@@ -272,12 +272,27 @@ def map_request_to_oci(
272272 )
273273 elif "security_token_file" in oci_config :
274274 # Session-based authentication with security token (fallback if no user field)
275+ # Note: Session tokens expire (typically ~1 hour). If expired, re-run:
276+ # oci session authenticate --profile <profile>
275277 token_file_path = os .path .expanduser (oci_config ["security_token_file" ])
276- with open (token_file_path , "r" ) as f :
277- security_token = f .read ().strip ()
278+ try :
279+ with open (token_file_path , "r" ) as f :
280+ security_token = f .read ().strip ()
281+ except FileNotFoundError :
282+ raise ValueError (
283+ f"OCI session token file not found: { token_file_path }
284+ "Your session may have expired. Re-authenticate with: "
285+ "oci session authenticate"
286+ )
278287
279288 # Load private key using OCI's utility function
280- private_key = oci .signer .load_private_key_from_file (oci_config ["key_file" ])
289+ key_file = oci_config .get ("key_file" )
290+ if not key_file :
291+ raise ValueError (
292+ "OCI config profile is missing 'key_file'. "
293+ "Session-based auth requires a key_file entry in your OCI config profile."
294+ )
295+ private_key = oci .signer .load_private_key_from_file (key_file )
281296
282297 signer = oci .auth .signers .SecurityTokenSigner (
283298 token = security_token ,
@@ -362,7 +377,9 @@ def map_response_from_oci() -> EventHook:
362377 """
363378
364379 def _hook (response : httpx .Response ) -> None :
365- endpoint = response .request .extensions ["endpoint" ]
380+ endpoint = response .request .extensions .get ("endpoint" )
381+ if endpoint is None :
382+ return # Request hook didn't run; pass response through unchanged
366383 is_stream = response .request .extensions .get ("is_stream" , False )
367384
368385 output : typing .Iterator [bytes ]
0 commit comments