fix: Add the TokenIssueAtFunc and TokenExpireAtFunc to prevent 401 when the default server time is abnormal

richzw · richzw · commit 87de1a05b429 · 2024-05-20T16:53:40.000+08:00
diff --git a/store.go b/store.go
@@ -36,11 +36,13 @@ const (
 )
 
 type StoreConfig struct {
-	KeyContent []byte // Loads a .p8 certificate
-	KeyID      string // Your private key ID from App Store Connect (Ex: 2X9R4HXF34)
-	BundleID   string // Your app’s bundle ID
-	Issuer     string // Your issuer ID from the Keys page in App Store Connect (Ex: "57246542-96fe-1a63-e053-0824d011072a")
-	Sandbox    bool   // default is Production
+	KeyContent         []byte       // Loads a .p8 certificate
+	KeyID              string       // Your private key ID from App Store Connect (Ex: 2X9R4HXF34)
+	BundleID           string       // Your app’s bundle ID
+	Issuer             string       // Your issuer ID from the Keys page in App Store Connect (Ex: "57246542-96fe-1a63-e053-0824d011072a")
+	Sandbox            bool         // default is Production
+	TokenIssuedAtFunc  func() int64 // The token’s creation time func. Default is current timestamp.
+	TokenExpiredAtFunc func() int64 // The token’s expiration time func. Default is one hour later.
 }
 
 type StoreClient struct {
diff --git a/token.go b/token.go
@@ -24,11 +24,13 @@ var (
 type Token struct {
 	sync.Mutex
 
-	KeyContent []byte // Loads a .p8 certificate
-	KeyID      string // Your private key ID from App Store Connect (Ex: 2X9R4HXF34)
-	BundleID   string // Your app’s bundle ID
-	Issuer     string // Your issuer ID from the Keys page in App Store Connect (Ex: "57246542-96fe-1a63-e053-0824d011072a")
-	Sandbox    bool   // default is Production
+	KeyContent    []byte       // Loads a .p8 certificate
+	KeyID         string       // Your private key ID from App Store Connect (Ex: 2X9R4HXF34)
+	BundleID      string       // Your app’s bundle ID
+	Issuer        string       // Your issuer ID from the Keys page in App Store Connect (Ex: "57246542-96fe-1a63-e053-0824d011072a")
+	Sandbox       bool         // default is Production
+	IssuedAtFunc  func() int64 // The token’s creation time func. Default is current timestamp.
+	ExpiredAtFunc func() int64 // The token’s expiration time func.
 
 	// internal variables
 	AuthKey   *ecdsa.PrivateKey // .p8 private key
@@ -45,14 +47,16 @@ func (t *Token) WithConfig(c *StoreConfig) {
 	t.BundleID = c.BundleID
 	t.Issuer = c.Issuer
 	t.Sandbox = c.Sandbox
+	t.IssuedAtFunc = c.TokenIssuedAtFunc
+	t.ExpiredAtFunc = c.TokenExpiredAtFunc
 }
 
 // GenerateIfExpired checks to see if the token is about to expire and generates a new token.
 func (t *Token) GenerateIfExpired() (string, error) {
 	t.Lock()
 	defer t.Unlock()
 
-	if t.Expired() {
+	if t.Expired() || t.Bearer == "" {
 		err := t.Generate()
 		if err != nil {
 			return "", err
@@ -76,7 +80,13 @@ func (t *Token) Generate() error {
 	t.AuthKey = key
 
 	issuedAt := time.Now().Unix()
+	if t.IssuedAtFunc != nil {
+		issuedAt = t.IssuedAtFunc()
+	}
 	expiredAt := time.Now().Add(time.Duration(1) * time.Hour).Unix()
+	if t.ExpiredAtFunc != nil {
+		expiredAt = t.ExpiredAtFunc()
+	}
 	jwtToken := &jwt.Token{
 		Header: map[string]interface{}{
 			"alg": "ES256",
