Add a security scanner api config object for params

Change SecScanAPI to use a uri creation func instead of test context Pass config provider through validator context Remove app config dependency for validators
2018-05-29 13:50:51 -04:00 · 2018-05-29 13:50:51 -04:00 · 7df8ed4a60
commit 7df8ed4a60
parent 554d4f47a8
47 changed files with 305 additions and 166 deletions
--- a/util/config/validators/validate_jwt.py
+++ b/util/config/validators/validate_jwt.py
@ -1,4 +1,4 @@
-from _init import OVERRIDE_CONFIG_DIRECTORY
+import os
 from data.users.externaljwt import ExternalJWTAuthN
 from util.config.validators import BaseValidator, ConfigValidationException

@ -13,6 +13,7 @@ class JWTAuthValidator(BaseValidator):
    user_password = validator_context.user_password
    http_client = validator_context.http_client
    jwt_auth_max = validator_context.jwt_auth_max
+    config_provider = validator_context.config_provider

    if config.get('AUTHENTICATION_TYPE', 'Database') != 'JWT':
      return
@ -29,10 +30,13 @@ class JWTAuthValidator(BaseValidator):
    if not issuer:
      raise ConfigValidationException('Missing JWT Issuer ID')

+
+    override_config_directory = os.path.join(config_provider.get_config_root(), 'stack/')
+
    # Try to instatiate the JWT authentication mechanism. This will raise an exception if
    # the key cannot be found.
    users = ExternalJWTAuthN(verify_endpoint, query_endpoint, getuser_endpoint, issuer,
-                             OVERRIDE_CONFIG_DIRECTORY,
+                             override_config_directory,
                             http_client,
                             jwt_auth_max,
                             public_key_path=public_key_path,