Merge pull request #90 from manicminer/cached-authorizer-cleanup

Improve CachedAuthorizer
manicminer · Aug 31, 2021 · 6cf21c0 · 6cf21c0
2 parents 7a3d250 + 27ae44b
commit 6cf21c0
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 15 deletions.
diff --git a/auth/azcli.go b/auth/azcli.go
@@ -86,7 +86,7 @@ func NewAzureCliConfig(api Api, tenantId string) (*AzureCliConfig, error) {
 // TokenSource provides a source for obtaining access tokens using AzureCliAuthorizer.
 func (c *AzureCliConfig) TokenSource(ctx context.Context) Authorizer {
 	// Cache access tokens internally to avoid unnecessary `az` invocations
-	return CachedAuthorizer(AzureCliAuthorizer{
+	return NewCachedAuthorizer(&AzureCliAuthorizer{
 		TenantID: c.TenantID,
 		ctx:      ctx,
 		conf:     c,

diff --git a/auth/cache.go b/auth/cache.go
@@ -6,23 +6,25 @@ import (
 	"golang.org/x/oauth2"
 )
 
-// cachedAuthorizer caches a token until it expires, then acquires a new token from source
-type cachedAuthorizer struct {
-	source Authorizer
-	mutex  sync.RWMutex
-	token  *oauth2.Token
+// CachedAuthorizer caches a token until it expires, then acquires a new token from Source
+type CachedAuthorizer struct {
+	// Source contains the underlying Authorizer for obtaining tokens
+	Source Authorizer
+
+	mutex sync.RWMutex
+	token *oauth2.Token
 }
 
 // Token returns the current token if it's still valid, else will acquire a new token
-func (c *cachedAuthorizer) Token() (*oauth2.Token, error) {
+func (c *CachedAuthorizer) Token() (*oauth2.Token, error) {
 	c.mutex.RLock()
 	valid := c.token != nil && c.token.Valid()
 	c.mutex.RUnlock()
 
 	if !valid {
 		c.mutex.Lock()
 		defer c.mutex.Unlock()
-		token, err := c.source.Token()
+		token, err := c.Source.Token()
 		if err != nil {
 			return nil, err
 		}
@@ -32,10 +34,10 @@ func (c *cachedAuthorizer) Token() (*oauth2.Token, error) {
 	return c.token, nil
 }
 
-// CachedAuthorizer returns an Authorizer that caches an access token for the duration of its validity.
+// NewCachedAuthorizer returns an Authorizer that caches an access token for the duration of its validity.
 // If the cached token expires, a new one is acquired and cached.
-func CachedAuthorizer(src Authorizer) Authorizer {
-	return &cachedAuthorizer{
-		source: src,
+func NewCachedAuthorizer(src Authorizer) Authorizer {
+	return &CachedAuthorizer{
+		Source: src,
 	}
 }
diff --git a/auth/clientcredentials.go b/auth/clientcredentials.go
@@ -79,9 +79,9 @@ type ClientCredentialsConfig struct {
 func (c *ClientCredentialsConfig) TokenSource(ctx context.Context, authType ClientCredentialsType) (source Authorizer) {
 	switch authType {
 	case ClientCredentialsAssertionType:
-		source = CachedAuthorizer(clientAssertionAuthorizer{ctx, c})
+		source = NewCachedAuthorizer(&clientAssertionAuthorizer{ctx, c})
 	case ClientCredentialsSecretType:
-		source = CachedAuthorizer(clientSecretAuthorizer{ctx, c})
+		source = NewCachedAuthorizer(&clientSecretAuthorizer{ctx, c})
 	}
 	return
 }

diff --git a/auth/msi.go b/auth/msi.go
@@ -115,7 +115,7 @@ func NewMsiConfig(ctx context.Context, resource string, msiEndpoint string) (*Ms
 
 // TokenSource provides a source for obtaining access tokens using MsiAuthorizer.
 func (c *MsiConfig) TokenSource(ctx context.Context) Authorizer {
-	return CachedAuthorizer(&MsiAuthorizer{ctx: ctx, conf: c})
+	return NewCachedAuthorizer(&MsiAuthorizer{ctx: ctx, conf: c})
 }
 
 func azureMetadata(ctx context.Context, url string) (body []byte, err error) {