@@ -98,6 +98,10 @@ func (p *Provider) revokeToken(refreshToken string) error {
9898 return p .kc .revokeToken (refreshToken )
9999}
100100
101+ func (p * Provider ) refreshToken (refreshToken string ) (* TokenRepr , error ) {
102+ return p .kc .refreshToken (refreshToken )
103+ }
104+
101105func GetLoginPageHandler (prov * Provider , logger * zap.Logger ) gin.HandlerFunc {
102106 return func (c * gin.Context ) {
103107 logger .Info ("start to process login page request" )
@@ -227,3 +231,35 @@ func PutLogoutHandler(prov *Provider, logger *zap.Logger) gin.HandlerFunc {
227231 c .Status (http .StatusNoContent )
228232 }
229233}
234+
235+ type RefreshTokenReq struct {
236+ RefreshToken string `json:"refresh_token"`
237+ }
238+
239+ func PostRefreshHandler (prov * Provider , logger * zap.Logger ) gin.HandlerFunc {
240+ return func (c * gin.Context ) {
241+ logger .Info ("start processing refresh token request" )
242+
243+ var req RefreshTokenReq
244+ err := c .ShouldBindJSON (& req )
245+ if err != nil {
246+ apiErrors .RaiseBadRequestErr (c , apiErrors .ErrAuthMissingRefreshToken )
247+ return
248+ }
249+
250+ token , err := prov .refreshToken (req .RefreshToken )
251+ if err != nil {
252+ var keycloakErrorResponse KeycloakExternalError
253+ switch {
254+ case errors .As (err , & keycloakErrorResponse ):
255+ apiErrors .RaiseBadRequestErr (c , keycloakErrorResponse )
256+ default :
257+ logger .Error ("failed to refresh token" , zap .Error (err ))
258+ apiErrors .RaiseInternalErr (c , apiErrors .ErrAuthFailedRefreshToken )
259+ }
260+
261+ return
262+ }
263+ c .JSON (http .StatusOK , token )
264+ }
265+ }
0 commit comments