search

teslamotors / vehicle-command

Apache License 2.0
442 stars 101 forks source link

Proposal: create Account from refreshing oauth2.TokenSource #29

Open andig opened 1 year ago

andig commented 1 year ago

Creating account from token string and saving tokens inside the account is brittle since tokens expire. Instead, create Account by passing either an oauth2.Token or oauth2.TokenSource.

Using https://github.com/teslamotors/vehicle-command/issues/24, these tokens would then be refreshed.

andig commented 10 months ago

@sethterashima can I ask you to look into this issue? Its still unclear how to create long-running applications to handle access token expiry. It seems the idiomatic way doing this would be using an oauth2.TokenSource which #24 suggest. Is this on the roadmap or do you expect library consumers to use account.New() on token expiry?

andig commented 9 months ago

Friendly ping. This is an absolut blocker for any long-running application. How are applications supposed to perform token refresh with the current capabilities?

fabianhu commented 9 months ago

@andig
Hi, maybe have a look at my implementation . I just check, if I have to refresh the access token right before using it.
If it is expired I do a token refresh with the refresh token. Or do I not get the question?

andig commented 9 months ago

I just check, if I have to refresh the access token right before using it.

@fabianhu that's exactly what a Golang TokenSource does and is implemented in https://github.com/teslamotors/vehicle-command/pull/151. Point here is that the Account is presumably something long-lived. That is not possible if it works on a static token.

Imho this proposal is a more go-ish and fully-featured way of doing things.

pmpbaptista commented 2 months ago

@andig Hi, maybe have a look at my implementation . I just check, if I have to refresh the access token right before using it. If it is expired I do a token refresh with the refresh token. Or do I not get the question?

Currently I can only refresh tokens during +/- 24h ... after that, refreshing token returns 401 and I'm forced to login again to get a new CODE and then a new token/refresh_token

Does anyone know if I'm doing something wrong? Current refresh logic - https://github.com/codesquadnest/tesla-smart-charger/blob/main/tesla_smart_charger/cron/token_cron.py

@andig are you aware of this issue?

andig commented 2 months ago

Currently I can only refresh tokens during +/- 24h ... after that, refreshing token returns 401 and I'm forced to login again to get a new CODE and then a new token/refresh_token

When refreshing access tokens make sure to store the new refresh token, too.