oauth2: clarify comment about tokenRefresher's thread safety
Change-Id: I9a3faedb8faf7701be7c82c7fff964b56d7c96c8
Reviewed-on: https://go-review.googlesource.com/4116
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
diff --git a/oauth2.go b/oauth2.go
index 396f11b..42aeb34 100644
--- a/oauth2.go
+++ b/oauth2.go
@@ -250,6 +250,10 @@
refreshToken string
}
+// WARNING: Token is not safe for concurrent access, as it
+// updates the tokenRefresher's refreshToken field.
+// Within this package, it is used by reuseTokenSource which
+// synchronizes calls to this method with its own mutex.
func (tf *tokenRefresher) Token() (*Token, error) {
if tf.refreshToken == "" {
return nil, errors.New("oauth2: token expired and refresh token is not set")
@@ -263,9 +267,7 @@
if err != nil {
return nil, err
}
- if tk.RefreshToken != tf.refreshToken {
- // possible race condition avoided because tokenRefresher
- // should be protected by reuseTokenSource.mu
+ if tf.refreshToken != tk.RefreshToken {
tf.refreshToken = tk.RefreshToken
}
return tk, err
