feat: Refresh app tokens #201
Conversation
|
Thanks @sicarul for your PR. I'll have a look and test it. In the meantime, could you make sure mypy and other tests are passing? |
|
I've fixed the mypy error, it seems it doesn't like me defining the type of the variable on init for some reason |
|
Kudos, SonarCloud Quality Gate passed!
|
| # Update last refresh timestamp | ||
| self.last_private_key_token_refresh = datetime.now() | ||
|
|
||
| return TokenRateLimit(app_token, rate_limit_buffer) |
There was a problem hiding this comment.
This is a change in behavior as it returns only this token now.
There was a problem hiding this comment.
refresh_app_token is a new function i created, can you explain how is this a change in behavior? Maybe it's confusing because of how the diff got the change?
prepare_tokens still returns all tokens as it did, it just doesn't do the private key part anymore, which is now handled by this function when all other tokens are used up.
if self.active_token is None:
self.active_token = self.refresh_app_token()
There was a problem hiding this comment.
Indeed! I think the fact that this token is now handled outside of "prepare_tokens" is a bit confusing.
There was a problem hiding this comment.
Thanks @sicarul for opening this PR and sorry it took so long to get back to you.
The logic looks great overall. However, I think it would make more sense to add the new timestamp check within TokenRateLimit or something along these lines. This way, you will be able to keep running the tap with multiple token types if needed and leverage the existing calls to "is_valid" and other rate-limiting checks.
Let me know what you think!
|
Hey @ericboucher i don't understand how would the timestamp check work in that class, it does not handle any kind of token refresh and it's used for all types of tokens, by putting the logic there it seems i would be generating a spaghetti of code to me, but maybe i'm just not understanding how do you want me to change this. |
|
@sicarul I was thinking that you could either augment the TokenRateLimit class, or use it as a subclass of a new
I believe this would make the code a bit cleaner and keep the token logic in one place. If you prefer your current approach, make sure to add sufficient comments in the code to guide users/readers and make it clear how things are split between normal tokens and app tokens |
|
If I may chime in, I did find it a bit difficult to follow the overall logic (some high level comments would help a lot). Am I getting this right?
If the above is correct:
|
|
Got it, i'm going on a vacation tomorrow until July but when i come back i can check this feedback and apply it to get a better version out if it's fine with you all! @laurentS sorry if it's not clear, but this version will still use both types of tokens as i implemented it. |
|
Closing since this is being fixed in the new PR: #289 |
When running long initial syncs using Github app private keys, the tokens expire in 1 hour, which makes the process fail after this timespan. This PR separates the app tokens into a new function
refresh_app_tokenthat can get called again inget_next_auth_token, i've tested it for my use case and it no longer fails after 1 hour.