Skip to content

Commit

Permalink
Merge pull request #1097 from DSD-DBS/fix-authentication-routes
Browse files Browse the repository at this point in the history
fix: nginx internal server error for Prometheus and Grafana
  • Loading branch information
MoritzWeber0 authored Oct 16, 2023
2 parents edac1cf + e25b14a commit aa83811
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 14 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
from capellacollab.config import config
from capellacollab.core import database
from capellacollab.core.authentication import injectables as auth_injectables
from capellacollab.core.authentication.jwt_bearer import JWTBearer
from capellacollab.core.authentication import jwt_bearer
from capellacollab.core.authentication.schemas import (
RefreshTokenRequest,
TokenRequest,
Expand Down Expand Up @@ -61,10 +61,10 @@ async def api_get_token(
)
access_token = token["id_token"]

validated_token = JWTBearer().validate_token(access_token)
validated_token = jwt_bearer.JWTBearer().validate_token(access_token)
assert validated_token

username = JWTBearer().get_username(validated_token)
username = jwt_bearer.JWTBearer().get_username(validated_token)

if user := users_crud.get_user_by_name(db, username):
users_crud.update_last_login(db, user)
Expand All @@ -86,8 +86,7 @@ async def api_refresh_token(body: RefreshTokenRequest):


@router.delete("/tokens", name="Invalidate the token (log out)")
async def logout(jwt_decoded=fastapi.Depends(JWTBearer())):
username, _ = jwt_decoded
async def logout(username: str = fastapi.Depends(jwt_bearer.JWTBearer())):
for account in ad_session().get_accounts():
if account["username"] == username:
return ad_session().remove_account(account)
Expand All @@ -97,10 +96,9 @@ async def logout(jwt_decoded=fastapi.Depends(JWTBearer())):
@router.get("/tokens", name="Validate the token")
async def validate_token(
scope: Role | None,
jwt_information=fastapi.Depends(JWTBearer()),
username: str = fastapi.Depends(jwt_bearer.JWTBearer()),
db: orm.Session = fastapi.Depends(database.get_db),
):
username, _ = jwt_information
if scope and scope.ADMIN:
auth_injectables.RoleVerification(required_role=Role.ADMIN)(
username, db
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
import capellacollab.users.crud as users_crud
from capellacollab.core import database
from capellacollab.core.authentication import injectables as auth_injectables
from capellacollab.core.authentication.jwt_bearer import JWTBearer
from capellacollab.core.authentication import jwt_bearer
from capellacollab.core.authentication.schemas import (
RefreshTokenRequest,
TokenRequest,
Expand All @@ -31,10 +31,10 @@ async def api_get_token(
token = get_token(body.code)
access_token = token["access_token"]

validated_token = JWTBearer().validate_token(access_token)
validated_token = jwt_bearer.JWTBearer().validate_token(access_token)
assert validated_token

username = JWTBearer().get_username(validated_token)
username = jwt_bearer.JWTBearer().get_username(validated_token)

if user := users_crud.get_user_by_name(db, username):
users_crud.update_last_login(db, user)
Expand All @@ -54,11 +54,10 @@ async def logout():

@router.get("/tokens", name="Validate the token")
async def validate_token(
scope: Role | None,
jwt_information=fastapi.Depends(JWTBearer()),
scope: Role | None = None,
username: str = fastapi.Depends(jwt_bearer.JWTBearer()),
db: orm.Session = fastapi.Depends(database.get_db),
):
username, _ = jwt_information
if scope and scope.ADMIN:
auth_injectables.RoleVerification(required_role=Role.ADMIN)(
username, db
Expand Down
21 changes: 21 additions & 0 deletions backend/tests/users/test_oauth.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# SPDX-FileCopyrightText: Copyright DB Netz AG and the capella-collab-manager contributors
# SPDX-License-Identifier: Apache-2.0


from fastapi import testclient
from sqlalchemy import orm

from capellacollab.users import crud as users_crud
from capellacollab.users import models as users_models


def test_validate_tokens_routes(
db: orm.Session,
client: testclient.TestClient,
executor_name: str,
):
users_crud.create_user(db, executor_name, users_models.Role.ADMIN)
response = client.get("/api/v1/authentication/tokens")

assert response.status_code == 200
assert response.json() == executor_name
1 change: 0 additions & 1 deletion backend/tests/users/test_tokens.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
from capellacollab.__main__ import app
from capellacollab.core.authentication.basic_auth import HTTPBasicAuth
from capellacollab.users import models as users_models
from capellacollab.users.tokens import models as tokens_models

POST_TOKEN = {
"expiration_date": str(datetime.datetime.now()),
Expand Down

0 comments on commit aa83811

Please sign in to comment.