Fix failing Elixir AAI token refresh

kysrpex · web-flow · commit 4fd69435ef38 · 2024-07-24T10:31:03.000+02:00
Refreshing Elixir AAI tokens fails with error `An error occurred when refreshing user token: 401 Client Error: 401 for url: https://login.elixir-czech.org/oidc/token`. The source of the HTTP 401 error is a malformed request. social-auth-core is sending this sort of request (a few headers are omitted) ``` POST /oidc/token HTTP/1.1 Host: login.elixir-czech.org Accept: application/json Content-Type: application/x-www-form-urlencoded Content-Length: *** {"grant_type": "refresh_token", "refresh_token": "******", "client_id": "******", "client_secret": "******"} ``` and getting this sort of response (again some headers are omitted). ``` HTTP/1.1 401 401 Content-Type: application/json {"error":"invalid_client","error_description":"Bad client credentials"} ``` If the requests are modified so that they look like it is described in RFC6749 (https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1) ``` POST /oidc/token HTTP/1.1 Host: login.elixir-czech.org Accept: application/json Content-Type: application/x-www-form-urlencoded Content-Length: *** grant_type=refresh_token&refresh_token=******&client_id=******&client_secret=****** ``` then everything works smoothly.
diff --git a/social_core/backends/elixir.py b/social_core/backends/elixir.py
@@ -32,3 +32,14 @@ def get_user_details(self, response):
             "first_name": first_name,
             "last_name": last_name,
         }
+
+    def refresh_token(self, token, *args, **kwargs):
+        params = "&".join(
+            f"{param}={value}"
+            for param, value in self.refresh_token_params(token, *args, **kwargs).items()
+        )
+	    url = self.refresh_token_url()
+        method = self.REFRESH_TOKEN_METHOD
+        key = "params" if method == "GET" else "data"
+        request_args = {"headers": self.auth_headers(), "method": method, key: params}
+        return self.process_refresh_token_response(request, *args, **kwargs)
