refresh token when needed and use oauth2.Client for requests

main.go

@@ -34,6 +34,8 @@ func main() {
 		RedirectURL: os.Getenv("REDIRECT_URI"),
 	}
 
+	oauthClient := oauthConfig.Client(context.Background(), token)
+
 	mux := http.NewServeMux()
 
 	mux.HandleFunc("GET /oauth", func(w http.ResponseWriter, r *http.Request) {
@@ -47,6 +49,7 @@ func main() {
 			return
 		}
 
+		oauthClient = oauthConfig.Client(context.Background(), token)
 		if err := writeConfig(authConfigPath, token); err != nil {
 			http.Error(w, err.Error(), 500)
 			return
@@ -57,6 +60,20 @@ func main() {
 	})
 
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		tokenSource := oauthConfig.TokenSource(context.Background(), token)
+		newToken, err := tokenSource.Token()
+		if err != nil {
+			http.Error(w, fmt.Sprintf("failed to get new token: %v", err), 500)
+			return
+		}
+
+		if newToken.AccessToken != token.AccessToken {
+			if err := writeConfig(authConfigPath, newToken); err != nil {
+				http.Error(w, fmt.Sprintf("failed to save new token: %v", err), 500)
+				return
+			}
+		}
+
 		baseURL := os.Getenv("API_URL")
 		req, err := http.NewRequest(r.Method, baseURL+r.URL.Path, r.Body)
 		if err != nil {
@@ -65,12 +82,7 @@ func main() {
 		}
 		req.URL.RawQuery = r.URL.RawQuery
 
-		if token.AccessToken != "" {
-			authHeader := fmt.Sprintf("%s %s", token.TokenType, token.AccessToken)
-			req.Header.Add("Authorization", authHeader)
-		}
-
-		resp, err := http.DefaultClient.Do(req)
+		resp, err := oauthClient.Do(req)
 		if err != nil {
 			http.Error(w, err.Error(), 500)
 			return