twitch-bot/internal/actors/spotify/auth.go

102 lines
3.2 KiB
Go
Raw Normal View History

package spotify
import (
"context"
"fmt"
"net/http"
"strings"
"time"
"github.com/Luzifer/twitch-bot/v3/internal/locker"
"github.com/sirupsen/logrus"
"golang.org/x/oauth2"
)
const expiryGrace = 10 * time.Second
func getAuthorizedClient(channel, redirectURL string) (client *http.Client, err error) {
// In templating functions are called multiple times at once which
// with Spotify replacing the refresh-token on each renew would kill
// the stored token when multiple spotify functions are called at
// once. Therefore we do have this method locking itself until it
// has successfully made one request to the users profile and therefore
// renewed the token. The next request then will use the token the
// previous request renewed.
locker.LockByKey(strings.Join([]string{"spotify", "api-access", channel}, ":"))
defer locker.UnlockByKey(strings.Join([]string{"spotify", "api-access", channel}, ":"))
conf, err := oauthConfig(channel, redirectURL)
if err != nil {
return nil, fmt.Errorf("getting oauth config: %w", err)
}
var token *oauth2.Token
if err = db.ReadEncryptedCoreMeta(strings.Join([]string{"spotify-auth", channel}, ":"), &token); err != nil {
return nil, fmt.Errorf("loading oauth token: %w", err)
}
ts := conf.TokenSource(context.Background(), token)
if token.Expiry.After(time.Now().Add(expiryGrace)) {
// Token is still valid long enough, we spare the resources to do
// the profile fetch and directly return the client with the token
// as the scenario described here does not apply.
return oauth2.NewClient(context.Background(), ts), nil
}
logrus.WithField("channel", channel).Debug("refreshing spotify token")
ctx, cancel := context.WithTimeout(context.Background(), spotifyRequestTimeout)
defer cancel()
// We do a request to /me once to refresh the token if needed
req, err := http.NewRequestWithContext(ctx, http.MethodGet, "https://api.spotify.com/v1/me", nil)
if err != nil {
return nil, fmt.Errorf("creating currently-playing request: %w", err)
}
oauthClient := oauth2.NewClient(context.Background(), ts)
resp, err := oauthClient.Do(req)
if err != nil {
return nil, fmt.Errorf("executing request: %w", err)
}
defer func() {
if err := resp.Body.Close(); err != nil {
logrus.WithError(err).Error("closing Spotify response body (leaked fd)")
}
}()
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("requesting user profile: %w", err)
}
updToken, err := ts.Token()
if err != nil {
return nil, fmt.Errorf("getting updated token: %w", err)
}
if err := db.StoreEncryptedCoreMeta(strings.Join([]string{"spotify-auth", channel}, ":"), updToken); err != nil {
logrus.WithError(err).Error("storing back Spotify auth token")
}
return oauthClient, nil
}
func oauthConfig(channel, redirectURL string) (conf *oauth2.Config, err error) {
clientID, err := getModuleConfig(actorName, channel).String("clientId")
if err != nil {
return nil, fmt.Errorf("getting clientId for channel: %w", err)
}
return &oauth2.Config{
ClientID: clientID,
Endpoint: oauth2.Endpoint{
AuthURL: "https://accounts.spotify.com/authorize",
TokenURL: "https://accounts.spotify.com/api/token",
},
RedirectURL: redirectURL,
Scopes: []string{"user-read-currently-playing"},
}, nil
}