usso 0.27.0__tar.gz → 0.27.2__tar.gz

{usso-0.27.0/src/usso.egg-info → usso-0.27.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.27.0
+Version: 0.27.2
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>

{usso-0.27.0 → usso-0.27.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "usso"
-version = "0.27.0"
+version = "0.27.2"
 description = "A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices."
 readme = "README.md"
 requires-python = ">=3.9"

usso-0.27.2/src/usso/client/__init__.py

@@ -0,0 +1,4 @@
+from .api import UssoAPI
+from .async_api import AsyncUssoAPI
+
+__all__ = ["UssoAPI", "AsyncUssoAPI"]

{usso-0.27.0/src/usso → usso-0.27.2/src/usso/client}/async_api.py

@@ -1,6 +1,6 @@
 import logging
 
-import aiohttp
+import httpx
 from singleton import Singleton
 
 from usso.core import UserData, Usso
@@ -28,18 +28,16 @@ class AsyncUssoAPI(metaclass=Singleton):
             return
 
         url = f"{self.url}/auth/refresh"
+        headers = {
+            "Authorization": f"Bearer {self.refresh_token}",
+            "Content-Type": "application/json",
+        }
 
-        if self.refresh_token:
-            headers = {
-                "Authorization": f"Bearer {self.refresh_token}",
-                "content-type": "application/json",
-            }
-
-        async with aiohttp.ClientSession() as session:
-            async with session.post(url, headers=headers) as resp:
-                if kwargs.get("raise_exception", True):
-                    resp.raise_for_status()
-                self.access_token = (await resp.json()).get("access_token")
+        async with httpx.AsyncClient() as client:
+            resp = await client.post(url, headers=headers)
+            if kwargs.get("raise_exception", True):
+                resp.raise_for_status()
+            self.access_token = resp.json().get("access_token")
 
     def _access_valid(self) -> bool:
         if not self.access_token:
@@ -48,9 +46,7 @@ class AsyncUssoAPI(metaclass=Singleton):
         user_data = Usso(
             jwks_url=f"{self.url}/website/jwks.json?"
         ).user_data_from_token(self.access_token)
-        if user_data:
-            return True
-        return False
+        return bool(user_data)
 
     async def _request(
         self,
@@ -60,7 +56,7 @@ class AsyncUssoAPI(metaclass=Singleton):
         **kwargs,
     ) -> dict:
         url = f"{self.url}/{endpoint}"
-        headers = {"content-type": "application/json"}
+        headers = {"Content-Type": "application/json"}
         if self.api_key:
             headers["x-api-key"] = self.api_key
         elif self.refresh_token:
@@ -68,54 +64,41 @@ class AsyncUssoAPI(metaclass=Singleton):
                 await self._refresh()
             headers["Authorization"] = f"Bearer {self.access_token}"
 
-        async with aiohttp.ClientSession() as session:
-            async with session.request(
-                method,
-                url,
-                headers=headers,
-                json=data,
-            ) as resp:
-                try:
-                    resp_json = await resp.json()
-                    resp.raise_for_status()
-                except aiohttp.ClientError as e:
-                    logging.error(f"Error: {e}")
-                    logging.error(f"Response: {resp_json}")
-                    raise e
-                except Exception as e:
-                    logging.error(f"Error: {e}")
-                    logging.error(f"Response: {resp.text}")
-                    raise e
-                return await resp.json()
+        async with httpx.AsyncClient() as client:
+            try:
+                resp = await client.request(
+                    method,
+                    url,
+                    headers=headers,
+                    json=data,
+                )
+                resp.raise_for_status()
+                return resp.json()
+            except httpx.HTTPStatusError as e:
+                logging.error(f"HTTP error: {e.response.status_code} {e.response.text}")
+                raise e
+            except Exception as e:
+                logging.error(f"Unexpected error: {e}")
+                raise e
 
     async def get_users(self, **kwargs) -> list[UserData]:
         users_dict = await self._request(endpoint="website/users", **kwargs)
-
         return [UserData(user_id=user.get("uid"), **user) for user in users_dict]
 
     async def get_user(self, user_id: str, **kwargs) -> UserData:
-        user_dict = await self._request(
-            endpoint=f"website/users/{user_id}",
-            **kwargs,
-        )
+        user_dict = await self._request(endpoint=f"website/users/{user_id}", **kwargs)
         return UserData(user_id=user_dict.get("uid"), **user_dict)
 
