-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: (DeclarativeOAuthFlow) - allow DeclarativeOauth2Authenticator
to use access_token
directly when no token_refresh_endpoint
or refresh_token
values are provided.
#182
Conversation
…authentication-using-access-token-value
📝 Walkthrough📝 WalkthroughWalkthroughThe pull request introduces modifications to the OAuth authentication mechanism in the Airbyte CDK. The primary changes include making the Changes
Possibly related PRs
Suggested Labels
Suggested Reviewers
Hey there! 👋 I noticed these changes look pretty neat. Wdyt about the new flexibility in token management? The sequence diagram might help visualize how the new 📜 Recent review detailsConfiguration used: CodeRabbit UI 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Nitpick comments (6)
airbyte_cdk/sources/declarative/auth/oauth.py (1)
99-101
: Consider validating access_token_value.What do you think about adding validation to ensure access_token_value isn't an empty string when provided? This could prevent potential auth header issues, wdyt?
self._access_token: Optional[str] = ( - self.access_token_value if self.access_token_value else None + self.access_token_value if self.access_token_value and self.access_token_value.strip() else None )airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1)
57-66
: Consider improving readability of the conditional logic.The current condition is a bit complex. What do you think about making it more explicit with intermediate variables, wdyt?
+ has_refresh_endpoint = self.get_token_refresh_endpoint() is not None + has_refresh_token = self.get_refresh_token() is not None + should_use_existing_token = not has_refresh_endpoint or (not has_refresh_token and self.access_token) token = ( self.access_token - if ( - not self.get_token_refresh_endpoint() - or not self.get_refresh_token() - and self.access_token - ) + if should_use_existing_token else self.get_access_token() )unit_tests/sources/declarative/auth/test_oauth.py (1)
132-150
: Consider adding more test cases for edge scenarios.The current test covers the happy path well. What do you think about adding tests for:
- Empty string access_token_value
- None access_token_value
- Interaction between access_token_value and refresh_token
- Precedence when both token sources are available
This would help ensure robust behavior across all scenarios, wdyt?
airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py (2)
1803-1804
: Consider addressing the type ignore comment more robustlyInstead of using a type ignore comment, would it make more sense to properly type the
token_refresh_endpoint
parameter? This could involve updating the type hints in the model or the authenticator class. wdyt?
1838-1838
: LGTM! Consider parameter orderingThe addition of
access_token_value
looks good. Just wondering if we should group it closer to related authentication parameters likeclient_id
andclient_secret
for better readability? wdyt?airbyte_cdk/sources/declarative/models/declarative_component_schema.py (1)
504-509
: LGTM! New access_token_value field looks goodThe field is well-defined with clear description and examples. Would you consider adding a note in the description about the precedence between
access_token_value
and the token refresh mechanism? For example, clarifying if providing this value will completely bypass the refresh flow, wdyt?
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (6)
airbyte_cdk/sources/declarative/auth/oauth.py
(2 hunks)airbyte_cdk/sources/declarative/declarative_component_schema.yaml
(1 hunks)airbyte_cdk/sources/declarative/models/declarative_component_schema.py
(2 hunks)airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py
(2 hunks)airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py
(3 hunks)unit_tests/sources/declarative/auth/test_oauth.py
(1 hunks)
🔇 Additional comments (5)
airbyte_cdk/sources/declarative/auth/oauth.py (2)
50-50
: LGTM! The optional parameters enhance flexibility.
The changes allow for both dynamic token refresh and static token usage scenarios, which is a good improvement in flexibility.
Also applies to: 58-58
108-116
: LGTM! Good error handling.
The None handling is implemented well, and the error message is clear and helpful.
airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1)
210-210
: LGTM! Consistent with implementation.
The return type change to Optional[str] aligns well with the implementation class.
airbyte_cdk/sources/declarative/declarative_component_schema.yaml (1)
1062-1067
: LGTM! Well-documented schema addition
The new access_token_value
property is well-defined with clear title, description, and helpful examples. The schema changes align perfectly with the implementation.
airbyte_cdk/sources/declarative/models/declarative_component_schema.py (1)
492-493
: LGTM! Making token_refresh_endpoint optional
The change aligns perfectly with the PR objective to allow DeclarativeOauth2Authenticator
to work without a token refresh endpoint.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TY!
…authentication-using-access-token-value
…authentication-using-access-token-value
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Nitpick comments (1)
airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py (1)
1803-1804
: Consider adding type hints for optional token_refresh_endpointThe type annotation for
token_refresh_endpoint
could be more explicit about being optional. What do you think about addingOptional[str]
to make it clearer for other developers? wdyt?- model.token_refresh_endpoint, # type: ignore + model.token_refresh_endpoint, # type: Optional[str]
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
airbyte_cdk/sources/declarative/declarative_component_schema.yaml
(1 hunks)airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py
(2 hunks)airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py
(3 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py
🔇 Additional comments (2)
airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py (1)
1838-1838
: LGTM: New access_token_value parameter
The addition of the access_token_value parameter aligns well with the PR objectives, allowing direct access token usage when refresh capabilities aren't needed.
Let's verify the usage of this new parameter:
✅ Verification successful
Access token value implementation looks well-integrated and properly used
The verification shows that access_token_value
is:
- Properly defined in the schema with clear documentation
- Correctly implemented in the OAuth authenticator with proper initialization and validation
- Well-tested with specific test cases covering the direct access token usage scenario
- Safely handled with proper type hints and optional parameters
The implementation aligns perfectly with its intended purpose of allowing direct access token usage when refresh capabilities aren't needed.
🏁 Scripts executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Description: Check if access_token_value is properly used in the codebase
# Look for any potential direct usage of access_token_value in auth flows
# Search for access_token_value usage
echo "Searching for access_token_value usage in auth flows..."
rg -A 5 "access_token_value"
Length of output: 7105
airbyte_cdk/sources/declarative/declarative_component_schema.yaml (1)
1062-1067
: LGTM: Well-documented access_token_value property
The new access_token_value property is well documented with clear title, description and examples. The schema changes align perfectly with the implementation.
What
Resolving:
How
token_refresh_endpoint
to beOptional
access_token_value
access_token_value
to be set inget_auth_header()
test_get_auth_header_without_refresh_token_and_without_refresh_token_endpoint
Summary by CodeRabbit
Summary by CodeRabbit
New Features
token_refresh_endpoint
is now an optional parameter in the OAuth authentication process, allowing for greater flexibility.access_token_value
to specify an access token directly, bypassing the token refresh process.session_token
field for alternative authentication methods.Bug Fixes
inject_into
andheader
.Tests
access_token_value
is provided without atoken_refresh_endpoint
or refresh token.