handle_callback fails in _request_access_token when expires_at type is str

[sky-code]

I am trying to use FHIR API that returns expires_at as str but it leads to exception:

unsupported type for timedelta seconds component: str
Traceback (most recent call last):
...
File "/Users/sky/.local/share/virtualenvs/backend-hCLDLwkG/lib/python3.12/site-packages/fhirclient/client.py", line 136, in handle_callback
    ctx = self.server.handle_callback(url) if self.server is not None else None
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sky/.local/share/virtualenvs/backend-hCLDLwkG/lib/python3.12/site-packages/fhirclient/server.py", line 117, in handle_callback
    return self.auth.handle_callback(url, self)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sky/.local/share/virtualenvs/backend-hCLDLwkG/lib/python3.12/site-packages/fhirclient/auth.py", line 250, in handle_callback
    return self._request_access_token(server, exchange)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/sky/.local/share/virtualenvs/backend-hCLDLwkG/lib/python3.12/site-packages/fhirclient/auth.py", line 287, in _request_access_token
    self.expires_at = datetime.now() + timedelta(seconds=expires_in)
                                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: unsupported type for timedelta seconds component: str

example of API response

{'ah_brand': 'a-1959841.Brand-21', 'ah_csg': 'a-1959841.CSG-41', 'ah_department': 'a-1959841.Department-165', 'ah_practice': 'a-1.Practice-1959841', 'expires_in': '3600', 'fhir_user_reference': 'Practitioner/a-1959841.User-2367985486', 'id_token': 'eyJraWQiOiJzazNtNWN4azRfNEpIajRjaVBMaXNxZ0NMMnRMOVp3NlhobGc2TFAxdFdnIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVvcHlxcDM3Um52TUZjNj...1_hUolvxuZiFH5wBKWRlqjnEVZUrf3-q7bnTO_0wV54qkaWsXdlbVxzVOXdoD96be5atFBkeFQEVeh3ijUnPPtvk28hlI8esXCpRkvbK8W5PMBp9jh5di6kx3V-_-w', 'need_patient_banner': True, 'patient': 'a-1959841.E-27036', 'scope': 'fhirUser launch openid profile user/Patient.read', 'smart_style_url': 'https://preview.athenahealth.com/static/smart_on_fhir/smart_stylesheet_v1.json', 'token_type': 'Bearer', 'username': 'p-asethimdp1'}

Right here
https://github.com/smart-on-fhir/client-py/blob/main/fhirclient/auth.py#L286
expires_in must be converted to int
expires_in = int(ret_params.get('expires_in'))

[mikix]

Hmm, OK - you're not wrong that we could be more graceful here, but that also doesn't look like the right type for the field. So this feels like a server error, which we could work around if we want.

From the OAuth RFC, they use an integer: https://www.rfc-editor.org/rfc/rfc6749#section-4.3.3

Do you have any influence over the server, or is it a vendor outside your control?

[mikix]

Looks like you're using Athena Health - curiously, in their docs, they use a string for the "2 legged" approach, and an int for the "3 legged" approach.

https://docs.athenahealth.com/api/guides/token-endpoint#3legged_Token_Generation_2