Use our lock to make token manager thread safe (#154)

kylebrowning · web-flow · commit 7eddf52a3e71 · 2022-09-04T12:14:27.000-06:00
diff --git a/Sources/APNSwift/APNSAuthenticationTokenManager.swift b/Sources/APNSwift/APNSAuthenticationTokenManager.swift
@@ -75,32 +75,35 @@ final class APNSAuthenticationTokenManager {
     /// If there is a previously generated token that is still valid it will be returned, otherwise a fresh token will be generated.
     var nextValidToken: String {
         get throws {
-            // First we check if there is a previously generated token
-            // and if that token is still valid.
-            if let lastGeneratedToken = lastGeneratedToken,
-               self.currentTimeFactory().asSecondsSince1970 - lastGeneratedToken.issuedAt.asSecondsSince1970 < Self
-               .expirationDurationInSeconds
-            {
-                // The last generated token is still valid
-
-                logger.debug(
-                    "APNSAuthenticationTokenManager reusing previously generated token",
-                    metadata: [
-                        LoggingKeys.authenticationTokenIssuedAt: "\(lastGeneratedToken.issuedAt)",
-                        LoggingKeys.authenticationTokenIssuer: "\(teamIdentifier)",
-                        LoggingKeys.authenticationTokenKeyID: "\(keyIdentifier)",
-                    ]
-                )
-                return lastGeneratedToken.token
-            } else {
-                let token = try generateNewToken(
-                    privateKey: privateKey,
-                    teamIdentifier: teamIdentifier,
-                    keyIdentifier: keyIdentifier
-                )
-                lastGeneratedToken = token
-
-                return token.token
+            try lock.withLock {
+
+                // First we check if there is a previously generated token
+                // and if that token is still valid.
+                if let lastGeneratedToken = lastGeneratedToken,
+                   self.currentTimeFactory().asSecondsSince1970 - lastGeneratedToken.issuedAt.asSecondsSince1970 < Self
+                    .expirationDurationInSeconds
+                {
+                    // The last generated token is still valid
+
+                    logger.debug(
+                        "APNSAuthenticationTokenManager reusing previously generated token",
+                        metadata: [
+                            LoggingKeys.authenticationTokenIssuedAt: "\(lastGeneratedToken.issuedAt)",
+                            LoggingKeys.authenticationTokenIssuer: "\(teamIdentifier)",
+                            LoggingKeys.authenticationTokenKeyID: "\(keyIdentifier)",
+                        ]
+                    )
+                    return lastGeneratedToken.token
+                } else {
+                    let token = try generateNewToken(
+                        privateKey: privateKey,
+                        teamIdentifier: teamIdentifier,
+                        keyIdentifier: keyIdentifier
+                    )
+                    lastGeneratedToken = token
+
+                    return token.token
+                }
             }
         }
     }
