Refine OAuth token endpoint handling by preserving regional subdomains and updating comments for clarity

Ing. Fabian Steiner Bsc. · Ing. Fabian Steiner Bsc. · commit 0278c6dfe8ea · 2025-10-09T16:33:39.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,7 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 
 - Core: support OAuth client credentials authentication via `client_id` and `client_secret` in `XurrentApiHelper` while maintaining API key compatibility.
-- Core: OAuth token endpoint TLD is now dynamically derived from the API base URL, ensuring the same top-level domain is used for both API and OAuth.
+- Core: The OAuth token endpoint now dynamically determines the domain from `base_url`, preserving any regional subdomains to ensure consistency between API and OAuth endpoints.
 - Core: When using OAuth, if a 401 Unauthorized error is received, the token is automatically refreshed and the API call is retried once. If authentication still fails after token refresh, an explicit HTTPError is raised.
 
 ## [0.10.0] - 2025-08-16
diff --git a/src/xurrent/core.py b/src/xurrent/core.py
@@ -117,15 +117,24 @@ def _ensure_access_token(self):
 
     def _obtain_access_token(self):
         """Fetch a new OAuth access token using the client credentials grant."""
-        # Dynamically determine the TLD from the base_url
+        # Dynamically determine the domain from the base_url and preserve regional subdomains
         import urllib.parse
         parsed = urllib.parse.urlparse(self.base_url)
-        # Extract the netloc (e.g. api.xurrent.com) and replace the subdomain with 'oauth'
+        # Extract the netloc (e.g. api.xurrent.com, api.au.xurrent.com) and replace 'api' with 'oauth'
         netloc_parts = parsed.netloc.split('.')
         if len(netloc_parts) < 2:
-            raise ValueError('Invalid base_url for extracting TLD')
-        tld = '.'.join(netloc_parts[-2:])
-        token_url = f'https://oauth.{tld}/token'
+            raise ValueError('Invalid base_url for extracting domain')
+            
+        # Replace the first part (assumed to be 'api') with 'oauth'
+        if netloc_parts[0] == 'api':
+            netloc_parts[0] = 'oauth'
+        else:
+            self.logger.warning(f"Expected first domain part to be 'api', got '{netloc_parts[0]}'. Proceeding anyway.")
+            netloc_parts[0] = 'oauth'
+            
+        # Reconstruct the domain preserving all parts including regional subdomains
+        oauth_domain = '.'.join(netloc_parts)
+        token_url = f'https://{oauth_domain}/token'
         payload = {
             'client_id': self._client_id,
             'client_secret': self._client_secret,
