CF Push: Ensure we refresh token

src/jetstream/plugins/cfapppush/deploy.go

@@ -479,22 +479,30 @@ func (cfAppPush *CFAppPush) getConfigData(echoContext echo.Context, cnsiGUID str
 		sendErrorMessage(clientWebSocket, err, CLOSE_NO_SESSION)
 		return nil, err
 	}
-	cnsiTokenRecord, found := cfAppPush.portalProxy.GetCNSITokenRecord(cnsiGUID, userID)
+	_, found := cfAppPush.portalProxy.GetCNSITokenRecord(cnsiGUID, userID)
 	if !found {
 		log.Warnf("Failed to retrieve record for CNSI %s", cnsiGUID)
 		sendErrorMessage(clientWebSocket, err, CLOSE_NO_CNSI_USERTOKEN)
 		return nil, errors.New("Failed to find token record")
 	}
 
+	// Refresh token first - makes sure it will be valid when we do the push
+	refreshedTokenRec, err := cfAppPush.portalProxy.RefreshOAuthToken(cnsiRecord.SkipSSLValidation, cnsiRecord.GUID, userID, cnsiRecord.ClientId, cnsiRecord.ClientSecret, cnsiRecord.TokenEndpoint)
+	if err != nil {
+		log.Warnf("Couldn't get refresh token for endpoint with GUID %s", cnsiRecord.GUID)
+		sendErrorMessage(clientWebSocket, err, CLOSE_NO_CNSI_USERTOKEN)
+		return nil, fmt.Errorf("Couldn't get refresh token for endpoint with GUID %s", cnsiRecord.GUID)
+	}
+
 	config := &CFPushAppConfig{
 		AuthorizationEndpoint:  cnsiRecord.AuthorizationEndpoint,
 		CFClient:               cnsiRecord.ClientId,
 		CFClientSecret:         cnsiRecord.ClientSecret,
 		APIEndpointURL:         cnsiRecord.APIEndpoint.String(),
 		DopplerLoggingEndpoint: cnsiRecord.DopplerLoggingEndpoint,
 		SkipSSLValidation:      cnsiRecord.SkipSSLValidation,
-		AuthToken:              cnsiTokenRecord.AuthToken,
-		RefreshToken:           cnsiTokenRecord.RefreshToken,
+		AuthToken:              refreshedTokenRec.AuthToken,
+		RefreshToken:           refreshedTokenRec.RefreshToken,
 		OrgGUID:                orgGUID,
 		OrgName:                orgName,
 		SpaceGUID:              spaceGUID,