Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Support sending OAuth token to codejail service #34023

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+92 −1
Open

feat: Support sending OAuth token to codejail service #34023

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
73e7ca8
feat: Support sending OAuth token to codejail service
timmc-edx Jan 8, 2024
f1df925
fixup! Add unit tests; look up settings each time to allow override t…
timmc-edx Jan 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 43 additions & 1 deletion xmodule/capa/safe_exec/remote_exec.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

from codejail.safe_exec import SafeExecException
from django.conf import settings
from edx_rest_api_client.client import OAuthAPIClient
from edx_toggles.toggles import SettingToggle
from requests.exceptions import RequestException, HTTPError
from simplejson import JSONDecodeError
Expand Down Expand Up @@ -48,6 +49,46 @@ def get_remote_exec(*args, **kwargs):
return remote_exec_function(*args, **kwargs)


# .. setting_name: CODE_JAIL_REST_SERVICE_OAUTH_URL
# .. setting_default: None
# .. setting_description: The OAuth server to get access tokens from when making calls to
# the codejail service. Requires setting CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID and
# CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET. If not specified, no authorization header will
# be sent.
CODE_JAIL_REST_SERVICE_OAUTH_URL = getattr(settings, 'CODE_JAIL_REST_SERVICE_OAUTH_URL', None)
# .. setting_name: CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID
# .. setting_default: None
# .. setting_description: The OAuth client credential ID to use when making calls to
# the codejail service. If not specified, no authorization header will be sent.
CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID = getattr(settings, 'CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID', None)
# .. setting_name: CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET
# .. setting_default: None
# .. setting_description: The OAuth client credential secret to use when making calls to
# the codejail service. If not specified, no authorization header will be sent.
CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET = getattr(settings, 'CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET', None)


def _get_codejail_client():
"""
Return a ``requests`` compatible HTTP client that has .get(...) and .post(...) methods.

The client will send an OAuth token if the appropriate CODE_JAIL_REST_SERVICE_* settings
are configured.
"""
oauth_configured = (
CODE_JAIL_REST_SERVICE_OAUTH_URL and
CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID and CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET
)
if oauth_configured:
return OAuthAPIClient(
base_url=CODE_JAIL_REST_SERVICE_OAUTH_URL,
client_id=CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_ID,
client_secret=CODE_JAIL_REST_SERVICE_OAUTH_CLIENT_SECRET,
)
else:
return requests


def get_codejail_rest_service_endpoint():
return f"{settings.CODE_JAIL_REST_SERVICE_HOST}/api/v0/code-exec"

Expand All @@ -68,8 +109,9 @@ def send_safe_exec_request_v0(data):
codejail_service_endpoint = get_codejail_rest_service_endpoint()
payload = json.dumps(data)

client = _get_codejail_client()
try:
response = requests.post(
response = client.post(
codejail_service_endpoint,
files=extra_files,
data={'payload': payload},
Expand Down
Loading