From 4bd47e747a6f98c2a651ba4055bb8670254c1054 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Mon, 15 Jan 2024 12:29:56 +0100
Subject: [PATCH] Add code to refresh token

---
 jupyter/base/values/values.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/jupyter/base/values/values.yaml b/jupyter/base/values/values.yaml
index 4802add..b9848b6 100644
--- a/jupyter/base/values/values.yaml
+++ b/jupyter/base/values/values.yaml
@@ -12,9 +12,26 @@ hub:
   extraConfig:
     oauthCode: |
       import time
+      import requests
       from datetime import datetime
       from oauthenticator.generic import GenericOAuthenticator
 
+      def get_nextcloud_access_token(refresh_token):
+        client_id = os.environ['NEXTCLOUD_CLIENT_ID']
+        client_secret = os.environ['NEXTCLOUD_CLIENT_SECRET']
+
+        url = 'https://' + os.environ['NEXTCLOUD_HOST'] + '/index.php/apps/oauth2/api/v1/token'
+        code = refresh_token
+        data = {
+          'grant_type': refresh_token,
+          'code': code,
+          'refresh_token: refresh_token,
+          'client_id': client_id,
+          'client_secret': client_secret
+        }
+        response = requests.post(url, data=data)
+        return response.json()
+
       def post_auth_hook(authenticator, handler, authentication):
         user = authentication['auth_state']['oauth_user']['ocs']['data']['id']
         auth_state = authentication['auth_state']
@@ -54,6 +71,21 @@ hub:
           if now >= expires:
             if debug:
               print(f'Time is: {now_hr}, token expired: {expires_hr}')
+              print(f'Refreshing token for {user}')
+            try:
+              token_response = get_nextcloud_access_token(refresh_token)
+              auth_state['access_token'] = token_response['access_token']
+              auth_state['refresh_token'] = token_response['refresh_token']
+              auth_state['token_expires'] = now + token_response['expires_in']
+              auth_state['token_response'] = token_response
+              if debug:
+                print(f'Successfully refreshed token for {user}')
+                print(f'auth_state for {user}: {auth_state}')
+              return auth_state
+            except Exception as e:
+              if debug:
+                print(f'Failed to refresh token for {user}')
+              return False
             return False
           if debug:
             print(f'Time is: {now_hr}, token expires: {expires_hr}')