def test_meta(self) -> None: # This is a valid package containing other packages... but no task will be found tasks = Meta.get_celery_tasks("restapi.utilities") assert isinstance(tasks, list) assert len(tasks) == 0 tasks = Meta.get_celery_tasks("this-should-not-exist") assert isinstance(tasks, list) assert len(tasks) == 0 mcls = Meta.get_classes_from_module( "this-should-not-exist") # type: ignore assert isinstance(mcls, dict) assert len(mcls) == 0 assert not Meta.get_module_from_string("this-should-not-exist") try: Meta.get_module_from_string( "this-should-not-exist", exit_on_fail=True, ) pytest.fail("ModuleNotFoundError not raised") # pragma: no cover except ModuleNotFoundError: pass # This method is not very robust... but... let's test the current implementation # It basicaly return the first args if it is an instance of some classes assert not Meta.get_self_reference_from_args() selfref = Meta.get_self_reference_from_args("test") assert selfref == "test" models = Meta.import_models("this-should", "not-exist", mandatory=False) assert isinstance(models, dict) assert len(models) == 0 try: Meta.import_models("this-should", "not-exist", mandatory=True) pytest.fail("SystemExit not raised") # pragma: no cover except SystemExit: pass # Check exit_on_fail default value models = Meta.import_models("this-should", "not-exist") assert isinstance(models, dict) assert len(models) == 0 assert Meta.get_instance("invalid.path", "InvalidClass") is None assert Meta.get_instance("customization", "InvalidClass") is None assert Meta.get_instance("customization", "Customizer") is not None
def wrapper(*args, **kwargs): # Recover the auth object auth_type, token = self.get_authorization_token( allow_access_token_parameter=allow_access_token_parameter) # Base header for errors headers = {HTTPAUTH_AUTH_HEADER: self.authenticate_header()} # Internal API 'self' reference decorated_self = Meta.get_self_reference_from_args(*args) if auth_type is None or auth_type.lower( ) != self._scheme.lower(): # Wrong authentication string msg = ( "Missing credentials in headers, e.g. {}: '{} TOKEN'". format(HTTPAUTH_AUTH_FIELD, HTTPAUTH_DEFAULT_SCHEME)) log.info("Unauthorized request: missing credentials") return decorated_self.force_response( errors=msg, code=hcodes.HTTP_BAD_UNAUTHORIZED, headers=headers, ) # Handling OPTIONS forwarded to our application: # ignore headers and let go, avoid unwanted interactions with CORS if request.method != 'OPTIONS': # Check authentication token_fn = decorated_self.auth.verify_token if not self.authenticate(token_fn, token): # Clear TCP receive buffer of any pending data log.verbose(request.data) # Mimic the response from a normal endpoint # To use the same standards log.info("Invalid token received '{}'", token) return decorated_self.force_response( errors="Invalid token received", code=hcodes.HTTP_BAD_UNAUTHORIZED, headers=headers) # Check roles if len(roles) > 0: roles_fn = decorated_self.auth.verify_roles if not self.authenticate_roles(roles_fn, roles, required_roles): log.info("Unauthorized request: missing privileges") return decorated_self.force_response( errors="You are not authorized: missing privileges", code=hcodes.HTTP_BAD_UNAUTHORIZED, ) return func(*args, **kwargs)
def wrapper(*args: Any, **kwargs: Any) -> Any: # Recover the auth object auth_type, token = HTTPTokenAuth.get_authorization_token( allow_access_token_parameter=allow_access_token_parameter) # Internal API 'self' reference caller = Meta.get_self_reference_from_args(*args) if caller is None: # pragma: no cover # An exit here is really really dangerous, but even if # get_self_reference_from_args can return None, this case is quite # impossible... however with None the server can't continue! print_and_exit( "Server misconfiguration, self reference can't be None!" ) if (auth_type is not None and auth_type == HTTPAUTH_SCHEME and request.method != "OPTIONS"): # valid, token, jti, user valid, token, _, user = caller.auth.verify_token(token) # Check authentication. Optional authentication is valid if: # 1) token is missing # 2) token is valid # Invalid tokens are rejected if not valid: # Clear TCP receive buffer of any pending data _ = request.data # Mimic the response from a normal endpoint # To use the same standards # log.info("Invalid token received '{}'", token) log.debug("Invalid token received") return caller.response( "Invalid token received", headers=HTTPAUTH_ERR_HEADER, code=401, allow_html=True, ) caller.authorized_user = user.uuid kwargs["user"] = user request.environ[TOKEN_VALIDATED_KEY] = True else: kwargs["user"] = None return func(*args, **kwargs)
def wrapper(*args: Any, **kwargs: Any) -> Any: # Recover the auth object auth_type, token = HTTPTokenAuth.get_authorization_token( allow_access_token_parameter=allow_access_token_parameter) # Internal API 'self' reference caller = Meta.get_self_reference_from_args(*args) if caller is None: # pragma: no cover # An exit here is really really dangerous, but even if # get_self_reference_from_args can return None, this case is quite # impossible... however with None the server can't continue! print_and_exit( "Server misconfiguration, self reference can't be None!" ) if auth_type is None or auth_type != HTTPAUTH_SCHEME: # Wrong authentication string msg = ( "Missing credentials in headers" f", e.g. {HTTPAUTH_AUTH_FIELD}: '{HTTPAUTH_SCHEME} TOKEN'" ) log.debug("Unauthorized request: missing credentials") return caller.response(msg, code=401, headers=HTTPAUTH_ERR_HEADER, allow_html=True) # Handling OPTIONS forwarded to our application: # ignore headers and let go, avoid unwanted interactions with CORS if request.method != "OPTIONS": # valid, token, jti, user valid, token, _, user = caller.auth.verify_token(token) # Check authentication if not valid: # Clear TCP receive buffer of any pending data _ = request.data # Mimic the response from a normal endpoint # To use the same standards # log.info("Invalid token received '{}'", token) log.debug("Invalid token received") return caller.response( "Invalid token received", headers=HTTPAUTH_ERR_HEADER, code=401, allow_html=True, ) request.environ[TOKEN_VALIDATED_KEY] = True # Check roles if not caller.auth.verify_roles( user, roles, required_roles=required_roles): log.info("Unauthorized request: missing privileges.") return caller.response( "You are not authorized: missing privileges", code=401, allow_html=True, ) caller.authorized_user = user.uuid kwargs["user"] = user return func(*args, **kwargs)