fix: When token cache is invalid, don't raise TypeError (#1384)

Co-authored-by: Håkon V. Treider <[email protected]>
cognitedata · Oct 2, 2023 · f8d37b4 · f8d37b4
1 parent 9b3a2ed
commit f8d37b4
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 9 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,11 @@ Changes are grouped as follows
 - `Fixed` for any bug fixes.
 - `Security` in case of vulnerabilities.
 
+## [6.28.2] - 2023-10-02
+### Fixed
+- When cache lookup did not yield a token for `CredentialProvider`s like `OAuthDeviceCode` or `OAuthInteractive`, a
+  `TypeError` could be raised instead of initiating their authentication flow.
+
 ## [6.28.1] - 2023-09-30
 ### Improved
 - Warning when using alpha/beta features.
@@ -27,7 +32,7 @@ Changes are grouped as follows
 
 ## [6.27.0] - 2023-09-13
 ### Changed
-- Reduce concurrency in data modeling client to 1 
+- Reduce concurrency in data modeling client to 1
 
 ## [6.26.0] - 2023-09-22
 ### Added

diff --git a/cognite/client/_version.py b/cognite/client/_version.py
@@ -1,4 +1,4 @@
 from __future__ import annotations
 
-__version__ = "6.28.1"
+__version__ = "6.28.2"
 __api_subversion__ = "V20220125"
diff --git a/cognite/client/credentials.py b/cognite/client/credentials.py
@@ -207,11 +207,15 @@ def scopes(self) -> list[str]:
         return self.__scopes
 
     def _refresh_access_token(self) -> tuple[str, float]:
-        # First check if there is a serialized token cached on disk.
+        # First check if a token cache exists on disk. If yes, find and use:
+        # - A valid access token.
+        # - A valid refresh token, and if so, use it automatically to redeem a new access token.
+        credentials = None
         if accounts := self.__app.get_accounts():
             credentials = self.__app.acquire_token_silent(scopes=self.__scopes, account=accounts[0])
-        # If not, we acquire a new token using device code auth flow:
-        else:
+
+        # If we're unable to find (or acquire a new) access token, we initiate the device code auth flow:
+        if credentials is None:
             device_flow = self.__app.initiate_device_flow(scopes=self.__scopes)
             # print device code user instructions to screen
             print(f"Device code: {device_flow['message']}")  # noqa: T201
@@ -286,11 +290,15 @@ def scopes(self) -> list[str]:
         return self.__scopes
 
     def _refresh_access_token(self) -> tuple[str, float]:
-        # First check if there is a serialized token cached on disk.
+        # First check if a token cache exists on disk. If yes, find and use:
+        # - A valid access token.
+        # - A valid refresh token, and if so, use it automatically to redeem a new access token.
+        credentials = None
         if accounts := self.__app.get_accounts():
             credentials = self.__app.acquire_token_silent(scopes=self.__scopes, account=accounts[0])
-        # If not, we acquire a new token interactively
-        else:
+
+        # If we're unable to find (or acquire a new) access token, we initiate the interactive auth flow:
+        if credentials is None:
             credentials = self.__app.acquire_token_interactive(scopes=self.__scopes, port=self.__redirect_port)
 
         self._verify_credentials(credentials)

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,7 +1,7 @@
 [tool.poetry]
 name = "cognite-sdk"
 
-version = "6.28.1"
+version = "6.28.2"
 description = "Cognite Python SDK"
 readme = "README.md"
 documentation = "https://cognite-sdk-python.readthedocs-hosted.com"