The refresh_token grant type requires the previous access token in th…

…e request.

edx_rest_api_client/__version__.py

@@ -1 +1 @@
-__version__ = '1.9'
+__version__ = '1.9.1'

edx_rest_api_client/client.py

@@ -37,28 +37,37 @@ def user_agent():
 USER_AGENT = user_agent()
 
 
-def get_oauth_access_token(url, client_id, client_secret, token_type='jwt', grant_type='client_credentials'):
-    """ Retrieves OAuth 2.0 access token using the client credentials grant.
+def get_oauth_access_token(url, client_id, client_secret, token_type='jwt', grant_type='client_credentials',
+                           refresh_token=None):
+    """ Retrieves OAuth 2.0 access token using the given grant type.
 
     Args:
         url (str): Oauth2 access token endpoint
         client_id (str): client ID
         client_secret (str): client secret
+    Kwargs:
         token_type (str): Type of token to return. Options include bearer and jwt.
+        grant_type (str): One of 'client_credentials' or 'refresh_token'
+        refresh_token (str): The previous access token (for grant_type=refresh_token)
 
     Returns:
         tuple: Tuple containing access token string and expiration datetime.
     """
     now = datetime.datetime.utcnow()
+    data = {
+        'grant_type': grant_type,
+        'client_id': client_id,
+        'client_secret': client_secret,
+        'token_type': token_type,
+    }
+    if refresh_token:
+        data['refresh_token'] = refresh_token
+    else:
+        assert grant_type != 'refresh_token', "refresh_token parameter required"
 
     response = requests.post(
         url,
-        data={
-            'grant_type': grant_type,
-            'client_id': client_id,
-            'client_secret': client_secret,
-            'token_type': token_type,
-        },
+        data=data,
         headers={
             'User-Agent': USER_AGENT,
         },
@@ -109,7 +118,8 @@ def _check_auth(self):
                 url,
                 self._client_id,
                 self._client_secret,
-                grant_type=grant_type)
+                grant_type=grant_type,
+                refresh_token=self.auth.token)
 
     def request(self, method, url, **kwargs):  # pylint: disable=arguments-differ
         """

edx_rest_api_client/tests/test_client.py

@@ -12,7 +12,7 @@
 
 from edx_rest_api_client import __version__
 from edx_rest_api_client.auth import JwtAuth
-from edx_rest_api_client.client import EdxRestApiClient, OAuthAPIClient, user_agent
+from edx_rest_api_client.client import EdxRestApiClient, OAuthAPIClient, get_oauth_access_token, user_agent
 from edx_rest_api_client.tests.mixins import AuthenticationTestMixin
 
 URL = 'http://example.com/api/v2'
@@ -131,6 +131,11 @@ def test_get_client_credential_access_token_failure(self, code, body):
             self._mock_auth_api(URL, code, body=body)
             EdxRestApiClient.get_oauth_access_token(URL, "client_id", "client_secret")
 
+    def test_refresh_token_required(self):
+        self._mock_auth_api(URL, 200, body=None)
+        with self.assertRaises(AssertionError):
+            get_oauth_access_token(URL, 'client_id', 'client_secret', grant_type='refresh_token')
+
 
 class OAuthAPIClientTests(AuthenticationTestMixin, TestCase):
     """
@@ -162,7 +167,7 @@ def auth_callback(request):
             resp = {'expires_in': 60}
             if 'grant_type=client_credentials' in request.body:
                 resp['access_token'] = 'cred'
-            elif 'grant_type=refresh_token' in request.body:
+            elif 'grant_type=refresh_token' in request.body and 'refresh_token=cred' in request.body:
                 resp['access_token'] = 'refresh'
             return (200, {}, json.dumps(resp))