cms-oauth: Check the token lifetime before returning it

If the mail functions are not being used then the ticket will get stale,
check the timestamp before returning it and refresh if too old.

Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>

2 files changed, 6 insertions, 2 deletions

diff --git a/cloud_mdir_sync/gmail.py b/cloud_mdir_sync/gmail.py
index 7ef9478..dee12f5 100644
--- a/cloud_mdir_sync/gmail.py
+++ b/cloud_mdir_sync/gmail.py
@@ -6,6 +6,7 @@ import datetime
 import functools
 import logging
 import secrets
+import time
 from typing import Dict, List, Optional, Set
 
 import aiohttp
@@ -278,7 +279,8 @@ class GmailAPI(oauth.Account):
     async def get_xoauth2_bytes(self, proto: str) -> Optional[bytes]:
         """Return the xoauth2 byte string for the given protocol to login to
         this account."""
-        while self.api_token is None:
+        while (self.api_token is None
+               or self.api_token["expires_at"] <= time.time() + 10):
             await self.authenticate()
 
         if proto == "SMTP" or proto == "IMAP":
diff --git a/cloud_mdir_sync/office365.py b/cloud_mdir_sync/office365.py
index 69a4462..32ae45a 100644
--- a/cloud_mdir_sync/office365.py
+++ b/cloud_mdir_sync/office365.py
@@ -7,6 +7,7 @@ import logging
 import os
 import pickle
 import secrets
+import time
 from typing import Any, Dict, Optional, Union
 
 import aiohttp
@@ -487,7 +488,8 @@ class GraphAPI(oauth.Account):
     async def get_xoauth2_bytes(self, proto: str) -> Optional[bytes]:
         """Return the xoauth2 byte string for the given protocol to login to
         this account."""
-        while self.owa_token is None:
+        while (self.owa_token is None
+               or self.owa_token["expires_at"] <= time.time() + 10):
             await self.authenticate()
 
         if proto == "SMTP" or proto == "IMAP":