Skip to content

Feature/add token options #41

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: feature/migrate_session_from_rc
Choose a base branch
from
Open

Feature/add token options #41

wants to merge 11 commits into from

Conversation

@alchenist
Copy link

@alchenist alchenist commented Jul 14, 2025
edited
Loading

Description

Adds the option to pass in an existing OAuth access token when instantiating clients, either as a string or as a callable (which will be called repeatedly, on every call to EdFiSession.authenticate). With new default limits for how many active tokens may exist at any time, this allows for easier sharing of tokens between processes.

Breaking changes:

  • Should be none to existing instantiations of EdFiClient; new access_token is a named argument so existing calls using client key/secret as positional arguments should be unaffected.

Changes to existing files:

  • edfi_client.py:
    • Add access_token named argument to init; checks that only one of client_secret or access_token are provided.
    • Add refresh_buffer_seconds optional argument; makes original 120-second buffer between expiry time and scheduled refresh configurable, as in the extras for an Airflow connection object
  • session.py:
    • Save access_token, if passed, into the external_access_token instance variable on EdFiSession instantiation
    • In EdFiSession.authenticate, add a fork for getting external tokens instead of fetching one
    • Return early out of EdFiSession.authenticate if EdFiSession.connect is called (which will call EdFiSession.authenticate anyway)
    • Skip the last sleep in EdFiSession._with_exponential_backoff if it's the last retry
    • Take refresh_buffer_seconds from caller; makes buffer time configurable but still defaults to 120s.

New files created:

  • tests/test_external_tokens.py: Basic pytest tests for new functionality

@alchenist alchenist requested a review from jayckaiser July 14, 2025 20:54
@alchenist alchenist mentioned this pull request Jul 17, 2025
Closed
@alchenist
Copy link
Author

alchenist commented Aug 7, 2025
edited
Loading

When using external authentication, we should probably consider passing around the whole authentication payload and a timestamp of when authentication happened instead of just the token. Currently, when we use an external token getter, an EdFiClient has no way of knowing when the token expires or when to refresh it since we only pass it the token. Implementing an expiration-aware client would probably improve performance and avoid hammering the token getter.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jayckaiser jayckaiser Awaiting requested review from jayckaiser

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alchenist