fix: (DeclarativeOAuthFlow) - allow DeclarativeOauth2Authenticator to use access_token directly when no token_refresh_endpoint or refresh_token values are provided.

[bazarnov]

What

Resolving:

• https://github.com/airbytehq/airbyte-internal-issues/issues/11176

How

• make token_refresh_endpoint to be Optional
• add a new optional field to the model access_token_value
• make the access_token_value to be set in get_auth_header()
• covered the change with the unit_test test_get_auth_header_without_refresh_token_and_without_refresh_token_endpoint

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • token_refresh_endpoint is now an optional parameter in the OAuth authentication process, allowing for greater flexibility.
  • Introduced access_token_value to specify an access token directly, bypassing the token refresh process.
  • Added a new optional session_token field for alternative authentication methods.

• Tests

  • Added a new test for the behavior of the authentication header when an access_token_value is provided without a token_refresh_endpoint or refresh token.

[coderabbitai]

📝 Walkthrough

📝 Walkthrough

Walkthrough

The pull request introduces modifications to the OAuth authentication mechanism in the Airbyte CDK. The primary changes include making the token_refresh_endpoint optional, adding an access_token_value attribute, and updating related methods to handle these new configurations. These modifications enhance the flexibility of the OAuth authentication process by allowing more varied token management strategies.

Changes

File	Change Summary
airbyte_cdk/sources/declarative/auth/oauth.py	- Made token_refresh_endpoint optional - Added access_token_value attribute - Updated method signatures and initialization logic
airbyte_cdk/sources/declarative/declarative_component_schema.yaml	- Added access_token_value property to OAuth authenticator
airbyte_cdk/sources/declarative/models/declarative_component_schema.py	- Updated OAuthAuthenticator with optional token_refresh_endpoint - Added access_token_value field - Added session_token to SessionTokenAuthenticator
airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py	- Updated create_oauth_authenticator method to include access_token_value
airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py	- Modified get_token_refresh_endpoint to return Optional[str]
unit_tests/sources/declarative/auth/test_oauth.py	- Added new test method for authentication header generation

Possibly related PRs

• feat(low-code cdk): add config component resolver #149: Adds access_token_value field in configuration resolvers
• fix: (Low-Code) (DeclarativeOAuthFlow) - fix tooltip examples and labels representation to show values instead of full object #172: Updates OAuth configuration specifications

Suggested Labels

bug, enhancement

Suggested Reviewers

• chandlerprall
• bnchrch
• maxi297
• lmossman

Hey there! 👋 I noticed these changes look pretty neat. Wdyt about the new flexibility in token management? The sequence diagram might help visualize how the new access_token_value could be used. Would you like me to elaborate on any part of the changes? 🤔

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 63d4f42 and 028f0c1.

📒 Files selected for processing (2)

• airbyte_cdk/sources/declarative/auth/oauth.py (2 hunks)
• unit_tests/sources/declarative/auth/test_oauth.py (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• unit_tests/sources/declarative/auth/test_oauth.py
• airbyte_cdk/sources/declarative/auth/oauth.py

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (6)

airbyte_cdk/sources/declarative/auth/oauth.py (1)

99-101: Consider validating access_token_value.

What do you think about adding validation to ensure access_token_value isn't an empty string when provided? This could prevent potential auth header issues, wdyt?

 self._access_token: Optional[str] = (
-    self.access_token_value if self.access_token_value else None
+    self.access_token_value if self.access_token_value and self.access_token_value.strip() else None
 )

airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1)

57-66: Consider improving readability of the conditional logic.

The current condition is a bit complex. What do you think about making it more explicit with intermediate variables, wdyt?

+        has_refresh_endpoint = self.get_token_refresh_endpoint() is not None
+        has_refresh_token = self.get_refresh_token() is not None
+        should_use_existing_token = not has_refresh_endpoint or (not has_refresh_token and self.access_token)
         token = (
             self.access_token
-            if (
-                not self.get_token_refresh_endpoint()
-                or not self.get_refresh_token()
-                and self.access_token
-            )
+            if should_use_existing_token
             else self.get_access_token()
         )

unit_tests/sources/declarative/auth/test_oauth.py (1)

132-150: Consider adding more test cases for edge scenarios.

The current test covers the happy path well. What do you think about adding tests for:

1. Empty string access_token_value
2. None access_token_value
3. Interaction between access_token_value and refresh_token
4. Precedence when both token sources are available

This would help ensure robust behavior across all scenarios, wdyt?

airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py (2)

1803-1804: Consider addressing the type ignore comment more robustly

Instead of using a type ignore comment, would it make more sense to properly type the token_refresh_endpoint parameter? This could involve updating the type hints in the model or the authenticator class. wdyt?

---

1838-1838: LGTM! Consider parameter ordering

The addition of access_token_value looks good. Just wondering if we should group it closer to related authentication parameters like client_id and client_secret for better readability? wdyt?

airbyte_cdk/sources/declarative/models/declarative_component_schema.py (1)

504-509: LGTM! New access_token_value field looks good

The field is well-defined with clear description and examples. Would you consider adding a note in the description about the precedence between access_token_value and the token refresh mechanism? For example, clarifying if providing this value will completely bypass the refresh flow, wdyt?

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 57e1b52 and 63d4f42.

📒 Files selected for processing (6)

• airbyte_cdk/sources/declarative/auth/oauth.py (2 hunks)
• airbyte_cdk/sources/declarative/declarative_component_schema.yaml (1 hunks)
• airbyte_cdk/sources/declarative/models/declarative_component_schema.py (2 hunks)
• airbyte_cdk/sources/declarative/parsers/model_to_component_factory.py (2 hunks)
• airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (3 hunks)
• unit_tests/sources/declarative/auth/test_oauth.py (1 hunks)

🔇 Additional comments (5)

airbyte_cdk/sources/declarative/auth/oauth.py (2)

50-50: LGTM! The optional parameters enhance flexibility.

The changes allow for both dynamic token refresh and static token usage scenarios, which is a good improvement in flexibility.

Also applies to: 58-58

---

108-116: LGTM! Good error handling.

The None handling is implemented well, and the error message is clear and helpful.

airbyte_cdk/sources/streams/http/requests_native_auth/abstract_oauth.py (1)

210-210: LGTM! Consistent with implementation.

The return type change to Optional[str] aligns well with the implementation class.

airbyte_cdk/sources/declarative/declarative_component_schema.yaml (1)

1062-1067: LGTM! Well-documented schema addition

The new access_token_value property is well-defined with clear title, description, and helpful examples. The schema changes align perfectly with the implementation.

airbyte_cdk/sources/declarative/models/declarative_component_schema.py (1)

492-493: LGTM! Making token_refresh_endpoint optional

The change aligns perfectly with the PR objective to allow DeclarativeOauth2Authenticator to work without a token refresh endpoint.

[bnchrch]

TY!