Renew session token after AuthenticationFault for custom sg implementation

gpl-dash · September 2, 2021, 7:17pm

Hi all,

Somewhat complicated topic…

For some of our custom toolkit apps, we use a customized wrapper for shotgun_api3.Shotgun class that has been modified and made thread-safe.

We run into issues when our session/auth tokens expire, because our implementation is not used by the wrapper with re-authentication logic that Toolkit provides with this module:

github.com

shotgunsoftware/tk-core/blob/0ce16928799de00025889cc772459e8b2eb29520/python/tank/authentication/shotgun_wrapper.py#L28

    
      
          from tank_vendor.six.moves import http_client
          
          
from tank_vendor.shotgun_api3 import Shotgun, AuthenticationFault
          from tank_vendor.six.moves.xmlrpc_client import ProtocolError
          from . import interactive_authentication, session_cache
          from .. import LogManager
          
          
logger = LogManager.get_logger(__name__)
          
          

          
class ShotgunWrapper(Shotgun):
              """
              This class wraps the Shotgun instance that communicates with the Shotgun
              server. Every time a request is made to the server and we are authenticated
              as a session user, the call will be monitored for an AuthenticationFault.
              If it happens, the call will be interrupted by a prompt asking for the user's
              password to renew the session. Once the session is renewed, the call will be
              executed again.
              """
          
          
    def __init__(self, *args, **kwargs):

This and several other related modules have explicit warnings surrounding their use:

--------------------------------------------------------------------------------
NOTE! This module is part of the authentication library internals and should
not be called directly. Interfaces and implementation of this module may change
at any point.
--------------------------------------------------------------------------------

Is there perhaps a higher-level tank.authentication class that we could inherit from and extend to use our own ThreadSafeShotgun class when creating the Shotgun handle, so that we could take advantage of the re-authentication logic provided by the ShotgunWrapper?

Cheers,
-Dashiel

j0yu · September 6, 2021, 5:22pm

The only thing that comes to my mind is to fork tk-core and implement it there so all the apps/engines/frameworks will be able to pick it up… then submit a PR.

As far as I know, the authentication side is tied into the inner workings of tk-core and there isn’t a way to have a hook to extend/override behaviours that you wanted here