Refresh the access token using the stored refresh token. Returns the updated auth payload. Raises RuntimeError if not logged in or no refresh token is available.
()
| 351 | |
| 352 | |
| 353 | def refresh() -> dict[str, Any]: |
| 354 | """Refresh the access token using the stored refresh token. |
| 355 | |
| 356 | Returns the updated auth payload. |
| 357 | Raises RuntimeError if not logged in or no refresh token is available. |
| 358 | """ |
| 359 | tokens = load_tokens() |
| 360 | if not tokens: |
| 361 | raise RuntimeError("Not logged in. Run 'opentraceai login' first.") |
| 362 | |
| 363 | rt = tokens.get("refresh_token") |
| 364 | if not rt: |
| 365 | raise RuntimeError("No refresh token available. Run 'opentraceai login' to re-authenticate.") |
| 366 | |
| 367 | disco = discover() |
| 368 | client = load_client() |
| 369 | if not client: |
| 370 | raise RuntimeError("No registered client found. Run 'opentraceai login' first.") |
| 371 | |
| 372 | new_tokens = _refresh_token(disco["token_endpoint"], client["client_id"], rt) |
| 373 | |
| 374 | payload: dict[str, Any] = { |
| 375 | **tokens, # preserve issuer, created_at, etc. |
| 376 | **new_tokens, # overwrite access_token, expires_in, etc. |
| 377 | "refreshed_at": int(time.time()), |
| 378 | } |
| 379 | # Keep the old refresh_token if the server didn't issue a new one. |
| 380 | if "refresh_token" not in new_tokens: |
| 381 | payload["refresh_token"] = rt |
| 382 | |
| 383 | save_tokens(payload) |
| 384 | return payload |
| 385 | |
| 386 | |
| 387 | def login() -> dict[str, Any]: |
nothing calls this directly
no test coverage detected