From 45161c567fa508b468ebe4211f8f257afdc704a4 Mon Sep 17 00:00:00 2001
From: Katrina Rogan <katroganGH@gmail.com>
Date: Wed, 5 Oct 2022 15:45:11 -0700
Subject: [PATCH] Update token source provider to optionally call
 GetPublicClientConfig (#326)

* Update token source provider

Signed-off-by: Katrina Rogan <katroganGH@gmail.com>

* GH actions incident

Signed-off-by: Katrina Rogan <katroganGH@gmail.com>

Signed-off-by: Katrina Rogan <katroganGH@gmail.com>
Signed-off-by: Eduardo Apolinario <eapolinario@users.noreply.github.com>
---
 .../clients/go/admin/token_source_provider.go | 20 +++++++++----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/flyteidl/clients/go/admin/token_source_provider.go b/flyteidl/clients/go/admin/token_source_provider.go
index 9890c75daa7..78a1952ab19 100644
--- a/flyteidl/clients/go/admin/token_source_provider.go
+++ b/flyteidl/clients/go/admin/token_source_provider.go
@@ -45,12 +45,16 @@ func NewTokenSourceProvider(ctx context.Context, cfg *Config, tokenCache cache.T
 			tokenURL = metadata.TokenEndpoint
 		}
 
-		clientMetadata, err := authClient.GetPublicClientConfig(ctx, &service.PublicClientAuthConfigRequest{})
-		if err != nil {
-			return nil, fmt.Errorf("failed to fetch client metadata. Error: %v", err)
+		scopes := cfg.Scopes
+		if len(scopes) == 0 {
+			clientMetadata, err := authClient.GetPublicClientConfig(ctx, &service.PublicClientAuthConfigRequest{})
+			if err != nil {
+				return nil, fmt.Errorf("failed to fetch client metadata. Error: %v", err)
+			}
+			scopes = clientMetadata.Scopes
 		}
 
-		tokenProvider, err = NewClientCredentialsTokenSourceProvider(ctx, cfg, clientMetadata, tokenURL)
+		tokenProvider, err = NewClientCredentialsTokenSourceProvider(ctx, cfg, scopes, tokenURL)
 		if err != nil {
 			return nil, err
 		}
@@ -148,8 +152,7 @@ type ClientCredentialsTokenSourceProvider struct {
 	TokenRefreshWindow time.Duration
 }
 
-func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config,
-	clientMetadata *service.PublicClientAuthConfigResponse, tokenURL string) (TokenSourceProvider, error) {
+func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config, scopes []string, tokenURL string) (TokenSourceProvider, error) {
 	var secret string
 	if len(cfg.ClientSecretEnvVar) > 0 {
 		secret = os.Getenv(cfg.ClientSecretEnvVar)
@@ -162,11 +165,6 @@ func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config,
 		secret = string(secretBytes)
 	}
 	secret = strings.TrimSpace(secret)
-
-	scopes := cfg.Scopes
-	if len(scopes) == 0 {
-		scopes = clientMetadata.Scopes
-	}
 	return ClientCredentialsTokenSourceProvider{
 		ccConfig: clientcredentials.Config{
 			ClientID:     cfg.ClientID,