chore(internal): skip sso refresh (#1629)

pkg/shared/connection/kcconnection/builder.go

@@ -160,10 +160,6 @@ func (b *ConnectionBuilder) BuildContext(ctx context.Context) (connection *Conne
 		return nil, &AuthError{notLoggedInError()}
 	}
 
-	if b.connectionConfig.RequireMASAuth && b.masAccessToken == "" && b.masRefreshToken == "" {
-		return nil, &MasAuthError{notLoggedInMASError()}
-	}
-
 	if b.clientID == "" {
 		return nil, AuthErrorf("missing client ID")
 	}

pkg/shared/connection/kcconnection/errors.go

@@ -39,10 +39,6 @@ func notLoggedInError() error {
 	return errors.New(`not logged in. Run "rhoas login" to authenticate`)
 }
 
-func notLoggedInMASError() error {
-	return errors.New(`not logged in to identity.api.openshift.com. Run "rhoas login" to authenticate. Note: token-based login is not supported by the Kafka "topic" and "consumer-group" subcommands`)
-}
-
 func sessionExpiredError() error {
 	return errors.New(`session expired. Run "rhoas login" to authenticate`)
 }

pkg/shared/connection/kcconnection/keycloak_connection.go

@@ -75,7 +75,7 @@ func (c *Connection) RefreshTokens(ctx context.Context) (err error) {
 		}
 	}
 
-	if c.connectionConfig.RequireMASAuth {
+	if c.connectionConfig.RequireMASAuth && c.MASToken.RefreshToken != "" {
 		c.logger.Debug("Refreshing MAS SSO tokens")
 		// nolint:govet
 		refreshedMasTk, err := c.masKeycloakClient.RefreshToken(ctx, c.MASToken.RefreshToken, c.clientID, "", c.masRealm)