Don't accept 403 challenges by default for auth challenges.
Fixes issue #230.
Reviewed in https://codereview.appspot.com/7039053/.
diff --git a/oauth2client/client.py b/oauth2client/client.py
index 301d1ed..82db057 100644
--- a/oauth2client/client.py
+++ b/oauth2client/client.py
@@ -57,6 +57,9 @@
# Constant to use for the out of band OAuth 2.0 flow.
OOB_CALLBACK_URN = 'urn:ietf:wg:oauth:2.0:oob'
+# Google Data client libraries may need to set this to [401, 403].
+REFRESH_STATUS_CODES = [401]
+
class Error(Exception):
"""Base error for this module."""
@@ -444,8 +447,7 @@
resp, content = request_orig(uri, method, body, clean_headers(headers),
redirections, connection_type)
- # Older API (GData) respond with 403
- if resp.status in [401, 403]:
+ if resp.status in REFRESH_STATUS_CODES:
logger.info('Refreshing due to a %s' % str(resp.status))
self._refresh(request_orig)
self.apply(headers)
diff --git a/tests/test_oauth2client.py b/tests/test_oauth2client.py
index 2de87a1..37e69ea 100644
--- a/tests/test_oauth2client.py
+++ b/tests/test_oauth2client.py
@@ -37,7 +37,6 @@
from apiclient.http import HttpMock
from apiclient.http import HttpMockSequence
from oauth2client.anyjson import simplejson
-from oauth2client.clientsecrets import _loadfile
from oauth2client.client import AccessTokenCredentials
from oauth2client.client import AccessTokenCredentialsError
from oauth2client.client import AccessTokenRefreshError
@@ -49,11 +48,13 @@
from oauth2client.client import OAuth2Credentials
from oauth2client.client import OAuth2WebServerFlow
from oauth2client.client import OOB_CALLBACK_URN
+from oauth2client.client import REFRESH_STATUS_CODES
from oauth2client.client import VerifyJwtTokenError
from oauth2client.client import _extract_id_token
from oauth2client.client import credentials_from_clientsecrets_and_code
from oauth2client.client import credentials_from_code
from oauth2client.client import flow_from_clientsecrets
+from oauth2client.clientsecrets import _loadfile
DATA_DIR = os.path.join(os.path.dirname(__file__), 'data')
@@ -104,8 +105,7 @@
user_agent)
def test_token_refresh_success(self):
- # Older API (GData) respond with 403
- for status_code in ['401', '403']:
+ for status_code in REFRESH_STATUS_CODES:
http = HttpMockSequence([
({'status': status_code}, ''),
({'status': '200'}, '{"access_token":"1/3w","expires_in":3600}'),
@@ -117,8 +117,7 @@
self.assertFalse(self.credentials.access_token_expired)
def test_token_refresh_failure(self):
- # Older API (GData) respond with 403
- for status_code in ['401', '403']:
+ for status_code in REFRESH_STATUS_CODES:
http = HttpMockSequence([
({'status': status_code}, ''),
({'status': '400'}, '{"error":"access_denied"}'),
@@ -186,8 +185,7 @@
self.credentials = AccessTokenCredentials(access_token, user_agent)
def test_token_refresh_success(self):
- # Older API (GData) respond with 403
- for status_code in ['401', '403']:
+ for status_code in REFRESH_STATUS_CODES:
http = HttpMockSequence([
({'status': status_code}, ''),
])