diff --git a/google/auth/external_account_authorized_user.py b/google/auth/external_account_authorized_user.py index 2594e048f..b631c1894 100644 --- a/google/auth/external_account_authorized_user.py +++ b/google/auth/external_account_authorized_user.py @@ -343,7 +343,7 @@ def revoke(self, request): request, self._refresh_token_val, "refresh_token", self._revoke_url ) self.token = None - self._refresh_token = None + self._refresh_token_val = None @_helpers.copy_docstring(credentials.Credentials) def get_cred_info(self): diff --git a/google/oauth2/_credentials_async.py b/google/oauth2/_credentials_async.py index b5561aae0..54b5e16fc 100644 --- a/google/oauth2/_credentials_async.py +++ b/google/oauth2/_credentials_async.py @@ -50,7 +50,7 @@ class Credentials(oauth2_credentials.Credentials): @_helpers.copy_docstring(credentials.Credentials) async def refresh(self, request): if ( - self._refresh_token is None + self._refresh_token_val is None or self._token_uri is None or self._client_id is None or self._client_secret is None @@ -70,7 +70,7 @@ async def refresh(self, request): ) = await reauth.refresh_grant( request, self._token_uri, - self._refresh_token, + self._refresh_token_val, self._client_id, self._client_secret, scopes=self._scopes, @@ -80,7 +80,7 @@ async def refresh(self, request): self.token = access_token self.expiry = expiry - self._refresh_token = refresh_token + self._refresh_token_val = refresh_token self._id_token = grant_response.get("id_token") self._rapt_token = rapt_token diff --git a/google/oauth2/credentials.py b/google/oauth2/credentials.py index 6e158089f..c29b6f87c 100644 --- a/google/oauth2/credentials.py +++ b/google/oauth2/credentials.py @@ -139,7 +139,7 @@ def __init__( super(Credentials, self).__init__() self.token = token self.expiry = expiry - self._refresh_token = refresh_token + self._refresh_token_val = refresh_token self._id_token = id_token self._scopes = scopes self._default_scopes = default_scopes @@ -178,7 +178,7 @@ def __setstate__(self, d): all the attributes.""" self.token = d.get("token") self.expiry = d.get("expiry") - self._refresh_token = d.get("_refresh_token") + self._refresh_token_val = d.get("_refresh_token_val") self._id_token = d.get("_id_token") self._scopes = d.get("_scopes") self._default_scopes = d.get("_default_scopes") @@ -203,7 +203,7 @@ def __setstate__(self, d): @property def refresh_token(self): """Optional[str]: The OAuth 2.0 refresh token.""" - return self._refresh_token + return self._refresh_token_val @property def scopes(self): @@ -350,6 +350,9 @@ def with_universe_domain(self, universe_domain): def _metric_header_for_usage(self): return metrics.CRED_TYPE_USER + def _refresh_token(self, request): + return self.refresh(request) + @_helpers.copy_docstring(credentials.Credentials) def refresh(self, request): if self._universe_domain != credentials.DEFAULT_UNIVERSE_DOMAIN: @@ -368,7 +371,7 @@ def refresh(self, request): # available. This is useful in general when tokens are obtained by calling # some external process on demand. It is particularly useful for retrieving # downscoped tokens from a token broker. - if self._refresh_token is None and self.refresh_handler: + if self._refresh_token_val is None and self.refresh_handler: token, expiry = self.refresh_handler(request, scopes=scopes) # Validate returned data. if not isinstance(token, str): @@ -389,7 +392,7 @@ def refresh(self, request): return if ( - self._refresh_token is None + self._refresh_token_val is None or self._token_uri is None or self._client_id is None or self._client_secret is None @@ -409,7 +412,7 @@ def refresh(self, request): ) = reauth.refresh_grant( request, self._token_uri, - self._refresh_token, + self._refresh_token_val, self._client_id, self._client_secret, scopes=scopes, @@ -419,7 +422,7 @@ def refresh(self, request): self.token = access_token self.expiry = expiry - self._refresh_token = refresh_token + self._refresh_token_val = refresh_token self._id_token = grant_response.get("id_token") self._rapt_token = rapt_token diff --git a/tests/test__oauth2client.py b/tests/test__oauth2client.py index 2d4a809bb..ac6164bdc 100644 --- a/tests/test__oauth2client.py +++ b/tests/test__oauth2client.py @@ -52,7 +52,7 @@ def test__convert_oauth2_credentials(): new_credentials = _oauth2client._convert_oauth2_credentials(old_credentials) assert new_credentials.token == old_credentials.access_token - assert new_credentials._refresh_token == old_credentials.refresh_token + assert new_credentials._refresh_token_val == old_credentials.refresh_token assert new_credentials._client_id == old_credentials.client_id assert new_credentials._client_secret == old_credentials.client_secret assert new_credentials._token_uri == old_credentials.token_uri diff --git a/tests/test_external_account_authorized_user.py b/tests/test_external_account_authorized_user.py index 0a54af56d..53114d8ac 100644 --- a/tests/test_external_account_authorized_user.py +++ b/tests/test_external_account_authorized_user.py @@ -367,7 +367,7 @@ def test_revoke_auth_success(self): ), ) assert creds.token is None - assert creds._refresh_token is None + assert creds._refresh_token_val is None def test_revoke_without_revoke_url(self): request = self.make_mock_request()