fix: error in get_session_from_url

supabase-community · Dec 3, 2021 · 5f65e47 · 5f65e47
1 parent 5360967
commit 5f65e47
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 12 deletions.
diff --git a/gotrue/_async/client.py b/gotrue/_async/client.py
@@ -376,7 +376,10 @@ async def set_auth(self, *, access_token: str) -> Session:
         return session
 
     async def get_session_from_url(
-        self, *, url: str, store_session: bool = False
+        self,
+        *,
+        url: str,
+        store_session: bool = False,
     ) -> Session:
         """Gets the session data from a URL string.
 
@@ -406,16 +409,16 @@ async def get_session_from_url(
         token_type = query.get("token_type")
         if error_description:
             raise APIError(error_description[0], 400)
-        if not access_token:
+        if not access_token or not access_token[0]:
             raise APIError("No access_token detected.", 400)
-        if not expires_in or expires_in[0]:
+        if not expires_in or not expires_in[0]:
             raise APIError("No expires_in detected.", 400)
-        if not refresh_token:
+        if not refresh_token or not refresh_token[0]:
             raise APIError("No refresh_token detected.", 400)
-        if not token_type:
+        if not token_type or not token_type[0]:
             raise APIError("No token_type detected.", 400)
         try:
-            expires_at = round(time.time()) + int(expires_in[0])
+            expires_at = round(time()) + int(expires_in[0])
         except ValueError:
             raise APIError("Invalid expires_in.", 400)
         response = await self.api.get_user(jwt=access_token[0])

diff --git a/gotrue/_sync/client.py b/gotrue/_sync/client.py
@@ -375,7 +375,12 @@ def set_auth(self, *, access_token: str) -> Session:
         self._save_session(session=session)
         return session
 
-    def get_session_from_url(self, *, url: str, store_session: bool = False) -> Session:
+    def get_session_from_url(
+        self,
+        *,
+        url: str,
+        store_session: bool = False,
+    ) -> Session:
         """Gets the session data from a URL string.
 
         Parameters
@@ -404,16 +409,16 @@ def get_session_from_url(self, *, url: str, store_session: bool = False) -> Sess
         token_type = query.get("token_type")
         if error_description:
             raise APIError(error_description[0], 400)
-        if not access_token:
+        if not access_token or not access_token[0]:
             raise APIError("No access_token detected.", 400)
-        if not expires_in or expires_in[0]:
+        if not expires_in or not expires_in[0]:
             raise APIError("No expires_in detected.", 400)
-        if not refresh_token:
+        if not refresh_token or not refresh_token[0]:
             raise APIError("No refresh_token detected.", 400)
-        if not token_type:
+        if not token_type or not token_type[0]:
             raise APIError("No token_type detected.", 400)
         try:
-            expires_at = round(time.time()) + int(expires_in[0])
+            expires_at = round(time()) + int(expires_in[0])
         except ValueError:
             raise APIError("Invalid expires_in.", 400)
         response = self.api.get_user(jwt=access_token[0])

diff --git a/tests/_async/test_client_with_auto_confirm_enabled.py b/tests/_async/test_client_with_auto_confirm_enabled.py
@@ -356,3 +356,22 @@ async def test_sign_in_with_magic_link(client: AsyncGoTrueClient):
         assert response is None
     except Exception as e:
         assert False, str(e)
+
+
+@pytest.mark.asyncio
+@pytest.mark.depends(on=[test_sign_up.__name__])
+async def test_get_session_from_url(client: AsyncGoTrueClient):
+    try:
+        assert access_token
+        dummy_url = (
+            "https://localhost"
+            f"?access_token={access_token}"
+            "&refresh_token=refresh_token"
+            "&token_type=bearer"
+            "&expires_in=3600"
+            "&type=recovery"
+        )
+        response = await client.get_session_from_url(url=dummy_url, store_session=True)
+        assert isinstance(response, Session)
+    except Exception as e:
+        assert False, str(e)
diff --git a/tests/_sync/test_client_with_auto_confirm_enabled.py b/tests/_sync/test_client_with_auto_confirm_enabled.py
@@ -350,3 +350,22 @@ def test_sign_in_with_magic_link(client: SyncGoTrueClient):
         assert response is None
     except Exception as e:
         assert False, str(e)
+
+
+@pytest.mark.asyncio
+@pytest.mark.depends(on=[test_sign_up.__name__])
+def test_get_session_from_url(client: SyncGoTrueClient):
+    try:
+        assert access_token
+        dummy_url = (
+            "https://localhost"
+            f"?access_token={access_token}"
+            "&refresh_token=refresh_token"
+            "&token_type=bearer"
+            "&expires_in=3600"
+            "&type=recovery"
+        )
+        response = client.get_session_from_url(url=dummy_url, store_session=True)
+        assert isinstance(response, Session)
+    except Exception as e:
+        assert False, str(e)