func bindAndRefresh(fp string) {
hash := sha256.Sum256(byte(fp))
token, _ := client.GuestAPI.PostGuestsToken(ctx, map[string]any{
“deviceFingerprint”: hex.EncodeToString(hash[:]),
“expirationDuration”: “PT5M”,
})
TOKEN_CACHE.Set(fp, token)
}
Trying to lock down Web Messaging guest sessions in Go. Sliding expiration logic fires early while the background refresh routine doesn’t catch the WebSocket revocation control messages. EXPIRATION_DURATION and REFRESH_INTERVAL are set to general defaults but the in-memory map still races, leaving the goroutine to panic on the next auth check.