feat(auth): add handling for oauth token clock skew time (#63)

This PR updates the `is_token_expired` utility method to minimize the impact of clock skew between client and server during OAuth token validation. Honors provided a clock skew buffer. Accounts for round-trip time for a more accurate expiry calculation. Improves token validation reliability.

closes #62

Author: sufyankhanrao

apimatic_core/utilities/auth_helper.py

@@ -21,13 +21,15 @@ def get_current_utc_timestamp():
         return calendar.timegm(datetime.now().utctimetuple())
 
     @staticmethod
-    def is_token_expired(token_expiry):
+    def is_token_expired(token_expiry, clock_skew_time=None):
         """ Checks if OAuth token has expired.
 
         Returns:
             bool: True if token has expired, False otherwise.
 
         """
+        if clock_skew_time is not None and token_expiry is not None:
+            token_expiry -= clock_skew_time
         utc_now = AuthHelper.get_current_utc_timestamp()
         return token_expiry is not None and token_expiry < utc_now
 

setup.py

@@ -12,7 +12,7 @@
 
 setup(
     name='apimatic-core',
-    version='0.2.12',
+    version='0.2.13',
     description='A library that contains core logic and utilities for '
                 'consuming REST APIs using Python SDKs generated by APIMatic.',
     long_description=long_description,

tests/apimatic_core/utility_tests/test_auth_helper.py

@@ -34,6 +34,23 @@ def test_token_is_expired(self):
         expected_token_expired = True
         assert actual_token_expired == expected_token_expired
 
+    def test_token_is_expired_with_clock_skew(self):
+        past_timestamp = AuthHelper.get_current_utc_timestamp() + 5
+        actual_token_expired = AuthHelper.is_token_expired(past_timestamp, 10)
+        expected_token_expired = True
+        assert actual_token_expired == expected_token_expired
+
+    def test_token_is_not_expired_with_clock_skew(self):
+        past_timestamp = AuthHelper.get_current_utc_timestamp() + 5
+        actual_token_expired = AuthHelper.is_token_expired(past_timestamp, 3)
+        expected_token_expired = False
+        assert actual_token_expired == expected_token_expired
+
+        past_timestamp = AuthHelper.get_current_utc_timestamp() + 5
+        actual_token_expired = AuthHelper.is_token_expired(past_timestamp, 5)
+        expected_token_expired = False
+        assert actual_token_expired == expected_token_expired
+
     def test_token_is_not_expired(self):
         past_timestamp = AuthHelper.get_current_utc_timestamp() + 5
         actual_token_expired = AuthHelper.is_token_expired(past_timestamp)