LeanderBB
diff --git a/‎Cargo.toml
Lines changed: 1 addition & 0 deletions b/‎Cargo.toml
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/user_id.rs
Lines changed: 3 additions & 3 deletions b/‎examples/user_id.rs
Lines changed: 3 additions & 3 deletions
diff --git a/‎examples/user_id_sync.rs
Lines changed: 3 additions & 3 deletions b/‎examples/user_id_sync.rs
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/clientv2/client.rs
Lines changed: 1 addition & 1 deletion b/‎src/clientv2/client.rs
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/clientv2/mod.rs
Lines changed: 2 additions & 0 deletions b/‎src/clientv2/mod.rs
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/clientv2/session.rs
Lines changed: 77 additions & 39 deletions b/‎src/clientv2/session.rs
Lines changed: 77 additions & 39 deletions
@@ -24,6 +24,7 @@ secrecy = "0.8"
 anyhow = "1.0"
 bytes = "1.4"
 log = "0.4"
+parking_lot = "0.12"
 ureq = {version="2.6", optional=true}
 
 
 
@@ -1,5 +1,5 @@
-use proton_api_rs::{http, ping_async};
-use proton_api_rs::{Session, SessionType};
+use proton_api_rs::SessionType;
+use proton_api_rs::{http, ping_async, DefaultSession};
 pub use tokio;
 use tokio::io::{AsyncBufReadExt, AsyncWriteExt};
 
@@ -16,7 +16,7 @@ async fn main() {
 
     ping_async(&client).await.unwrap();
 
-    let session = match Session::login_async(&client, &user_email, &user_password)
+    let session = match DefaultSession::login_async(&client, &user_email, &user_password)
         .await
         .unwrap()
     {
 
@@ -1,5 +1,5 @@
-use proton_api_rs::clientv2::{ping, Session, SessionType};
-use proton_api_rs::http;
+use proton_api_rs::clientv2::{ping, SessionType};
+use proton_api_rs::{http, DefaultSession};
 use std::io::{BufRead, Write};
 
 fn main() {
@@ -16,7 +16,7 @@ fn main() {
 
     ping(&client).unwrap();
 
-    let session = match Session::login(&client, &user_email, &user_password).unwrap() {
+    let session = match DefaultSession::login(&client, &user_email, &user_password).unwrap() {
         SessionType::Authenticated(s) => s,
         SessionType::AwaitingTotp(mut t) => {
             let mut line_reader = std::io::BufReader::new(std::io::stdin());
 
@@ -1,5 +1,5 @@
 use crate::http;
-use crate::http::RequestNoBody;
+use crate::http::Request;
 use crate::requests::Ping;
 
 pub fn ping<T: http::ClientSync>(client: &T) -> Result<(), http::Error> {
 
@@ -1,7 +1,9 @@
 mod client;
 mod session;
+mod session_policies;
 mod totp;
 
 pub use client::*;
 pub use session::*;
+pub use session_policies::*;
 pub use totp::*;
@@ -1,13 +1,15 @@
 use crate::clientv2::TotpSession;
 use crate::domain::{Event, EventId, TwoFactorAuth, User, UserUid};
-use crate::http;
-use crate::http::{DefaultRequestFactory, RequestFactory, RequestNoBody, RequestWithBody};
+use crate::http::{DefaultRequestFactory, Request, RequestFactory};
 use crate::requests::{
     AuthInfoRequest, AuthInfoResponse, AuthRefreshRequest, AuthRequest, AuthResponse,
     GetEventRequest, GetLatestEventRequest, LogoutRequest, TFAStatus, UserAuth, UserInfoRequest,
 };
+use crate::{http, AutoAuthRefreshRequestPolicy};
 use go_srp::SRPAuth;
-use secrecy::ExposeSecret;
+use secrecy::Secret;
+use std::future::Future;
+use std::pin::Pin;
 
 #[derive(Debug, thiserror::Error)]
 pub enum LoginError {
@@ -25,40 +27,61 @@ pub enum LoginError {
     SRPProof(String),
 }
 
+/// Trait to access the underlying user authentication data in a session policy.
+pub trait UserAuthFromSessionRequestPolicy {
+    fn user_auth(&self) -> &UserAuth;
+    fn user_auth_mut(&mut self) -> &mut UserAuth;
+}
+
+/// Data which can be used to save a session and restore it later.
+pub struct SessionRefreshData {
+    pub user_uid: Secret<UserUid>,
+    pub token: Secret<String>,
+}
+
+/// Session Request Policy can be used to add custom behavior to a session request, such as
+/// retrying on network errors, respecting 429 codes, etc...
+pub trait SessionRequestPolicy: From<UserAuth> + RequestFactory {
+    fn execute<C: http::ClientSync, R: Request>(
+        &self,
+        client: &C,
+        request: R,
+    ) -> http::Result<R::Output>;
+
+    fn execute_async<'a, C: http::ClientAsync, R: Request + 'a>(
+        &'a self,
+        client: &'a C,
+        request: R,
+    ) -> Pin<Box<dyn Future<Output = http::Result<R::Output>> + 'a>>;
+
+    fn get_refresh_data(&self) -> SessionRefreshData;
+}
+
 #[derive(Debug)]
-pub enum SessionType {
-    Authenticated(Session),
-    AwaitingTotp(TotpSession),
+pub enum SessionType<P: SessionRequestPolicy> {
+    Authenticated(Session<P>),
+    AwaitingTotp(TotpSession<P>),
 }
 
