Class: XeroKiwi::TokenRefresher

Inherits:

Object

• Object
• XeroKiwi::TokenRefresher

Defined in:

lib/xero_kiwi/token_refresher.rb

Overview

Talks to Xero’s OAuth2 token endpoint to exchange a refresh token for a fresh access/refresh pair. Lives separately from Client because:

• It hits a different host (identity.xero.com, not api.xero.com)

• It uses HTTP Basic auth instead of bearer auth

• It’s stateless — Client owns the token state and asks Refresher to do the network round-trip

See: developer.xero.com/documentation/guides/oauth2/auth-flow#refreshing-access-and-refresh-tokens

Instance Method Summary

• #initialize(client_id:, client_secret:, adapter: nil) ⇒ TokenRefresher constructor

  A new instance of TokenRefresher.

• #refresh(refresh_token:) ⇒ Object

  Performs the refresh round-trip and returns a fresh XeroKiwi::Token.

Constructor Details

#initialize(client_id:, client_secret:, adapter: nil) ⇒ TokenRefresher

Returns a new instance of TokenRefresher.

# File 'lib/xero_kiwi/token_refresher.rb', line 16

def initialize(client_id:, client_secret:, adapter: nil)
  @client_id     = client_id
  @client_secret = client_secret
  @adapter       = adapter
end

Instance Method Details

#refresh(refresh_token:) ⇒ Object

Performs the refresh round-trip and returns a fresh XeroKiwi::Token. Raises TokenRefreshError if Xero rejects the refresh (typically: refresh token expired or already rotated, or wrong client credentials).

# File 'lib/xero_kiwi/token_refresher.rb', line 25

def refresh(refresh_token:)
  raise ArgumentError, "refresh_token is required" if refresh_token.nil? || refresh_token.empty?

  requested_at = Time.now
  response     = post_refresh(refresh_token)
  Token.from_oauth_response(response.body, requested_at: requested_at)
rescue AuthenticationError, ClientError => e
  raise TokenRefreshError.new(e.status, e.body)
end