     async def get_user_by_credentials(self, credentials: dict, **kwargs) -> UserData:
         user_dict = await self._request(
-            endpoint="website/users/credentials",
-            data=credentials,
-            **kwargs,
+            endpoint="website/users/credentials", data=credentials, **kwargs
         )
         return UserData(user_id=user_dict.get("uid"), **user_dict)
 
     async def create_user(self, user_data: dict, **kwargs) -> UserData:
         user_dict = await self._request(
-            method="post",
-            endpoint="website/users",
-            data=user_data,
-            **kwargs,
+            method="post", endpoint="website/users", data=user_data, **kwargs
         )
-
         return UserData(user_id=user_dict.get("uid"), **user_dict)
 
     async def create_user_credentials(
@@ -139,10 +122,7 @@ class AsyncUssoAPI(metaclass=Singleton):
         if credentials:
             user_data["authenticators"] = [credentials]
         user_dict = await self._request(
-            method="post",
-            endpoint="website/users",
-            data=credentials,
-            **kwargs,
+            method="post", endpoint="website/users", data=credentials, **kwargs
         )
         return UserData(user_id=user_dict.get("uid"), **user_dict)
 

{usso-0.27.0 → usso-0.27.2}/src/usso/core.py

@@ -1,7 +1,7 @@
 import json
 import logging
 import os
-import uuid
+from datetime import datetime, timedelta
 from urllib.parse import urlparse
 
 import cachetools.func
@@ -10,46 +10,12 @@ import requests
 from cachetools import TTLCache, cached
 from pydantic import BaseModel, model_validator
 
-from . import b64tools
 from .exceptions import USSOException
+from .schemas import UserData
 
 logger = logging.getLogger("usso")
 
 
-class UserData(BaseModel):
-    user_id: str
-    workspace_id: str | None = None
-    workspace_ids: list[str] = []
-    token_type: str = "access"
-
-    email: str | None = None
-    phone: str | None = None
-    username: str | None = None
-
-    authentication_method: str | None = None
-    is_active: bool = False
-
-    jti: str | None = None
-    data: dict | None = None
-
-    token: str | None = None
-
-    @property
-    def uid(self) -> uuid.UUID:
-        user_id = self.user_id
-
-        if user_id.startswith("u_"):
-            user_id = user_id[2:]
-        if 22 <= len(user_id) <= 24:
-            user_id = b64tools.b64_decode_uuid(user_id)
-
-        return uuid.UUID(user_id)
-
-    @property
-    def b64id(self) -> uuid.UUID:
-        return b64tools.b64_encode_uuid_strip(self.uid)
-
-
 def get_authorization_scheme_param(
     authorization_header_value: str | None,
 ) -> tuple[str, str]:
@@ -92,6 +58,14 @@ def decode_token(key, token: str, algorithms=["RS256"], **kwargs) -> dict:
         logger.error(e)
 
 
+def is_expired(token: str, **kwargs) -> bool:
+    now = datetime.now()
+    decoded_token: dict = jwt.decode(token, options={"verify_signature": False})
+    exp = decoded_token.get("exp", (now + timedelta(days=1)).timestamp())
+    exp = datetime.fromtimestamp(exp)
+    return exp >= now
+
+
 @cached(TTLCache(maxsize=128, ttl=10 * 60))
 def get_jwk_keys(jwk_url: str) -> jwt.PyJWKClient:
     return jwt.PyJWKClient(jwk_url, headers={"User-Agent": "usso-python"})

usso-0.27.2/src/usso/schemas.py

@@ -0,0 +1,39 @@
+import uuid
+
+from pydantic import BaseModel
+
+from . import b64tools
+
+
+class UserData(BaseModel):
+    user_id: str
+    workspace_id: str | None = None
+    workspace_ids: list[str] = []
+    token_type: str = "access"
+
+    email: str | None = None
+    phone: str | None = None
+    username: str | None = None
+
+    authentication_method: str | None = None
+    is_active: bool = False
+
+    jti: str | None = None
+    data: dict | None = None
+
+    token: str | None = None
+
+    @property
+    def uid(self) -> uuid.UUID:
+        user_id = self.user_id
+
+        if user_id.startswith("u_"):
+            user_id = user_id[2:]
+        if 22 <= len(user_id) <= 24:
+            user_id = b64tools.b64_decode_uuid(user_id)
+
+        return uuid.UUID(user_id)
+
+    @property
+    def b64id(self) -> uuid.UUID:
+        return b64tools.b64_encode_uuid_strip(self.uid)

