def test_with_missing_team(self): mock_responses.add( mock_responses.POST, github.GRAPHQL_URL, body='''{ "data": { "viewer": { "login": "******", "organization": { "teams": { "edges": [ {"cursor": "cursor1"} ], "nodes": [ {"slug": "team1"} ] } } } } }''', status=200, ) user = self._auth(access_token='token') self.assertIsNotNone(user) self.assertEqual(user['sub']['name'], 'user') self.assertFalse(validate_scope(['team2'], user['scope']))
def authenticate(username, password, required_scopes=None): """ Performs basic authentication from the user table in the database Args: username (str): username password (str): password Returns: :obj:`argparse.Namespace`: command line parameters namespace """ # perform query user_model = User.query.filter_by(username=username).first() print("username = ", user_model.username) # compare the db pass with the request one if verify_pass(password, user_model.password) and user_model.admin == True: info = {'sub': username, 'scope': 'admin'} elif password == user_model.password: info = {'sub': username, 'scope': ''} else: # optional: raise exception for custom error response return None # optional if required_scopes is not None and not validate_scope( required_scopes, info['scope']): raise OAuthScopeProblem( description= 'Provided user doesn\'t have the required access rights', required_scopes=required_scopes, token_scopes=info['scope']) return info
def basic_auth(username, password, required_scopes=None): # optional if required_scopes is not None and not validate_scope(required_scopes, info['scope']): raise OAuthScopeProblem( description='Provided user doesn\'t have the required access rights', required_scopes=required_scopes, token_scopes=info['scope'] ) return {"sub":username, "secret":password}
def test_with_correct_password(self): mock_responses.add_callback( mock_responses.POST, github.GRAPHQL_URL, callback=MockResponses([ '''{ "data": { "viewer": { "login": "******", "organization": { "teams": { "edges": [ {"cursor": "cursor1"}, {"cursor": "cursor2"} ], "nodes": [ {"slug": "team1"}, {"slug": "team2"} ] } } } } }''', '''{ "data": { "viewer": { "login": "******", "organization": { "teams": { "edges": [ {"cursor": "cursor3"} ], "nodes": [ {"slug": "team3"} ] } } } } }''', ]), ) user = self._auth(access_token='access_token') self.assertIsNotNone(user) self.assertEqual(user['sub']['name'], 'user') self.assertTrue(validate_scope(['team3'], user['scope']))
def basic_auth(username, password, required_scopes=None): if username == 'admin' and password == 'admin': info = {'sub': 'admin', 'scope': 'secret'} else: raise Unauthorized( f'Incorrect username: {username} or password: {password}') if required_scopes is not None and not validate_scope( required_scopes, info['scope']): raise OAuthScopeProblem( description= 'Provided user doesn\'t have the required access rights', required_scopes=required_scopes, token_scopes=info['scope']) return info
def basic_auth(username, password, required_scopes=None): if username == 'admin' and password == 'secret': info = {'sub': 'admin', 'scope': 'secret'} elif username == 'foo' and password == 'bar': info = {'sub': 'user1', 'scope': ''} else: # optional: raise exception for custom error response return None # optional if required_scopes is not None and not validate_scope(required_scopes, info['scope']): raise OAuthScopeProblem( description='Provided user doesn\'t have the required access rights', required_scopes=required_scopes, token_scopes=info['scope'] ) return info
def basic_auth(username, password, required_scopes=None): if username == 'admin' and password == 'secret': info = {'sub': 'admin', "scope": "secret"} elif username == "foo" and password == "bar": info = {'sub': "user1", "scope": ""} else: return None # optional if required_scopes is not None and not validate_scope( required_scopes, info['scope']): raise OAuthScopeProblem( description= "Provided user doesn\'t have the required access rights", required_scopes=required_scopes, token_scopes=info['scope']) return info