From 6e4244956d9f531fc8892e58bf09695b84ee11a8 Mon Sep 17 00:00:00 2001
From: MariusWirtz <MariusWirtz2@gmail.com>
Date: Wed, 16 Oct 2024 15:22:11 +0200
Subject: [PATCH] Add new auth mode: access_token for v12 in AKS

Fixes #1154
---
 TM1py/Services/RestService.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/TM1py/Services/RestService.py b/TM1py/Services/RestService.py
index 1858f0a7..f3f4e237 100644
--- a/TM1py/Services/RestService.py
+++ b/TM1py/Services/RestService.py
@@ -43,6 +43,7 @@ class AuthenticationMode(Enum):
     SERVICE_TO_SERVICE = 6
     PA_PROXY = 7
     BASIC_API_KEY = 8
+    ACCESS_TOKEN = 9
 
     @property
     def use_v12_auth(self):
@@ -193,7 +194,8 @@ def _determine_verify(self, verify: [bool, str] = None) -> [bool, str]:
             if self._auth_mode in [
                 AuthenticationMode.IBM_CLOUD_API_KEY,
                 AuthenticationMode.SERVICE_TO_SERVICE,
-                AuthenticationMode.BASIC_API_KEY
+                AuthenticationMode.BASIC_API_KEY,
+                AuthenticationMode.ACCESS_TOKEN
             ]:
                 return True
             else:
@@ -454,7 +456,7 @@ def _construct_service_and_auth_root(self) -> Tuple[str, str]:
         elif self._auth_mode is AuthenticationMode.SERVICE_TO_SERVICE:
             return self._construct_s2s_service_and_auth_root()
 
-        if self._auth_mode is AuthenticationMode.BASIC_API_KEY:
+        if self._auth_mode in [AuthenticationMode.BASIC_API_KEY, AuthenticationMode.ACCESS_TOKEN]:
             return self._construct_all_version_service_and_auth_root_from_base_url()
 
     def _manage_http_adapter(self):
@@ -700,6 +702,9 @@ def _start_session(self, user: str, password: str, decode_b64: bool = False, nam
             access_token = self._generate_ibm_iam_cloud_access_token()
             self.add_http_header('Authorization', "Bearer " + access_token)
 
+        elif self._auth_mode == AuthenticationMode.ACCESS_TOKEN:
+            self.add_http_header('Authorization', "Bearer " + self._kwargs.get('access_token'))
+
         # v11 authorization (Basic, CAM) through Headers
         else:
             token = self._build_authorization_token(
@@ -1063,6 +1068,8 @@ def _determine_auth_mode(self) -> AuthenticationMode:
             ]):
                 if self._kwargs.get('user', None) == 'apikey' and 'planninganalytics.saas.ibm.com' in self._base_url:
                     return AuthenticationMode.BASIC_API_KEY
+                elif self._kwargs.get('access_token'):
+                    return AuthenticationMode.ACCESS_TOKEN
                 return AuthenticationMode.BASIC
 
             if self._kwargs.get('gateway', None):