usso-0.27.2/src/usso/session/__init__.py

@@ -0,0 +1,4 @@
+from .async_session import AsyncUssoSession
+from .session import UssoSession
+
+__all__ = ["UssoSession", "AsyncUssoSession"]

usso-0.27.2/src/usso/session/async_session.py

@@ -0,0 +1,65 @@
+import httpx
+
+from ..core import is_expired
+from .session import BaseUssoSession
+
+
+class AsyncUssoSession(httpx.AsyncClient, BaseUssoSession):
+    def __init__(
+        self,
+        usso_base_url: str | None = None,
+        api_key: str | None = None,
+        usso_refresh_url: str | None = None,
+        refresh_token: str | None = None,
+        usso_api_key: str | None = None,
+        user_id: str | None = None,
+    ):
+        BaseUssoSession.__init__(
+            self,
+            usso_base_url,
+            api_key,
+            usso_refresh_url,
+            refresh_token,
+            usso_api_key,
+            user_id,
+        )
+        httpx.AsyncClient.__init__(self, headers=self.headers)
+
+    async def _refresh_api(self):
+        params = {"user_id": self.user_id} if self.user_id else {}
+        response = await self.get(
+            f"{self.usso_refresh_url}/api",
+            headers={"x-api-key": self.usso_api_key},
+            params=params,
+        )
+        response.raise_for_status()
+        data: dict = response.json()
+        self._refresh_token = data.get("token", {}).get("refresh_token")
+
+    async def _refresh(self):
+        assert (
+            self.refresh_token or self.usso_api_key
+        ), "refresh_token or usso_api_key is required"
+
+        if self.usso_api_key and not self.refresh_token:
+            await self._refresh_api()
+
+        response = await self.post(
+            self.usso_refresh_url, json={"refresh_token": f"{self.refresh_token}"}
+        )
+        response.raise_for_status()
+        self.access_token = response.json().get("access_token")
+        self.headers.update({"Authorization": f"Bearer {self.access_token}"})
+        return response.json()
+
+    async def get_session(self):
+        if self.api_key:
+            return self
+
+        if not self.access_token or is_expired(self.access_token):
+            await self._refresh()
+        return self
+
+    async def _request(self, method: str, url: str, **kwargs):
+        session = await self.get_session()
+        return await session.request(method, url, **kwargs)

usso-0.27.2/src/usso/session/session.py

@@ -0,0 +1,116 @@
+from urllib.parse import urlparse
+
+import requests
+
+from ..core import is_expired
+
+
+class BaseUssoSession:
+    def __init__(
+        self,
+        usso_base_url: str | None = None,
+        api_key: str | None = None,
+        usso_refresh_url: str | None = None,
+        refresh_token: str | None = None,
+        usso_api_key: str | None = None,
+        user_id: str | None = None,
+    ):
+        assert (
+            usso_base_url or usso_refresh_url
+        ), "usso_base_url or usso_refresh_url is required"
+        assert (
+            refresh_token or api_key or usso_api_key
+        ), "refresh_token or api_key or usso_api_key is required"
+
+        if not usso_base_url:
+            url_parts = urlparse(usso_refresh_url)
+            usso_base_url = f"{url_parts.scheme}://{url_parts.netloc}"
+        if usso_base_url.endswith("/"):
+            usso_base_url = usso_base_url[:-1]
+
+        self.usso_refresh_url = usso_refresh_url or f"{usso_base_url}/auth/refresh"
+        self._refresh_token = refresh_token
+        self.session = requests.Session()
+        self.access_token = None
+        self.api_key = api_key
+        self.usso_api_key = usso_api_key
+        self.user_id = user_id
+        self.headers = {}
+        if api_key:
+            self.headers = {"x-api-key": api_key}
+            self.session.headers.update(self.headers)
+
+    @property
+    def refresh_token(self):
+        if self._refresh_token and is_expired(self._refresh_token):
+            self._refresh_token = None
+
+        return self._refresh_token
+
+    def request(self, method: str, url: str, **kwargs):
+        return self._request(method, url, **kwargs)
+
+    def get(self, url: str, **kwargs):
+        return self._request("GET", url, **kwargs)
+
+    def post(self, url: str, **kwargs):
+        return self._request("POST", url, **kwargs)
+
+    def put(self, url: str, **kwargs):
+        return self._request("PUT", url, **kwargs)
+
+    def patch(self, url: str, **kwargs):
+        return self._request("PATCH", url, **kwargs)
+
+    def delete(self, url: str, **kwargs):
+        return self._request("DELETE", url, **kwargs)
+
+    def head(self, url: str, **kwargs):
+        return self._request("HEAD", url, **kwargs)
+
+    def options(self, url: str, **kwargs):
+        return self._request("OPTIONS", url, **kwargs)
+
+
+class UssoSession(BaseUssoSession):
+    def _refresh_api(self):
+        params = {"user_id": self.user_id} if self.user_id else {}
+        response = requests.get(
+            f"{self.usso_refresh_url}/api",
+            headers={"x-api-key": self.usso_api_key},
+            params=params,
+        )
+        response.raise_for_status()
+        data: dict = response.json()
+        self._refresh_token = data.get("token", {}).get("refresh_token")
+
+    def _refresh(self):
+        assert (
+            self.refresh_token or self.usso_api_key
+        ), "refresh_token or usso_api_key is required"
+
+        if self.usso_api_key and not self.refresh_token:
+            self._refresh_api()
+
+        response = requests.post(
+            self.usso_refresh_url, json={"refresh_token": f"{self.refresh_token}"}
+        )
+        response.raise_for_status()
+        self.access_token = response.json().get("access_token")
+        self.session.headers.update({"Authorization": f"Bearer {self.access_token}"})
+        return response.json()
+
+    def get_session(self):
+        if self.api_key:
+            return self.session
+
+        if not self.access_token or is_expired(self.access_token):
+            self._refresh()
+        return self.session
+
+    def _request(self, method: str, url: str, **kwargs):
+        session = self.get_session()
+        return session.request(method, url, **kwargs)
+
+    def close(self):
+        self.session.close()

