feat(OAuth): allow for access_token without expiration from the API

[maxi297]

What

See https://github.com/airbytehq/airbyte-enterprise/pull/82#discussion_r1943603994 for more details

How

Allow for initializing an access_token while provided a date in the future for refresh.

Note that if the token_expiry_date is not far enough in the future, the connector might refresh the token on every call. It is the responsibility of the connector to put a date that is far enough in the future to avoid this.

Summary by CodeRabbit

• Bug Fixes

  • Enhanced the authentication flow to more reliably handle token expiration and refresh scenarios, ensuring smoother and more consistent access.

• Tests

  • Expanded test coverage to validate the improved token management, including scenarios with no access token but a future expiry date, helping maintain robust and dependable authentication behavior.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces changes to token management in the OAuth authentication components. In DeclarativeOauth2Authenticator, a new helper method is added to check for token initialization, and get_token_expiry_date now returns a fallback datetime value when the token is missing. In AbstractOauth2Authenticator, a conditional branch is added in the token parsing method to return the current expiry when no value is provided and the token has not expired. Corresponding tests have been updated and added.

Changes

File(s)	Change Summary
airbyte_cdk/sources/declarative/auth/oauth.py unit_tests/sources/declarative/auth/test_oauth.py	Added _has_access_token_been_initialized() method and updated get_token_expiry_date to return a minimum datetime when the access token is not set; tests updated/added to verify token refresh and expiry handling.
airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py	Introduced a conditional check in _parse_token_expiration_date to return the current token expiry date if no new expiration value is provided and the token remains valid.

Sequence Diagram(s)

sequenceDiagram
    participant C as Client
    participant D as DeclarativeOauth2Authenticator
    C->>D: get_token_expiry_date()
    D->>D: _has_access_token_been_initialized()
    alt Token not initialized
        D-->>C: Return AirbyteDateTime(datetime.min)
    else Token initialized
        D-->>C: Return computed token expiry date
    end

Loading

sequenceDiagram
    participant C as Caller
    participant A as AbstractOauth2Authenticator
    C->>A: _parse_token_expiration_date(value)
    alt Value not provided and token valid
        A->>A: get_token_expiry_date()
        A-->>C: Return current token expiry date
    else
        A-->>C: Parse and return provided expiration value
    end

Loading

Possibly related PRs

• fix: (DeclarativeOAuthFlow) - allow DeclarativeOauth2Authenticator to use access_token directly when no token_refresh_endpoint or refresh_token values are provided. #182: The changes in the main PR are directly related to the modifications made to the DeclarativeOauth2Authenticator class in the retrieved PR, specifically regarding the handling of access tokens and the introduction of new methods that enhance token management.
• feat(low-code): pass refresh headers to oauth #219: The changes in the main PR are related to the modifications made to the DeclarativeOauth2Authenticator class in the retrieved PR, as both involve updates to the same class and its methods.
• feat(low-code): add profile assertion flow to oauth authenticator component #236: The changes in the main PR are directly related to the modifications made to the DeclarativeOauth2Authenticator class in the retrieved PR, as both PRs involve alterations to the same class and its methods.

Suggested labels

oauth, oauth_in_builder

Suggested reviewers

• maxi297
• bnchrch
• aldogonzalez8

What do you think about these suggestions? Would you like to include any additional reviewers or labels?

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

airbyte_cdk/sources/declarative/auth/oauth.py (1)

234-237: Consider adding a docstring to explain the fallback behavior, wdyt?

The logic to return datetime.min when access token is not initialized is a significant behavior that should be documented.

 def get_token_expiry_date(self) -> AirbyteDateTime:
+    """
+    Returns the token expiry date. If the access token has not been initialized,
+    returns the minimum datetime value to ensure token refresh.
+    """
     if not self._has_access_token_been_initialized():
         return AirbyteDateTime.from_datetime(datetime.min)
     return self._token_expiry_date  # type: ignore # _token_expiry_date is an AirbyteDateTime. It is never None despite what mypy thinks

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d1cfbb8 and 1c4ea9c.

📒 Files selected for processing (3)

• airbyte_cdk/sources/declarative/auth/oauth.py (2 hunks)
• airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1 hunks)
• unit_tests/sources/declarative/auth/test_oauth.py (2 hunks)

🧰 Additional context used

🪛 GitHub Actions: Linters

unit_tests/sources/declarative/auth/test_oauth.py

[warning] 1-1: File would be reformatted. Please format the code according to the style guidelines.

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: Check: 'source-pokeapi' (skip=false)
• GitHub Check: Check: 'source-the-guardian-api' (skip=false)
• GitHub Check: Check: 'source-shopify' (skip=false)
• GitHub Check: Check: 'source-hardcoded-records' (skip=false)
• GitHub Check: Pytest (All, Python 3.11, Ubuntu)
• GitHub Check: Pytest (All, Python 3.10, Ubuntu)
• GitHub Check: Pytest (Fast)
• GitHub Check: Analyze (python)

🔇 Additional comments (5)

airbyte_cdk/sources/declarative/auth/oauth.py (2)

6-6: LGTM!

The import of datetime is correctly added alongside timedelta to support the new functionality.

---

239-241: LGTM!

The helper method is well-named and follows the single responsibility principle.

airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1)

264-266: LGTM!

The added condition elegantly handles the case where no expiry value is provided but the current token is still valid. The comment clearly explains the logic.

unit_tests/sources/declarative/auth/test_oauth.py (2)

304-304: LGTM!

The addition of access_token_value parameter to the test is consistent with the changes in the implementation.

---

317-343: LGTM!

The new test case thoroughly verifies the behavior when there's no access token but a future expiry date. The test:

1. Sets up the authenticator with a future expiry date
2. Mocks the HTTP interaction
3. Verifies both the token value and expiry date

[maxi297]

/autofix

Auto-Fix Job Info

This job attempts to auto-fix any linting or formating issues. If any fixes are made,
those changes will be automatically committed and pushed back to the PR.

Note: This job can only be run by maintainers. On PRs from forks, this command requires
that the PR author has enabled the Allow edits from maintainers option.

PR auto-fix job started... Check job output.

✅ Changes applied successfully.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

unit_tests/sources/declarative/auth/test_oauth.py (1)

317-344: LGTM! Would you consider adding more assertions to make the test more robust?

The test effectively verifies the core functionality. Perhaps we could make it even more thorough by adding assertions for:

• The request headers to ensure proper authentication
• The grant type in the request body
• Edge cases around the expiry date

What do you think? 🤔

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1c4ea9c and 9f4751b.

📒 Files selected for processing (1)

• unit_tests/sources/declarative/auth/test_oauth.py (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (8)

• GitHub Check: Check: 'source-pokeapi' (skip=false)
• GitHub Check: Check: 'source-the-guardian-api' (skip=false)
• GitHub Check: Check: 'source-shopify' (skip=false)
• GitHub Check: Check: 'source-hardcoded-records' (skip=false)
• GitHub Check: Pytest (All, Python 3.11, Ubuntu)
• GitHub Check: Pytest (Fast)
• GitHub Check: Pytest (All, Python 3.10, Ubuntu)
• GitHub Check: Analyze (python)

🔇 Additional comments (1)

unit_tests/sources/declarative/auth/test_oauth.py (1)

304-304: LGTM! Good addition of access_token_value parameter.

This change aligns well with testing token initialization scenarios.

[lazebnyi]

lgtm