-
Notifications
You must be signed in to change notification settings - Fork 305
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support refresh callable on google.oauth2.credentials.Credentials #812
feat: support refresh callable on google.oauth2.credentials.Credentials #812
Conversation
…redentials This is an optional parameter that can be set via the constructor. It is used to provide the credentials with new tokens and their expiration time on `refresh()` call. ``` def refresh_handler(request, scopes): # Generate a new token for the requested scopes by calling # an external process. return ( "ACCESS_TOKEN", _helpers.utcnow() + datetime.timedelta(seconds=3600)) creds = google.oauth2.credentials.Credentials( scopes=scopes, refresh_handler=refresh_handler) creds.refresh(request) ``` It is useful in the following cases: - Useful in general when tokens are obtained by calling some external process on demand. - Useful in particular for retrieving downscoped tokens from a token broker. This should have no impact on existing behavior. Refresh tokens will still have higher priority over refresh handlers. A getter and setter is exposed to make it easy to set the callable on unpickled credentials as the callable cannot be easily serialized. ``` unpickled = pickle.loads(pickle.dumps(oauth_creds)) unpickled.refresh_handler = refresh_handler ```
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Your changes for my comments LGTM. I don't really know the flow being used, so I'll hold off on a final "approve" until those who do can chime in.
Thanks @tseaver for the review. @arithmetic1728 has reviewed the design doc. He should be able to review too. |
This is an optional parameter that can be set via the constructor.
It is used to provide the credentials with new tokens and their
expiration time on
refresh()
call.It is useful in the following cases:
external process on demand.
token broker.
This should have no impact on existing behavior. Refresh tokens
will still have higher priority over refresh handlers.
A getter and setter is exposed to make it easy to set the callable
on unpickled credentials as the callable cannot be easily serialized.