From 47faff3eff931cf7813f9a085625e2b9de2d3fc8 Mon Sep 17 00:00:00 2001
From: smainz <stefan@mainz.ws>
Date: Sat, 19 Nov 2022 21:47:47 +0100
Subject: [PATCH] Refresh token before executing a cron pipeline (#1432)

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Anbraten <anton@ju60.de>
---
 server/cron/cron.go | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/server/cron/cron.go b/server/cron/cron.go
index b02a01d24..f1f5f52c9 100644
--- a/server/cron/cron.go
+++ b/server/cron/cron.go
@@ -105,7 +105,7 @@ func runCron(store store.Store, forge forge.Forge, cron *model.Cron, now time.Ti
 	return err
 }
 
-func CreatePipeline(ctx context.Context, store store.Store, forge forge.Forge, cron *model.Cron) (*model.Repo, *model.Pipeline, error) {
+func CreatePipeline(ctx context.Context, store store.Store, f forge.Forge, cron *model.Cron) (*model.Repo, *model.Pipeline, error) {
 	repo, err := store.GetRepo(cron.RepoID)
 	if err != nil {
 		return nil, nil, err
@@ -121,7 +121,23 @@ func CreatePipeline(ctx context.Context, store store.Store, forge forge.Forge, c
 		return nil, nil, err
 	}
 
-	commit, err := forge.BranchHead(ctx, creator, repo, cron.Branch)
+	// if the forge has a refresh token, the current access token
+	// may be stale. Therefore, we should refresh prior to dispatching
+	// the pipeline.
+	if refresher, ok := f.(forge.Refresher); ok {
+		refreshed, err := refresher.Refresh(ctx, creator)
+		log.Debug().Msgf("token refreshed: %t", refreshed)
+		if err != nil {
+			log.Error().Err(err).Msgf("failed to refresh oauth2 token for creator: %s", creator.Login)
+		} else if refreshed {
+			if err := store.UpdateUser(creator); err != nil {
+				log.Error().Err(err).Msgf("error while updating creator: %s", creator.Login)
+				// move forward
+			}
+		}
+	}
+
+	commit, err := f.BranchHead(ctx, creator, repo, cron.Branch)
 	if err != nil {
 		return nil, nil, err
 	}