84 lines
3.1 KiB
Python
84 lines
3.1 KiB
Python
"""
|
|
MIT License
|
|
|
|
Copyright (c) 2020 Airbyte
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
in the Software without restriction, including without limitation the rights
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
The above copyright notice and this permission notice shall be included in all
|
|
copies or substantial portions of the Software.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
SOFTWARE.
|
|
"""
|
|
|
|
|
|
from typing import Any, Mapping, Tuple
|
|
|
|
import pendulum
|
|
import requests
|
|
from base_python.cdk.streams.auth.core import HttpAuthenticator
|
|
|
|
|
|
class Oauth2Authenticator(HttpAuthenticator):
|
|
def __init__(self, token_refresh_endpoint: str, client_id: str, client_secret: str, refresh_token: str, scopes: [str] = None):
|
|
self.token_refresh_endpoint = token_refresh_endpoint
|
|
self.client_secret = client_secret
|
|
self.client_id = client_id
|
|
self.refresh_token = refresh_token
|
|
self.scopes = scopes
|
|
|
|
self._token_expiry_date = pendulum.now().subtract(days=1)
|
|
self._access_token = None
|
|
|
|
def get_auth_header(self) -> Mapping[str, Any]:
|
|
return {"Authorization": f"Bearer {self.get_access_token()}"}
|
|
|
|
def get_access_token(self):
|
|
if self.token_has_expired():
|
|
t0 = pendulum.now()
|
|
token, expires_in = self.refresh_access_token()
|
|
self._access_token = token
|
|
self._token_expiry_date = t0.add(seconds=expires_in)
|
|
|
|
return self._access_token
|
|
|
|
def token_has_expired(self) -> bool:
|
|
return pendulum.now() > self._token_expiry_date
|
|
|
|
def get_refresh_request_body(self) -> Mapping[str, any]:
|
|
""" Override to define additional parameters """
|
|
payload = {
|
|
"grant_type": "refresh_token",
|
|
"client_id": self.client_id,
|
|
"client_secret": self.client_secret,
|
|
"refresh_token": self.refresh_token,
|
|
}
|
|
|
|
if self.scopes:
|
|
payload["scopes"] = self.scopes
|
|
|
|
return payload
|
|
|
|
def refresh_access_token(self) -> Tuple[str, int]:
|
|
"""
|
|
returns a tuple of (access_token, token_lifespan_in_seconds)
|
|
"""
|
|
try:
|
|
response = requests.request(method="POST", url=self.token_refresh_endpoint, data=self.get_refresh_request_body())
|
|
response.raise_for_status()
|
|
response_json = response.json()
|
|
return response_json["access_token"], response_json["expires_in"]
|
|
except Exception as e:
|
|
raise Exception(f"Error while refreshing access token: {e}") from e
|