fix: do not fail if keychain access failed (#197)

* fix: continue if keychain failed * remove unused code
auth0 · Mar 26, 2021 · 78c6eb3 · 78c6eb3
1 parent f5aebc3
commit 78c6eb3
Show file tree

Hide file tree

Showing 7 changed files with 534 additions and 39 deletions.
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
@@ -19,7 +19,8 @@ const (
 	oauthTokenEndpoint = "https://auth0.auth0.com/oauth/token"
 	audiencePath       = "/api/v2/"
 
-	secretsNamespace = "auth0-cli"
+	// namespace used to set/get values from the keychain
+	SecretsNamespace = "auth0-cli"
 )
 
 var requiredScopes = []string{
@@ -31,25 +32,22 @@ var requiredScopes = []string{
 	"read:client_keys", "read:logs",
 }
 
-// SecretStore provides secure storage for sensitive data
+// SecretStore provides access to stored sensitive data.
 type SecretStore interface {
-	// Set sets the secret
-	Set(namespace, key, value string) error
 	// Get gets the secret
 	Get(namespace, key string) (string, error)
 	// Delete removes the secret
 	Delete(namespace, key string) error
 }
 
-type Authenticator struct {
-	Secrets SecretStore
-}
+type Authenticator struct{}
 
 type Result struct {
-	Tenant      string
-	Domain      string
-	AccessToken string
-	ExpiresIn   int64
+	Tenant       string
+	Domain       string
+	RefreshToken string
+	AccessToken  string
+	ExpiresIn    int64
 }
 
 type State struct {
@@ -122,17 +120,12 @@ func (a *Authenticator) Wait(ctx context.Context, state State) (Result, error) {
 				return Result{}, fmt.Errorf("cannot parse tenant from the given access token: %w", err)
 			}
 
-			// store the refresh token
-			err = a.Secrets.Set(secretsNamespace, ten, res.RefreshToken)
-			if err != nil {
-				return Result{}, fmt.Errorf("cannot store refresh token: %w", err)
-			}
-
 			return Result{
-				AccessToken: res.AccessToken,
-				ExpiresIn:   res.ExpiresIn,
-				Tenant:      ten,
-				Domain:      domain,
+				RefreshToken: res.RefreshToken,
+				AccessToken:  res.AccessToken,
+				ExpiresIn:    res.ExpiresIn,
+				Tenant:       ten,
+				Domain:       domain,
 			}, nil
 		}
 	}

diff --git a/internal/auth/mock/auth.go b/internal/auth/mock/auth.go
diff --git a/internal/auth/secrets.go b/internal/auth/secrets.go
@@ -1,6 +1,8 @@
 package auth
 
-import "github.com/zalando/go-keyring"
+import (
+	"github.com/zalando/go-keyring"
+)
 
 type Keyring struct{}
 

diff --git a/internal/auth/token.go b/internal/auth/token.go
@@ -24,14 +24,14 @@ type TokenRetriever struct {
 
 // Delete deletes the given tenant from the secrets storage.
 func (t *TokenRetriever) Delete(tenant string) error {
-	return t.Secrets.Delete(secretsNamespace, tenant)
+	return t.Secrets.Delete(SecretsNamespace, tenant)
 }
 
 // Refresh gets a new access token from the provided refresh token,
 // The request is used the default client_id and endpoint for device authentication.
 func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error) {
 	// get stored refresh token:
-	refreshToken, err := t.Secrets.Get(secretsNamespace, tenant)
+	refreshToken, err := t.Secrets.Get(SecretsNamespace, tenant)
 	if err != nil {
 		return TokenResponse{}, fmt.Errorf("cannot get the stored refresh token: %w", err)
 	}