+/// Authenticated Session from which one can access data/functionality restricted to authenticated
+/// users.
 #[derive(Debug)]
-pub struct Session {
-    user: UserAuth,
+pub struct Session<P: SessionRequestPolicy> {
+    pub(super) policy: P,
 }
 
-impl Session {
+impl<P: SessionRequestPolicy> Session<P> {
     fn new(user: UserAuth) -> Self {
-        Self { user }
-    }
-
-    fn apply_auth_token(&self, request: http::Request) -> http::Request {
-        request
-            .header(http::X_PM_UID_HEADER, &self.user.uid.expose_secret().0)
-            .bearer_token(self.user.access_token.expose_secret())
-    }
-
-    fn new_request(&self, method: http::Method, url: &str) -> http::Request {
-        let request = http::Request::new(method, url);
-        self.apply_auth_token(request)
+        Self {
+            policy: P::from(user),
+        }
     }
-}
 
-impl Session {
     pub fn login<T: http::ClientSync>(
         client: &T,
         username: &str,
         password: &str,
-    ) -> Result<SessionType, LoginError> {
+    ) -> Result<SessionType<P>, LoginError> {
         let auth_info_response =
             AuthInfoRequest { username }.execute_sync::<T>(client, &DefaultRequestFactory {})?;
 
@@ -79,7 +102,7 @@ impl Session {
         client: &T,
         username: &str,
         password: &str,
-    ) -> Result<SessionType, LoginError> {
+    ) -> Result<SessionType<P>, LoginError> {
         let auth_info_response = AuthInfoRequest { username }
             .execute_async::<T>(client, &DefaultRequestFactory {})
             .await?;
@@ -111,7 +134,6 @@ impl Session {
     }
 
     pub fn refresh<T: http::ClientSync>(
-        &self,
         client: &T,
         user_uid: &UserUid,
         token: &str,
@@ -123,55 +145,71 @@ impl Session {
     }
 
     pub fn get_user<T: http::ClientSync>(&self, client: &T) -> Result<User, http::Error> {
-        let user = UserInfoRequest {}.execute_sync::<T>(client, self)?;
+        let user = self.policy.execute(client, UserInfoRequest {})?;
         Ok(user.user)
     }
 
     pub async fn get_user_async<T: http::ClientAsync>(
         &self,
         client: &T,
     ) -> Result<User, http::Error> {
-        let user = UserInfoRequest {}.execute_async::<T>(client, self).await?;
+        let user = self
+            .policy
+            .execute_async(client, UserInfoRequest {})
+            .await?;
         Ok(user.user)
     }
 
     pub fn logout<T: http::ClientSync>(&self, client: &T) -> Result<(), http::Error> {
-        LogoutRequest {}.execute_sync::<T>(client, self)
+        LogoutRequest {}.execute_sync::<T>(client, &self.policy)
     }
 
     pub async fn logout_async<T: http::ClientAsync>(&self, client: &T) -> Result<(), http::Error> {
-        LogoutRequest {}.execute_async::<T>(client, self).await
+        LogoutRequest {}
+            .execute_async::<T>(client, &self.policy)
+            .await
     }
 
     pub fn get_latest_event<T: http::ClientSync>(&self, client: &T) -> http::Result<EventId> {
-        let r = GetLatestEventRequest.execute_sync(client, self)?;
+        let r = self.policy.execute(client, GetLatestEventRequest {})?;
         Ok(r.event_id)
     }
 
     pub async fn get_latest_event_async<T: http::ClientAsync>(
         &self,
         client: &T,
     ) -> http::Result<EventId> {
-        let r = GetLatestEventRequest.execute_async(client, self).await?;
+        let r = self
+            .policy
+            .execute_async(client, GetLatestEventRequest {})
+            .await?;
         Ok(r.event_id)
     }
 
     pub fn get_event<T: http::ClientSync>(&self, client: &T, id: &EventId) -> http::Result<Event> {
-        GetEventRequest::new(id).execute_sync(client, self)
+        self.policy.execute(client, GetEventRequest::new(id))
     }
 
     pub async fn get_event_async<T: http::ClientAsync>(
         &self,
         client: &T,
         id: &EventId,
     ) -> http::Result<Event> {
-        GetEventRequest::new(id).execute_async(client, self).await
+        self.policy
+            .execute_async(client, GetEventRequest::new(id))
+            .await
+    }
+
+    pub fn get_refresh_data(&self) -> SessionRefreshData {
+        self.policy.get_refresh_data()
     }
 }
 
-impl RequestFactory for Session {
-    fn new_request(&self, method: http::Method, url: &str) -> http::Request {
-        self.new_request(method, url)
+impl<T: SessionRequestPolicy + UserAuthFromSessionRequestPolicy>
+    Session<AutoAuthRefreshRequestPolicy<T>>
+{
+    pub fn was_auth_refreshed(&self) -> bool {
+        self.policy.was_auth_refreshed()
     }
 }
 
@@ -191,10 +229,10 @@ fn generate_session_proof(
     .map_err(LoginError::ServerProof)
 }
 
-fn validate_server_proof(
+fn validate_server_proof<P: SessionRequestPolicy>(
     proof: &SRPAuth,
     auth_response: &AuthResponse,
-) -> Result<SessionType, LoginError> {
+) -> Result<SessionType<P>, LoginError> {
     if proof.expected_server_proof != auth_response.server_proof {
         return Err(LoginError::ServerProof(
             "Server Proof does not match".to_string(),