Refine the auth provider

This commit will refine auth provider, to make the auth can disable from the source code and without exception. Move the global scope methods into the class. Test Plan: 1. Enabling the authentication worked correctly. 2. Disabling the authentication worked as expected without any exceptions. Issue-ID: INF-462 Change-Id: Ief69016ed73a525ca8e6a12eda959cb1422968f6 Signed-off-by: Zhang Rong(Jon) <[email protected]>
o-ran-sc · May 23, 2024 · dddebe8 · dddebe8
1 parent 33c7e7d
commit dddebe8
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 13 deletions.
diff --git a/o2app/entrypoints/flask_application.py b/o2app/entrypoints/flask_application.py
@@ -25,8 +25,10 @@
 from o2common.config.config import get_review_url
 from o2common.helper import o2logging
 
+AUTH_ENABLED = True
+FLASK_API_VERSION = '1.0.0'
+
 # apibase = config.get_o2ims_api_base()
-auth = True
 app = Flask(__name__)
 logger = o2logging.get_logger(__name__)
 
@@ -39,9 +41,7 @@ def _get_k8s_url():
         raise Exception('Get k8s token review url failed')
 
 
-FLASK_API_VERSION = '1.0.0'
-
-if auth:
+if AUTH_ENABLED:
     # perform service account identity&privilege check.
     _get_k8s_url()
     ad = authprov.auth_definer('ad')

diff --git a/o2common/authmw/authprov.py b/o2common/authmw/authprov.py
@@ -24,14 +24,6 @@
 ssl._create_default_https_context = ssl._create_unverified_context
 logger = o2logging.get_logger(__name__)
 
-# read the conf from config file
-auth_prv_conf = get_auth_provider()
-
-try:
-    token_review_url = get_review_url()
-except Exception:
-    raise Exception('Get k8s token review url failed')
-
 
 class K8SAuthenticaException(Exception):
     def __init__(self, value):
@@ -48,6 +40,8 @@ class auth_definer():
     def __init__(self, name):
         super().__init__()
         self.name = name
+        # read the conf from config file
+        auth_prv_conf = get_auth_provider()
         if auth_prv_conf == 'k8s':
             self.obj = k8s_auth_provider('k8s')
         else:
@@ -71,6 +65,10 @@ class k8s_auth_provider(auth_definer):
 
     def __init__(self, name):
         self.name = name
+        try:
+            self.token_review_url = get_review_url()
+        except Exception:
+            raise Exception('Failed to get k8s token review url.')
 
     def tokenissue(self, **args2):
         pass
@@ -105,7 +103,7 @@ def authenticate(self, token):
                   'Content-Type': 'application/json'}
         try:
             req = urllib.request.Request(
-                token_review_url, data=binary_data, headers=header)
+                self.token_review_url, data=binary_data, headers=header)
             response = urllib.request.urlopen(req)
             data = json.load(response)
             if data['status']['authenticated'] is True: