func()

in oauth2/device_code_flow.go [110:152]

• 37 lines of code
• 6 McCabe index (conditional complexity)

func (p *DeviceCodeFlow) Authorize(audience string) (*AuthorizationGrant, error) {

	var additionalScopes []string
	additionalScopes = append(additionalScopes, p.options.AdditionalScopes...)
	if p.options.AllowRefresh {
		additionalScopes = append(additionalScopes, "offline_access")
	}

	codeResult, err := p.codeProvider.GetCode(audience, additionalScopes...)
	if err != nil {
		return nil, err
	}

	if p.callback != nil {
		err := p.callback(codeResult)
		if err != nil {
			return nil, err
		}
	}

	exchangeRequest := DeviceCodeExchangeRequest{
		TokenEndpoint: p.oidcWellKnownEndpoints.TokenEndpoint,
		ClientID:      p.options.ClientID,
		DeviceCode:    codeResult.DeviceCode,
		PollInterval:  time.Duration(codeResult.Interval) * time.Second,
	}

	tr, err := p.exchanger.ExchangeDeviceCode(context.Background(), exchangeRequest)
	if err != nil {
		return nil, errors.Wrap(err, "could not exchange code")
	}

	token := convertToOAuth2Token(tr, p.clock)
	grant := &AuthorizationGrant{
		Type:          GrantTypeDeviceCode,
		Audience:      audience,
		ClientID:      p.options.ClientID,
		TokenEndpoint: p.oidcWellKnownEndpoints.TokenEndpoint,
		Token:         &token,
		Scopes:        additionalScopes,
	}
	return grant, nil
}