Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

expires_in appears to be a string when returned from the token server #1207

Closed
rfloydb opened this issue Jan 2, 2023 · 4 comments · Fixed by #1208
Closed

expires_in appears to be a string when returned from the token server #1207

rfloydb opened this issue Jan 2, 2023 · 4 comments · Fixed by #1208
Labels
priority: p2 Moderately-important priority. Fix may not be included in next release. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.

Comments

@rfloydb
Copy link

rfloydb commented Jan 2, 2023

When we reach this line of code, we get "TypeError: unsupported type for timedelta seconds component: str"

google-auth-library-python/google/oauth2/_client.py

Line 123 in 6c1297c

return _helpers.utcnow() + datetime.timedelta(seconds=expires_in)

It would appear that the response from the token server has expires_in as a string:

Request:

https://securetoken.googleapis.com/v1/token?key=AI... 
{
  'grant_type': 
  'refresh_token', 
  'client_id': '76...', 
  'client_secret': '...', 
  'refresh_token': 'AO...'
}

Response:

{
  'access_token': 'ey...', 
  **'expires_in': '3600'**, 
  'token_type': 'Bearer', 
  'refresh_token': 'AO...', 
  'id_token': 'ey...', 
  'user_id': 'Xs...', 
  'project_id': '23...'
}

Seems this code should expect a string and not an integer.
@clundin25
Copy link
Contributor

Thanks for the report @rfloydb ! We will investigate and report back

@clundin25 clundin25 added priority: p2 Moderately-important priority. Fix may not be included in next release. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns. labels Jan 3, 2023
@clundin25
Copy link
Contributor

clundin25 commented Jan 4, 2023
edited
Loading

Hi @rfloydb can you provide some more details on what you are trying to accomplish? And perhaps some details about this workflow?

@rfloydb
Copy link
Author

rfloydb commented Jan 4, 2023
edited
Loading

I am trying to refresh a token. Roughly this:

import firebase_admin

from firebase_admin import auth
from google.auth.transport.requests import Request
from google.oauth2.credentials import Credentials

firebase_admin.initialize_app()

(id_token, refresh_token) = tokens()
(client_id, client_secret) = client_id_and_secret()
creds = Credentials(
    id_token, 
    refresh_token, 
    client_id = client_id,
    client_secret = client_secret,
    token_uri = 'https://securetoken.googleapis.com/v1/token?key=AI...',
)

try:
    decoded_token = auth.verify_id_token(creds.id_token)
except firebase_admin.auth.ExpiredIdTokenError:
    try:
        r = Request()
        creds.refresh(r)

@clundin25 clundin25 mentioned this issue Jan 5, 2023
Merged
clundin25 added a commit to clundin25/google-auth-library-python that referenced this issue Jan 5, 2023
@clundin25
fix: Make OAUTH2.0 client resistant to string type 'expires_in' respo…
aefe876 
…nses from non-compliant services

This fixes googleapis#1207.
clundin25 added a commit to clundin25/google-auth-library-python that referenced this issue Jan 6, 2023
@clundin25
fix: Make OAUTH2.0 client resistant to string type 'expires_in' respo…
7a6a9d9 
…nses from non-compliant services

This fixes googleapis#1207.
clundin25 added a commit that referenced this issue Jan 6, 2023
@clundin25
fix: Make OAUTH2.0 client resistant to string type 'expires_in' respo…
9fc7b1c 
…nses from non-compliant services (#1208)

This fixes #1207.
@clundin25
Copy link
Contributor

@rfloydb This will be fixed in the next release. That should happen either today or early next week.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority: p2 Moderately-important priority. Fix may not be included in next release. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Projects
None yet
Milestone
No milestone
2 participants
@rfloydb @clundin25