search

Mendeley / mendeley-python-sdk

Python SDK for the Mendeley API.
Apache License 2.0
119 stars 59 forks source link

Refresh token won´t work #10

Open DavidWiesner opened 9 years ago

DavidWiesner commented 9 years ago

When I use your mendeley-api-python-example and the access token gets expired I expected the access token gets refreshed automatically, but it won´t.

So here in are the steps to reproduce:

  1. install and run the mendeley-api-python-example
  2. wait until the token gets expired (1h)
  3. refresh website
    expected result

the access_token will be refreshed with the refresh_token

actual result

TokenExpiredError

expected fix: using MendeleyAuthorizationCodeTokenRefresher

I expected to fix this bug by using MendeleyAuthorizationCodeTokenRefresher in mendeley-example.py#L101 So I change the method to: 

def get_session_from_cookies():
    authenticator = MendeleyAuthorizationCodeAuthenticator(mendeley, session['state'])
    refresher = MendeleyAuthorizationCodeTokenRefresher(authenticator)
    return MendeleySession(mendeley, session['token'], refresher=refresher)
actual result

TokenExpiredError and log: No new refresh token given. Re-using old.

possible fix in MendeleyAuthorizationCodeAuthenticator

the problem is oauth.refresh_token try to find a refresh token his object, but because the OAuth2Session object is recreated this token must be passed explicit:

--- auth.py (revision )
+++ auth.py (revision )
@@ -104,7 +104,7 @@
         self.redirect_uri = authenticator.mendeley.redirect_uri

     def refresh(self, session):
-        oauth = OAuth2Session(client=self.client, redirect_uri=self.redirect_uri, scope=['all'])
+        oauth = OAuth2Session(client=self.client, redirect_uri=self.redirect_uri, scope=['all'], token=session.token)
         oauth.compliance_hook['access_token_response'] = [handle_text_response]

         session.token = oauth.refresh_token(self.token_url, auth=self.auth)

This should be fixed the bug regards, david

Joyce-Stack commented 9 years ago

David,

Have you been able to run this code successfully?

Joyce-Stack commented 8 years ago

Is this still an issue or can I close this?

mfschmidt commented 8 years ago

@MendeleyStack: Rather than "closing" this, I suggest you make his edits to the source so we can all benefit downstream. The problem is easily replicable and easily solved, thanks to his well-written explanation, but only if you have credentials to fix the codebase.

Alternatively, please provide an alternative method for auto-refreshing expired tokens.

Thanks!

mebibou commented 1 year ago

I dont know if it is related, but very regularly I get the following error:

ile \"/var/task/mendeley/auth.py\", line 31, in authenticate
    token = oauth.fetch_token(self.token_url, auth=self.auth, scope=['all'])
  File \"/var/task/requests_oauthlib/oauth2_session.py\", line 364, in fetch_token
    r = hook(r)
  File \"/var/task/mendeley/auth.py\", line 12, in handle_text_response
    if rsp.headers['content-type'] == 'text/plain':
  File \"/var/task/requests/structures.py\", line 52, in __getitem__
    return self._store[key.lower()][1]
KeyError: 'content-type'

I authenticate using:

mendel = Mendeley(CLIENT_ID, CLIENT_SECRET)
session = mendel.start_client_credentials_flow().authenticate()

But I imagine the error happens whenever the token expires. How to fix it?