{usso-0.27.0 → usso-0.27.2/src/usso.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.27.0
+Version: 0.27.2
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>

{usso-0.27.0 → usso-0.27.2}/src/usso.egg-info/SOURCES.txt

@@ -2,24 +2,26 @@ LICENSE.txt
 README.md
 pyproject.toml
 src/usso/__init__.py
-src/usso/api.py
-src/usso/async_api.py
-src/usso/async_session.py
 src/usso/b64tools.py
 src/usso/core.py
 src/usso/exceptions.py
-src/usso/httpx_session.py
-src/usso/session.py
+src/usso/schemas.py
 src/usso.egg-info/PKG-INFO
 src/usso.egg-info/SOURCES.txt
 src/usso.egg-info/dependency_links.txt
 src/usso.egg-info/entry_points.txt
 src/usso.egg-info/requires.txt
 src/usso.egg-info/top_level.txt
+src/usso/client/__init__.py
+src/usso/client/api.py
+src/usso/client/async_api.py
 src/usso/django/__init__.py
 src/usso/django/middleware.py
 src/usso/fastapi/__init__.py
 src/usso/fastapi/integration.py
+src/usso/session/__init__.py
+src/usso/session/async_session.py
+src/usso/session/session.py
 tests/test_api.py
 tests/test_core.py
 tests/test_simple.py

