def test_with_missing_team(self):
mock_responses.add(
mock_responses.POST,
github.GRAPHQL_URL,
body='''{
"data": {
"viewer": {
"login": "******",
"organization": {
"teams": {
"edges": [
{"cursor": "cursor1"}
],
"nodes": [
{"slug": "team1"}
]
}
}
}
}
}''',
status=200,
)
user = self._auth(access_token='token')
self.assertIsNotNone(user)
self.assertEqual(user['sub']['name'], 'user')
self.assertFalse(validate_scope(['team2'], user['scope']))
def authenticate(username, password, required_scopes=None):
""" Performs basic authentication from the user table in the database
Args:
username (str): username
password (str): password
Returns:
:obj:`argparse.Namespace`: command line parameters namespace
"""
# perform query
user_model = User.query.filter_by(username=username).first()
print("username = ", user_model.username)
# compare the db pass with the request one
if verify_pass(password, user_model.password) and user_model.admin == True:
info = {'sub': username, 'scope': 'admin'}
elif password == user_model.password:
info = {'sub': username, 'scope': ''}
else:
# optional: raise exception for custom error response
return None
# optional
if required_scopes is not None and not validate_scope(
required_scopes, info['scope']):
raise OAuthScopeProblem(
description=
'Provided user doesn\'t have the required access rights',
required_scopes=required_scopes,
token_scopes=info['scope'])
return info
def basic_auth(username, password, required_scopes=None):
# optional
if required_scopes is not None and not validate_scope(required_scopes, info['scope']):
raise OAuthScopeProblem(
description='Provided user doesn\'t have the required access rights',
required_scopes=required_scopes,
token_scopes=info['scope']
)
return {"sub":username, "secret":password}
def test_with_correct_password(self):
mock_responses.add_callback(
mock_responses.POST,
github.GRAPHQL_URL,
callback=MockResponses([
'''{
"data": {
"viewer": {
"login": "******",
"organization": {
"teams": {
"edges": [
{"cursor": "cursor1"},
{"cursor": "cursor2"}
],
"nodes": [
{"slug": "team1"},
{"slug": "team2"}
]
}
}
}
}
}''',
'''{
"data": {
"viewer": {
"login": "******",
"organization": {
"teams": {
"edges": [
{"cursor": "cursor3"}
],
"nodes": [
{"slug": "team3"}
]
}
}
}
}
}''',
]),
)
user = self._auth(access_token='access_token')
self.assertIsNotNone(user)
self.assertEqual(user['sub']['name'], 'user')
self.assertTrue(validate_scope(['team3'], user['scope']))
def basic_auth(username, password, required_scopes=None):
if username == 'admin' and password == 'admin':
info = {'sub': 'admin', 'scope': 'secret'}
else:
raise Unauthorized(
f'Incorrect username: {username} or password: {password}')
if required_scopes is not None and not validate_scope(
required_scopes, info['scope']):
raise OAuthScopeProblem(
description=
'Provided user doesn\'t have the required access rights',
required_scopes=required_scopes,
token_scopes=info['scope'])
return info
def basic_auth(username, password, required_scopes=None):
if username == 'admin' and password == 'secret':
info = {'sub': 'admin', 'scope': 'secret'}
elif username == 'foo' and password == 'bar':
info = {'sub': 'user1', 'scope': ''}
else:
# optional: raise exception for custom error response
return None
# optional
if required_scopes is not None and not validate_scope(required_scopes, info['scope']):
raise OAuthScopeProblem(
description='Provided user doesn\'t have the required access rights',
required_scopes=required_scopes,
token_scopes=info['scope']
)
return info
def basic_auth(username, password, required_scopes=None):
if username == 'admin' and password == 'secret':
info = {'sub': 'admin', "scope": "secret"}
elif username == "foo" and password == "bar":
info = {'sub': "user1", "scope": ""}
else:
return None
# optional
if required_scopes is not None and not validate_scope(
required_scopes, info['scope']):
raise OAuthScopeProblem(
description=
"Provided user doesn\'t have the required access rights",
required_scopes=required_scopes,
token_scopes=info['scope'])
return info
def basic_auth(username, password, required_scopes=None):
if username == 'admin' and password == 'secret':
info = {'sub': 'admin', 'scope': 'secret'}
elif username == 'foo' and password == 'bar':
info = {'sub': 'user1', 'scope': ''}
else:
# optional: raise exception for custom error response
return None
# optional
if required_scopes is not None and not validate_scope(required_scopes, info['scope']):
raise OAuthScopeProblem(
description='Provided user doesn\'t have the required access rights',
required_scopes=required_scopes,
token_scopes=info['scope']
)
return info