Made secrets only load once per container lifetime (#30)

Author: A3a3e1

CHANGELOG.md

@@ -1,3 +1,6 @@
+## 2.0.13 (May 26, 2022)
+* Made secrets only load once per container lifetime (per token expiration time in case of OAUTH2)
+
 ## 2.0.12 (April 08, 2022)
 
 * Update Sailor version to 2.6.27

component.json

@@ -1,6 +1,6 @@
 {
   "title": "REST API V2",
-  "version": "2.0.12",
+  "version": "2.0.13",
   "description": "A generic connector for accessing HTTP and REST APIs .",
   "authClientTypes": [
     "oauth2",
@@ -141,4 +141,4 @@
       }
     }
   }
-}
+}

lib/utils.js

@@ -52,6 +52,8 @@ const authTypes = {
 
 const CREDS_HEADER_TYPE = 'CREDS_HEADER_TYPE';
 
+let secret;
+
 /**
  * Executes the action's/trigger's logic by sending a request to the assigned URL and emitting response to the platform.
  * The function returns a Promise sending a request and resolving the response as platform message.
@@ -109,7 +111,9 @@ module.exports.processMethod = async function (msg, cfg) {
 
   const existingAuthHeader = (headers || []).find((header) => header._type === CREDS_HEADER_TYPE);
 
-  const secret = await getSecret(this, cfg.secretId);
+  if (!secret) {
+    secret = await getSecret(this, cfg.secretId);
+  }
   switch (secret.type) {
     case authTypes.BASIC:
       if (existingAuthHeader) {
@@ -169,6 +173,7 @@ module.exports.processMethod = async function (msg, cfg) {
       doImmediateRetry = false;
 
       return await buildRequestBody()
+        // eslint-disable-next-line no-loop-func
         .then(async () => {
           emitter.logger.trace('Got request body');
           let result;
@@ -177,17 +182,32 @@ module.exports.processMethod = async function (msg, cfg) {
             iteration -= 1;
             try {
               result = await request(requestOptions); // eslint-disable-line
+              // 'requestOptions.simple' means that in case of 401 or 403 an exception won't be thrown.
+              // For this case we throw an error manually.
+              if ((result.statusCode === 403 || result.statusCode === 401) && secret.type === authTypes.OAUTH2) {
+                const err = new Error('Request unauthorized. Failing...');
+                err.statusCode = result.statusCode;
+                throw err;
+              }
               break;
             } catch (e) {
               this.logger.error('Got request error');
               if ((e.statusCode === 403 || e.statusCode === 401) && secret.type === authTypes.OAUTH2) {
-                try {
-                  this.logger.info('Going to refresh token');
-                  const token = await refreshToken(this, cfg.secretId); // eslint-disable-line
-                  this.logger.info('Token successfully refreshed');
-                  requestOptions.headers.authorization = `Bearer ${token}`;
-                } catch (e) {
-                  this.logger.error('Failed to refresh token');
+                const newSecret = await getSecret(this, cfg.secretId);
+                if (secret.credentials.access_token !== newSecret.credentials.access_token) {
+                  this.logger.info('Secret has been changed, trying to use new one...');
+                  secret = newSecret;
+                  requestOptions.headers.authorization = `Bearer ${secret.credentials.access_token}`;
+                } else {
+                  try {
+                    this.logger.info('Going to refresh token');
+                    await refreshToken(this, cfg.secretId);
+                    secret = await getSecret(this, cfg.secretId);
+                    this.logger.info('Token successfully refreshed');
+                    requestOptions.headers.authorization = `Bearer ${secret.credentials.access_token}`;
+                  } catch (e) {
+                    this.logger.error('Failed to refresh token');
+                  }
                 }
               } else {
                 throw e;