usso-0.27.0/src/usso/async_session.py

@@ -1,124 +0,0 @@
-from contextlib import asynccontextmanager
-from datetime import datetime, timedelta
-
-import aiohttp
-import jwt
-
-
-class AsyncUssoSession:
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.access_token = None
-        self.session = None  # This will hold the aiohttp session
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    async def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        async with aiohttp.ClientSession() as session:
-            async with session.get(
-                f"{self.sso_refresh_url}/api",
-                headers={"x-api-key": self.api_key},
-                params=params,
-            ) as response:
-                response.raise_for_status()
-                data: dict = await response.json()
-                self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    async def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            raise ValueError("Refresh token not provided or invalid.")
-
-        if self.api_key and not self.refresh_token:
-            await self._refresh_api()
-
-        async with aiohttp.ClientSession() as session:
-            async with session.post(
-                self.sso_refresh_url,
-                json={"refresh_token": self.refresh_token},
-            ) as response:
-                response.raise_for_status()
-                return await response.json()
-
-    async def _ensure_valid_token(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get("exp")
-
-            if exp and datetime.fromtimestamp(exp) < datetime.now():
-                self.access_token = None  # Token expired, need a new one
-
-        if not self.access_token:
-            # Get a new token if none exists or it has expired
-            token_data = await self._refresh()
-            self.access_token = token_data.get("access_token")
-
-            # Update headers with the new access token
-            if self.session:
-                self.session.headers.update(
-                    {"Authorization": f"Bearer {self.access_token}"}
-                )
-
-    async def __aenter__(self):
-        self.session = aiohttp.ClientSession()  # Initialize the session
-        await self._ensure_valid_token()  # Ensure valid token before usage
-        return self
-
-    async def __aexit__(self, exc_type, exc_value, traceback):
-        if self.session:
-            await self.session.close()  # Close the session properly
-
-    @asynccontextmanager
-    async def _request(self, method: str, url: str, **kwargs):
-        await self._ensure_valid_token()  # Ensure valid token before any request
-        async with self.session.request(method, url, **kwargs) as response:
-            yield response
-
-    def get(self, url: str, **kwargs):
-        return self._request("GET", url, **kwargs)
-
-    def post(self, url: str, **kwargs):
-        return self._request("POST", url, **kwargs)
-
-    def put(self, url: str, **kwargs):
-        return self._request("PUT", url, **kwargs)
-
-    def patch(self, url: str, **kwargs):
-        return self._request("PATCH", url, **kwargs)
-
-    def delete(self, url: str, **kwargs):
-        return self._request("DELETE", url, **kwargs)
-
-    def head(self, url: str, **kwargs):
-        return self._request("HEAD", url, **kwargs)
-
-    def options(self, url: str, **kwargs):
-        return self._request("OPTIONS", url, **kwargs)
-
-    async def close(self):
-        await self.session.close()
-        self.session = None

usso-0.27.0/src/usso/httpx_session.py

@@ -1,87 +0,0 @@
-from datetime import datetime, timedelta
-
-import httpx
-import jwt
-
-
-class AsyncUssoSession(httpx.AsyncClient):
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        super().__init__()
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.access_token = None
-        self.session = None  # This will hold the aiohttp session
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    async def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        async with httpx.AsyncClient() as session:
-            response = await session.get(
-                f"{self.sso_refresh_url}/api",
-                headers={"x-api-key": self.api_key},
-                params=params,
-            )
-            response.raise_for_status()
-            data: dict = response.json()
-            self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    async def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            raise ValueError("Refresh token not provided or invalid.")
-
-        if self.api_key and not self.refresh_token:
-            await self._refresh_api()
-
-        async with httpx.AsyncClient() as session:
-            response = await session.post(
-                self.sso_refresh_url, json={"refresh_token": self.refresh_token}
-            )
-            response.raise_for_status()
-            return response.json()
-
-    async def _ensure_valid_token(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get("exp")
-
-            if exp and datetime.fromtimestamp(exp) < datetime.now():
-                self.access_token = None  # Token expired, need a new one
-
-        if not self.access_token:
-            # Get a new token if none exists or it has expired
-            token_data = await self._refresh()
-            self.access_token = token_data.get("access_token")
-
-    async def request(self, method: str, url: str, *args, **kwargs):
-        await self._ensure_valid_token()
-
-        # Add authorization header to each request
-        headers = kwargs.pop("headers") or {}
-        headers["Authorization"] = f"Bearer {self.access_token}"
-
-        # Call the parent's request method
-        return await super().request(method, url, headers=headers, *args, **kwargs)

usso-0.27.0/src/usso/session.py

@@ -1,78 +0,0 @@
-from datetime import datetime, timedelta
-
-import jwt
-import requests
-
-
-class UssoSession:
-
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.session = requests.Session()
-        self.access_token = None
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        response = requests.get(
-            f"{self.sso_refresh_url}/api",
-            headers={"x-api-key": self.api_key},
-            params=params,
-        )
-        response.raise_for_status()
-        data = response.json()
-        self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            return
-
-        if self.api_key and not self.refresh_token:
-            self._refresh_api()
-
-        response = requests.post(
-            self.sso_refresh_url,
-            json={"refresh_token": f"{self.refresh_token}"},
-        )
-        response.raise_for_status()
-        self.access_token = response.json().get("access_token")
-        self.session.headers.update({"Authorization": f"Bearer {self.access_token}"})
-        return response.json()
-
-    def get_session(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = datetime.fromtimestamp(decoded_token.get("exp"))
-            if exp < datetime.now():
-                self.access_token = None
-        if not self.access_token:
-            self.access_token = self._refresh().get("access_token")
-            self.session.headers.update(
-                {"Authorization": f"Bearer {self.access_token}"}
-            )
-        return self.session