From 0921c8a1fc356d999182d45540cf760baf1c2500 Mon Sep 17 00:00:00 2001
From: Santiago Romero <santiago@gourmetgrowth.com>
Date: Tue, 27 Oct 2020 15:41:18 -0300
Subject: [PATCH] allow id_token to be optional for OAuth2Token.update_token,
 since it's not omitted when the "openid" scope is not used

Signed-off-by: Santiago Romero <santiago@gourmetgrowth.com>
---
 tests/conftest.py                    | 17 +++++++++++++++++
 tests/test_api_client/test_oauth2.py | 16 ++++++++++++++++
 xero_python/api_client/oauth2.py     |  4 ++--
 3 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/tests/conftest.py b/tests/conftest.py
index 7c0a4eb4..049d4057 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -127,6 +127,23 @@ def oauth2_token(
         "token_type": "Bearer",
     }
 
+@pytest.fixture()
+def oauth2_token_without_id_token(
+    xero_access_token,
+    xero_refresh_token,
+    xero_scope,
+    xero_expires_in,
+    xero_expires_at,
+):
+    return {
+        "access_token": xero_access_token,
+        "expires_at": xero_expires_at,
+        "expires_in": xero_expires_in,
+        "refresh_token": xero_refresh_token,
+        "scope": xero_scope,
+        "token_type": "Bearer",
+    }
+
 
 @pytest.fixture()
 def oauth2_refresh_token(oauth2_token, xero_refresh_token):
diff --git a/tests/test_api_client/test_oauth2.py b/tests/test_api_client/test_oauth2.py
index 4bcd0c7e..490af0c6 100644
--- a/tests/test_api_client/test_oauth2.py
+++ b/tests/test_api_client/test_oauth2.py
@@ -205,6 +205,22 @@ def test_auth2_call_refresh_token_api(oauth2_refresh_token):
     assert call_kwargs == {}
     assert new_token is token
 
+def test_auth2_call_refresh_token_api_without_id_token(oauth2_token_without_id_token):
+    # Given valid refresh token and client credentials without using OpenID scope (id_token absent)
+    oauth2_token = OAuth2Token()
+    oauth2_token.update_token(**oauth2_token_without_id_token)
+    token = {}
+    token_api = FakeClass()
+    token_api.refresh_token = FakeMethod(return_value=token)
+    # When refresh token API endpoint called
+    new_token = oauth2_token.call_refresh_token_api(token_api)
+    # Then new oauth2 token received
+    assert len(token_api.refresh_token.calls) == 1
+    call_args, call_kwargs = token_api.refresh_token.calls[0]
+    assert call_args == (oauth2_token.refresh_token, oauth2_token.scope)
+    assert call_kwargs == {}
+    assert new_token is token
+
 
 def test_token_api_refresh_token(
     xero_client_id, xero_client_secret, xero_scope, vcr, vcr_cassette_name
diff --git a/xero_python/api_client/oauth2.py b/xero_python/api_client/oauth2.py
index fbb76d29..ed614145 100644
--- a/xero_python/api_client/oauth2.py
+++ b/xero_python/api_client/oauth2.py
@@ -179,7 +179,7 @@ def update_token(
         expires_at,
         expires_in,
         token_type,
-        id_token,
+        id_token=None,
     ):
         """
         Set new auth2 token details
@@ -189,7 +189,7 @@ def update_token(
         :param expires_at: float timestamp
         :param expires_in: number
         :param token_type: str
-        :param id_token: str
+        :param id_token: str (optional)
         """
         self.access_token = access_token
         self.expires_at = expires_at