Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue 1058 | Gateway: allow nested fields verification #1059

Merged
merged 2 commits into from
Oct 31, 2023
Merged

Issue 1058 | Gateway: allow nested fields verification #1059

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4f97be2
Issue 1058 | Gateway: allow nested fields verification
IceKhan13 Oct 30, 2023
a720041
Issue 1058 | Docstring
IceKhan13 Oct 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 10 additions & 3 deletions gateway/api/authentication.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,16 @@ def authenticate(self, request):
)

if verification_data is not None:
verified = verification_data.get(
settings.SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD, False
)
verifications = []
for (
verification_field
) in settings.SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD.split(";"):
nested_field_value = verification_data
for nested_field in verification_field.split(","):
nested_field_value = nested_field_value.get(nested_field)
verifications.append(nested_field_value)

verified = all(verifications)

if user_id is not None and verified:
try:
Expand Down
14 changes: 14 additions & 0 deletions gateway/main/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,20 @@
SETTINGS_TOKEN_AUTH_VERIFICATION_URL = os.environ.get(
"SETTINGS_TOKEN_AUTH_VERIFICATION_URL", None
)
# verification fields to check when returned from auth api
# Example of checking multiple fields:
# For following verification data
# {
# "is_valid": true,
# "some": {
# "nested": {
# "field": true
# },
# "other": "bla"
# }
# }
# setting string will be:
# "SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD", "is_valid;some,nested,field"
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD = os.environ.get(
"SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD", None
)
Expand Down
63 changes: 63 additions & 0 deletions gateway/tests/api/test_authentication.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,3 +43,66 @@ def test_custom_token_authentication(self):
self.assertEqual(token.token, b"AWESOME_TOKEN")

self.assertEqual(user.username, "AwesomeUser")

@responses.activate
def test_with_nested_verification_fields(self):
"""Tests custom token auth."""
responses.add(
responses.POST,
"http://token_auth_url",
json={"userId": "AwesomeUser", "id": "requestId"},
status=200,
)

responses.add(
responses.GET,
"http://token_auth_verification_url",
json={"is_valid": True, "other": {"nested": {"field": "something_here"}}},
status=200,
)

custom_auth = CustomTokenBackend()
request = MagicMock()
request.META.get.return_value = "Bearer AWESOME_TOKEN"

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,nested,field",
):
user, token = custom_auth.authenticate(request)

self.assertIsInstance(token, CustomToken)
self.assertEqual(token.token, b"AWESOME_TOKEN")

self.assertEqual(user.username, "AwesomeUser")

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,WRONG_NESTED_FIELD",
):
user, token = custom_auth.authenticate(request)

self.assertIsNone(user)
self.assertEqual(token.token, b"AWESOME_TOKEN")

responses.add(
responses.GET,
"http://token_auth_verification_url",
json={"is_valid": True, "other": "no nested fields"},
status=200,
)

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,nested,field",
):
# this should raise an error as `SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD`
# is not configured properly
with self.assertRaises(AttributeError):
custom_auth.authenticate(request)