Create NatsAuthOpts.TokenHandler

nats-io · Jan 14, 2025 · 21c6654 · 21c6654
1 parent b27eb7c
commit 21c6654
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 3 deletions.
diff --git a/src/NATS.Client.Core/Internal/UserCredentials.cs b/src/NATS.Client.Core/Internal/UserCredentials.cs
@@ -11,6 +11,7 @@ public UserCredentials(NatsAuthOpts authOpts)
         Seed = authOpts.Seed;
         NKey = authOpts.NKey;
         Token = authOpts.Token;
+        TokenHandler = authOpts.TokenHandler;
 
         if (!string.IsNullOrEmpty(authOpts.CredsFile))
         {
@@ -31,6 +32,8 @@ public UserCredentials(NatsAuthOpts authOpts)
 
     public string? Token { get; }
 
+    public Func<ValueTask<string>>? TokenHandler { get; }
+
     public string? Sign(string? nonce)
     {
         if (Seed == null || nonce == null)
@@ -43,11 +46,11 @@ public UserCredentials(NatsAuthOpts authOpts)
         return sig;
     }
 
-    internal void Authenticate(ClientOpts opts, ServerInfo? info)
+    internal async Task AuthenticateAsync(ClientOpts opts, ServerInfo? info)
     {
         opts.JWT = Jwt;
         opts.NKey = NKey;
-        opts.AuthToken = Token;
+        opts.AuthToken = TokenHandler != null ? await TokenHandler().ConfigureAwait(false) : Token;
         opts.Sig = info is { AuthRequired: true, Nonce: { } } ? Sign(info.Nonce) : null;
     }
 

diff --git a/src/NATS.Client.Core/NatsAuthOpts.cs b/src/NATS.Client.Core/NatsAuthOpts.cs
@@ -10,6 +10,12 @@ public record NatsAuthOpts
 
     public string? Token { get; init; }
 
+    /// <summary>
+    /// A callback that returns a token string.
+    /// If this is set, it takes precedence over <see cref="Token"/>.
+    /// </summary>
+    public Func<ValueTask<string>>? TokenHandler { get; init; }
+
     public string? Jwt { get; init; }
 
     public string? NKey { get; init; }
@@ -23,6 +29,7 @@ public record NatsAuthOpts
     public bool IsAnonymous => string.IsNullOrEmpty(Username)
                                && string.IsNullOrEmpty(Password)
                                && string.IsNullOrEmpty(Token)
+                               && TokenHandler == null
                                && string.IsNullOrEmpty(Jwt)
                                && string.IsNullOrEmpty(Seed)
                                && string.IsNullOrEmpty(CredsFile)

diff --git a/src/NATS.Client.Core/NatsConnection.cs b/src/NATS.Client.Core/NatsConnection.cs
@@ -461,7 +461,10 @@ private async ValueTask SetupReaderWriterAsync(bool reconnect)
             infoParsedSignal.SetResult();
 
             // Authentication
-            _userCredentials?.Authenticate(_clientOpts, WritableServerInfo);
+            if (_userCredentials != null)
+            {
+                await _userCredentials.AuthenticateAsync(_clientOpts, WritableServerInfo).ConfigureAwait(false);
+            }
 
             await using (var priorityCommandWriter = new PriorityCommandWriter(this, _pool, _socket!, Opts, Counter, EnqueuePing))
             {