diff options
| author | William Carroll <wpcarro@gmail.com> | 2020-02-09T01·07+0000 |
|---|---|---|
| committer | William Carroll <wpcarro@gmail.com> | 2020-02-10T10·06+0000 |
| commit | 7f8a5176ce4bebfb01fa5333791c8f14ad8cef45 (patch) | |
| tree | 179d0d3e745dde23da32bb73d435478cee1dc145 /monzo_ynab/requests.txt | |
| parent | e3ee0734e512b7e994fe38e39479b35dba8ee6b7 (diff) | |
Create server for managing Monzo credentials
I created a server to manage my access and refresh tokens. This server exposes a
larger API than it needs to at the moment, but that should change. The goal is
to expose a GET at /token to retrieve a valid access token. The server should
take care of refreshing tokens before they expire and getting entirely new
tokens, should they become so stale that I need to re-authorize my application.
A lot of my development of this project has been clumsy. I'm new to Go; I didn't
understand OAuth2.0; I'm learning concurrent programming (outside of the context
of comfortable Elixir/Erlang).
My habits for writing programs in compiled languages feels amateurish. I find
myself dropping log.Println's all over the source code when I should be using
proper debugging tools like Delve and properly logging with things like
httputil.Dump{Request,Response}.
The application right now is in a transitional state. There is still plenty of
code in main.go that belongs in tokens.go. For instance, the client
authorization code belongs in the tokens server.
Another question I haven't answered is where is the monzo client that I can use
to make function calls like `monzo.Transactions` or `monzo.Accounts`?
The benefit of having a tokens server is that it allows me to maintain state of
the tokens while I'm developing. This way, I can stop and start main.go without
disturbing the state of the access tokens. Of course this isn't the primary
benefit, which is to abstract over the OAuth details and expose an API
that gives me an access token whenever I request one.
The first benefit that I listed could and perhaps should be solved by
introducing some simple persistence. I'd like to write the access tokens to disk
when I shutdown the tokens server and read them from disk when I start the
tokens server. This will come. I could have done this before introducing the
tokens server, and it would have saved me a few hours I think.
Where has my time gone? Mostly I've been re-authorizing my client
unnecessarily. This process is expensive because it opens a web browser, asks me
to enter my email address, sends me an email, I then click the link in that
email. Overall this takes maybe 1-3 minutes in total. Before my tokens server
existed, however, I was doing this about 10-20 times per hour. It's a little
disappointing that I didn't rectify this earlier. I'd like to remain vigilant
and avoid making similar workflow mistakes as I move ahead.
Diffstat (limited to 'monzo_ynab/requests.txt')
| -rw-r--r-- | monzo_ynab/requests.txt | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/monzo_ynab/requests.txt b/monzo_ynab/requests.txt index 4e35e6b6c8dd..5698dfee3763 100644 --- a/monzo_ynab/requests.txt +++ b/monzo_ynab/requests.txt @@ -34,3 +34,25 @@ Content-Type: application/x-www-form-urlencoded Authorization: Bearer :monzo-access-token grant_type=refresh_token&client_id=:monzo-client-id&client_secret=:monzo-client-secret&refresh_token=:monzo-refresh-token +################################################################################ +# Tokens server +################################################################################ +:tokens = http://localhost:4242 + +# Get tokens +GET :tokens/tokens + +# Get application state for debugging purposes +GET :tokens/state + +# Force refresh tokens +POST :tokens/refresh-tokens + +# Set tokens +POST :tokens/set-tokens +Content-Type: application/json +{ + "access_token": "access-token", + "refresh_token": "refresh-token", + "expires_in": 120 +} |