From 5ff3ebf09f13a98e49b0547685b82712a444152c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Santiago=20Due=C3=B1as?= <sduenas@bitergia.com>
Date: Tue, 23 Sep 2025 17:14:53 +0200
Subject: [PATCH] Fix OAuth token expiration

There was a bug making that the expiration time
for a token was set to null. The token was not
correctly initialized preventing the refresh of
that token
---
 releases/unreleased/handle-of-oauth.yml      | 10 ++++++++
 sortinghat/core/importer/backends/eclipse.py | 25 ++++++++++----------
 2 files changed, 23 insertions(+), 12 deletions(-)
 create mode 100644 releases/unreleased/handle-of-oauth.yml

diff --git a/releases/unreleased/handle-of-oauth.yml b/releases/unreleased/handle-of-oauth.yml
new file mode 100644
index 0000000..121fcb5
--- /dev/null
+++ b/releases/unreleased/handle-of-oauth.yml
@@ -0,0 +1,10 @@
+---
+title: Handle of OAuth expired token
+category: fixed
+author: Santiago Dueñas <sduenas@bitergia.com>
+issue: null
+notes: >
+  There was a bug making that the expiration time
+  for a token was set to null. The token was not
+  correctly initialized preventing the refresh of
+  that token.
diff --git a/sortinghat/core/importer/backends/eclipse.py b/sortinghat/core/importer/backends/eclipse.py
index 49130d2..7b7770a 100644
--- a/sortinghat/core/importer/backends/eclipse.py
+++ b/sortinghat/core/importer/backends/eclipse.py
@@ -23,10 +23,8 @@
 from django.conf import settings
 from django.db.models import (Q, Subquery)
 
-from requests_oauth2client import (
-    BearerToken,
-    OAuth2Client
-)
+from requests_oauth2client import OAuth2Client
+from requests_oauth2client.tokens import ExpiredAccessToken
 
 from grimoirelab_toolkit.datetime import (
     str_to_datetime,
@@ -165,6 +163,8 @@ def get_individuals(self):
                     enr = Enrollment(org)
                     individual.enrollments.append(enr)
 
+            logger.info(f"Eclipse account processed; account={account['name']}; changed={account['changed']}")
+
             yield individual
 
     def post_process_individual(self, individual, uuid):
@@ -314,18 +314,19 @@ def _fetch_retry(self, url, params=None):
         max_retries = self.MAX_RETRIES
 
         while retries < max_retries:
-            response = requests.get(url, params=params, auth=self.token)
+            try:
+                response = requests.get(url, params=params, auth=self.token)
+            except ExpiredAccessToken:
+                # Refresh token and try again
+                self.login(self.user_id, self.password)
+                retries += 1
+                continue
 
             if response.status_code == 200:
                 return response.json()
             elif response.status_code == 403:
-                # Refresh token if needed and try again
                 if self.token.expires_at <= datetime_utcnow():
-                    self.token = self._authenticate(
-                        self.user_id,
-                        self.password,
-                        self.ECLIPSE_SCOPE,
-                    )
+                    self.login(self.user_id, self.password)
                 retries += 1
             elif 500 <= response.status_code < 600:
                 # Errors could have been related to server overloading
@@ -351,4 +352,4 @@ def _authenticate(self, client_id, client_secret, scope):
         )
         token = oauth2client.client_credentials(scope=scope)
 
-        return BearerToken(token)
+        return token