(PXP-7846): Visa refresh token expiration parameter

[BinamB]

This was an ask from ISB-CGC. It's mostly for testing purposes. Basically #848 but for RAS or any other Visa provider we might have in the future.

New Features

• Added upstream_expires_in parameter in the /authorization endpoint to manually add refresh token expiration time.

Bug Fixes

• Fixed Visa Update cronjob not clearing expired refresh tokens.

[github-actions]

The style in this PR agrees with black. ✔️

This formatting comment was generated automatically by a script in uc-cdis/wool.

[coveralls]

Pull Request Test Coverage Report for Build 10561

• 3 of 12 (25.0%) changed or added relevant lines in 3 files are covered.
• 1 unchanged line in 1 file lost coverage.
• Overall coverage decreased (-0.05%) to 69.484%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
fence/resources/openid/idp_oauth2.py	0	1	0.0%
fence/job/visa_update_cronjob.py	1	3	33.33%
fence/blueprints/login/ras.py	2	8	25.0%

Files with Coverage Reduction	New Missed Lines	%
fence/blueprints/login/ras.py	1	33.33%

Totals
Change from base Build 10558:	-0.05%
Covered Lines:	5722
Relevant Lines:	8235

---

💛 - Coveralls

[paulineribeyre]

You used visa_refresh_exp, the ticket says ras_expires_at, and other Fence endpoints use expires_in.
I'd suggest expires_in for consistency, unless the name in the ticket is a hard requirement

[BinamB]

do you mean use visa_expires_in or just expires_in? If i do expires_in then wouldn't this affect the fence refresh token as well?

[paulineribeyre]

i was suggesting just expires_in but i didn't look closely, if expires_in is already used in this endpoint, then maybe upstream_expires_in? 🤷‍♀️

[paulineribeyre]

or refresh_token_expires_in, but i think visa_expires_in might be confusing?

[BinamB]

I was thinking the same as well. Maybe upstream_expires_in

[paulineribeyre]

👍 update PR description :p