From 9db69af0e547450c7f7e2c3ac1ecf587c99cb440 Mon Sep 17 00:00:00 2001
From: Enol Fernandez <enol.fernandez@egi.eu>
Date: Mon, 8 Jan 2024 12:32:28 +0000
Subject: [PATCH] Do not try to refresh non Check-in users

---
 egi_notebooks_hub/egiauthenticator.py | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/egi_notebooks_hub/egiauthenticator.py b/egi_notebooks_hub/egiauthenticator.py
index 418c6d0..0c8eb96 100644
--- a/egi_notebooks_hub/egiauthenticator.py
+++ b/egi_notebooks_hub/egiauthenticator.py
@@ -120,9 +120,16 @@ async def authenticate(self, handler, data=None):
     # Refresh auth data for user
     async def refresh_user(self, user, handler=None):
         auth_state = await user.get_auth_state()
-        if not auth_state or "refresh_token" not in auth_state:
-            self.log.warning("Cannot refresh user info without refresh token")
-            return False
+        if not auth_state:
+            self.log.debug("No auth state, assuming user is not managed with Check-in")
+            return True
+
+        access_token = auth_state.get('access_token', None)
+        refresh_token = auth_state.get('refresh_token', None)
+
+        if not access_token:
+            self.log.debug("No access token, assuming user is not managed with Check-in")
+            return True
 
         now = time.time()
         refresh_info = auth_state.get("refresh_info", {})
@@ -132,6 +139,10 @@ async def refresh_user(self, user, handler=None):
             self.log.debug("Credentials still valid, time left: %f", time_left)
             return True
 
+        if not refresh_token:
+            self.log.debug("No refresh token, cannot refresh user")
+            return False
+
         # performing the refresh token call
         self.log.debug("Perform refresh call to Check-in")
         http_client = AsyncHTTPClient()
@@ -144,7 +155,7 @@ async def refresh_user(self, user, handler=None):
                 client_id=self.client_id,
                 client_secret=self.client_secret,
                 grant_type="refresh_token",
-                refresh_token=auth_state["refresh_token"],
+                refresh_token=refresh_token,
                 scope=" ".join(self.scope),
             )
         )