def test_meta(self) -> None:
# This is a valid package containing other packages... but no task will be found
tasks = Meta.get_celery_tasks("restapi.utilities")
assert isinstance(tasks, list)
assert len(tasks) == 0
tasks = Meta.get_celery_tasks("this-should-not-exist")
assert isinstance(tasks, list)
assert len(tasks) == 0
mcls = Meta.get_classes_from_module(
"this-should-not-exist") # type: ignore
assert isinstance(mcls, dict)
assert len(mcls) == 0
assert not Meta.get_module_from_string("this-should-not-exist")
try:
Meta.get_module_from_string(
"this-should-not-exist",
exit_on_fail=True,
)
pytest.fail("ModuleNotFoundError not raised") # pragma: no cover
except ModuleNotFoundError:
pass
# This method is not very robust... but... let's test the current implementation
# It basicaly return the first args if it is an instance of some classes
assert not Meta.get_self_reference_from_args()
selfref = Meta.get_self_reference_from_args("test")
assert selfref == "test"
models = Meta.import_models("this-should",
"not-exist",
mandatory=False)
assert isinstance(models, dict)
assert len(models) == 0
try:
Meta.import_models("this-should", "not-exist", mandatory=True)
pytest.fail("SystemExit not raised") # pragma: no cover
except SystemExit:
pass
# Check exit_on_fail default value
models = Meta.import_models("this-should", "not-exist")
assert isinstance(models, dict)
assert len(models) == 0
assert Meta.get_instance("invalid.path", "InvalidClass") is None
assert Meta.get_instance("customization", "InvalidClass") is None
assert Meta.get_instance("customization", "Customizer") is not None
def wrapper(*args, **kwargs):
# Recover the auth object
auth_type, token = self.get_authorization_token(
allow_access_token_parameter=allow_access_token_parameter)
# Base header for errors
headers = {HTTPAUTH_AUTH_HEADER: self.authenticate_header()}
# Internal API 'self' reference
decorated_self = Meta.get_self_reference_from_args(*args)
if auth_type is None or auth_type.lower(
) != self._scheme.lower():
# Wrong authentication string
msg = (
"Missing credentials in headers, e.g. {}: '{} TOKEN'".
format(HTTPAUTH_AUTH_FIELD, HTTPAUTH_DEFAULT_SCHEME))
log.info("Unauthorized request: missing credentials")
return decorated_self.force_response(
errors=msg,
code=hcodes.HTTP_BAD_UNAUTHORIZED,
headers=headers,
)
# Handling OPTIONS forwarded to our application:
# ignore headers and let go, avoid unwanted interactions with CORS
if request.method != 'OPTIONS':
# Check authentication
token_fn = decorated_self.auth.verify_token
if not self.authenticate(token_fn, token):
# Clear TCP receive buffer of any pending data
log.verbose(request.data)
# Mimic the response from a normal endpoint
# To use the same standards
log.info("Invalid token received '{}'", token)
return decorated_self.force_response(
errors="Invalid token received",
code=hcodes.HTTP_BAD_UNAUTHORIZED,
headers=headers)
# Check roles
if len(roles) > 0:
roles_fn = decorated_self.auth.verify_roles
if not self.authenticate_roles(roles_fn, roles,
required_roles):
log.info("Unauthorized request: missing privileges")
return decorated_self.force_response(
errors="You are not authorized: missing privileges",
code=hcodes.HTTP_BAD_UNAUTHORIZED,
)
return func(*args, **kwargs)
def wrapper(*args: Any, **kwargs: Any) -> Any:
# Recover the auth object
auth_type, token = HTTPTokenAuth.get_authorization_token(
allow_access_token_parameter=allow_access_token_parameter)
# Internal API 'self' reference
caller = Meta.get_self_reference_from_args(*args)
if caller is None: # pragma: no cover
# An exit here is really really dangerous, but even if
# get_self_reference_from_args can return None, this case is quite
# impossible... however with None the server can't continue!
print_and_exit(
"Server misconfiguration, self reference can't be None!"
)
if (auth_type is not None and auth_type == HTTPAUTH_SCHEME
and request.method != "OPTIONS"):
# valid, token, jti, user
valid, token, _, user = caller.auth.verify_token(token)
# Check authentication. Optional authentication is valid if:
# 1) token is missing
# 2) token is valid
# Invalid tokens are rejected
if not valid:
# Clear TCP receive buffer of any pending data
_ = request.data
# Mimic the response from a normal endpoint
# To use the same standards
# log.info("Invalid token received '{}'", token)
log.debug("Invalid token received")
return caller.response(
"Invalid token received",
headers=HTTPAUTH_ERR_HEADER,
code=401,
allow_html=True,
)
caller.authorized_user = user.uuid
kwargs["user"] = user
request.environ[TOKEN_VALIDATED_KEY] = True
else:
kwargs["user"] = None
return func(*args, **kwargs)
def wrapper(*args: Any, **kwargs: Any) -> Any:
# Recover the auth object
auth_type, token = HTTPTokenAuth.get_authorization_token(
allow_access_token_parameter=allow_access_token_parameter)
# Internal API 'self' reference
caller = Meta.get_self_reference_from_args(*args)
if caller is None: # pragma: no cover
# An exit here is really really dangerous, but even if
# get_self_reference_from_args can return None, this case is quite
# impossible... however with None the server can't continue!
print_and_exit(
"Server misconfiguration, self reference can't be None!"
)
if auth_type is None or auth_type != HTTPAUTH_SCHEME:
# Wrong authentication string
msg = (
"Missing credentials in headers"
f", e.g. {HTTPAUTH_AUTH_FIELD}: '{HTTPAUTH_SCHEME} TOKEN'"
)
log.debug("Unauthorized request: missing credentials")
return caller.response(msg,
code=401,
headers=HTTPAUTH_ERR_HEADER,
allow_html=True)
# Handling OPTIONS forwarded to our application:
# ignore headers and let go, avoid unwanted interactions with CORS
if request.method != "OPTIONS":
# valid, token, jti, user
valid, token, _, user = caller.auth.verify_token(token)
# Check authentication
if not valid:
# Clear TCP receive buffer of any pending data
_ = request.data
# Mimic the response from a normal endpoint
# To use the same standards
# log.info("Invalid token received '{}'", token)
log.debug("Invalid token received")
return caller.response(
"Invalid token received",
headers=HTTPAUTH_ERR_HEADER,
code=401,
allow_html=True,
)
request.environ[TOKEN_VALIDATED_KEY] = True
# Check roles
if not caller.auth.verify_roles(
user, roles, required_roles=required_roles):
log.info("Unauthorized request: missing privileges.")
return caller.response(
"You are not authorized: missing privileges",
code=401,
allow_html=True,
)
caller.authorized_user = user.uuid
kwargs["user"] = user
return func(*args, **kwargs)