Subsequent Auth Fails with Token

[NimishVerma]

Hi Tom,

Neat project. I noticed something weird. I am using a FastAPI app, in my app.py I always make a connection and instantiate the Q object (= Questrade(refresh_token='XX') ).
The first time I run the code it works fine, and a restart causes 400 bad requests. It only works if I change the refresh token from the dashboard or have Q = Questrade() (without the refresh token).

I figure this might be an issue with the API maybe.

[kerouac01850]

This code works fine BUT you must authenticate with the token first and only once. Thereafter use the cached OAuth credentials.

[momelod]

I'm running into the same issue. How can we validate if the access_token in ~/.questrade.json is still valid and if not use the refresh_token to get a new access_token

[kerouac01850]

I admit that managing the life cycle is not intuitive. You can check my fork of this repository to see where I added some behavior that removes OAuth state caching from the file system. Also look at my Python Connection class to see how it handles the API logic. For my application I didn't want files lying around that had valid OAuth credentials.

Possibly another way to do this without any modification of the API is to generate a new token and immediately delete ~/.questrade.json. Use the presence of ~/.questrade.json as a discriminant to figure out if the connection needs a token parameter.

[RuslanBergenov]

I would just do this:

try:
    q = Questrade(refresh_token=refresh_token)
except Exception as e:
    print(e)
    q = Questrade()