SessionState refactoring; improve token renewal and cookie refresh

* New SessionState to consolidate email, access token and refresh token
* split ServeHttp into individual methods
* log on session renewal
* log on access token refresh
* refactor cookie encription/decription and session state serialization

providers/myusa_test.go

@@ -1,11 +1,12 @@
 package providers
 
 import (
-	"github.com/bmizerany/assert"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"testing"
+
+	"github.com/bmizerany/assert"
 )
 
 func updateUrl(url *url.URL, hostname string) {
@@ -102,7 +103,8 @@ func TestMyUsaProviderGetEmailAddress(t *testing.T) {
 	b_url, _ := url.Parse(b.URL)
 	p := testMyUsaProvider(b_url.Host)
 
-	email, err := p.GetEmailAddress([]byte{}, "imaginary_access_token")
+	session := &SessionState{AccessToken: "imaginary_access_token"}
+	email, err := p.GetEmailAddress(session)
 	assert.Equal(t, nil, err)
 	assert.Equal(t, "michael.bland@gsa.gov", email)
 }
@@ -119,7 +121,8 @@ func TestMyUsaProviderGetEmailAddressFailedRequest(t *testing.T) {
 	// We'll trigger a request failure by using an unexpected access
 	// token. Alternatively, we could allow the parsing of the payload as
 	// JSON to fail.
-	email, err := p.GetEmailAddress([]byte{}, "unexpected_access_token")
+	session := &SessionState{AccessToken: "unexpected_access_token"}
+	email, err := p.GetEmailAddress(session)
 	assert.NotEqual(t, nil, err)
 	assert.Equal(t, "", email)
 }
@@ -131,7 +134,8 @@ func TestMyUsaProviderGetEmailAddressEmailNotPresentInPayload(t *testing.T) {
 	b_url, _ := url.Parse(b.URL)
 	p := testMyUsaProvider(b_url.Host)
 
-	email, err := p.GetEmailAddress([]byte{}, "imaginary_access_token")
+	session := &SessionState{AccessToken: "imaginary_access_token"}
+	email, err := p.GetEmailAddress(session)
 	assert.NotEqual(t, nil, err)
 	assert.Equal(t, "", email)
 }