfileAssertion(j.clientID, j.audience, time.Hour, j.signer)
 	if err != nil {
 		return nil, err
 	}
-	return client.JWTProfileExchange(oidc.NewJWTProfileGrantRequest(assertion, j.scopes...), j)
+	return client.JWTProfileExchange(ctx, oidc.NewJWTProfileGrantRequest(assertion, j.scopes...), j)
 }