fix: disable unsupported attributes in the new token manager class

pyrooka · pyrooka · commit 872c678562e5 · 2024-10-09T18:43:43.000+02:00
Signed-off-by: Norbert Biczo &lt;pyrooka@users.noreply.github.com&gt;
diff --git a/ibm_cloud_sdk_core/authenticators/iam_assume_authenticator.py b/ibm_cloud_sdk_core/authenticators/iam_assume_authenticator.py
@@ -106,7 +106,7 @@ def __init__(
     def __getattribute__(self, name: str) -> Any:
         disallowed_attrs = ['set_scope', 'set_client_id_and_secret']
         if name in disallowed_attrs:
-            raise AttributeError(f"'IAMAssumeAuthenticator' has no attribute '{name}'")
+            raise AttributeError(f"'{self.__class__.__name__}' has no attribute '{name}'")
 
         return super().__getattribute__(name)
 
diff --git a/ibm_cloud_sdk_core/token_managers/iam_assume_token_manager.py b/ibm_cloud_sdk_core/token_managers/iam_assume_token_manager.py
@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from typing import Dict, Optional
+from typing import Any, Dict, Optional
 
 from ibm_cloud_sdk_core.token_managers.iam_token_manager import IAMTokenManager
 
@@ -114,6 +114,14 @@ def __init__(
         self.request_payload['grant_type'] = 'urn:ibm:params:oauth:grant-type:assume'
         self._set_user_agent(_build_user_agent('iam-assume-authenticator'))
 
+    # Remove unsupported attributes, inherited from the parent class.
+    def __getattribute__(self, name: str) -> Any:
+        disallowed_attrs = ['refresh_token', 'client_id', 'client_secret']
+        if name in disallowed_attrs:
+            raise AttributeError(f"'{self.__class__.__name__}' has no attribute '{name}'")
+
+        return super().__getattribute__(name)
+
     def request_token(self) -> Dict:
         """Retrieves a standard IAM access token by using the IAM token manager
         then obtains another access token for the assumed identity.
diff --git a/test/test_iam_assume_token_manager.py b/test/test_iam_assume_token_manager.py
@@ -21,6 +21,7 @@
 import urllib
 
 import jwt
+import pytest
 import responses
 
 from ibm_cloud_sdk_core import IAMAssumeTokenManager
@@ -190,3 +191,8 @@ def test_get_token():
 
     # The final result should be the other access token, which belong to the "assume" request.
     assert access_token == OTHER_ACCESS_TOKEN
+
+    # Make sure `refresh_token` is not accessible.
+    with pytest.raises(AttributeError) as err:
+        assert token_manager.refresh_token == "not_available"
+    assert str(err.value) == "'IAMAssumeTokenManager' has no attribute 'refresh_token'"
