vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #3096 from quay/refactor/secscan-simple

Browse source 
Refactor validators to decouple app
This commit is contained in:
Sam Chow 2018-06-01 15:44:18 -04:00 committed by GitHub
commit 7f21d0da58
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
63 changed files with 510 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

10
endpoints/api/suconfig.py
View file

@ -7,7 +7,7 @@ import subprocess
from flask import abort
from app import app, config_provider, superusers, OVERRIDE_CONFIG_DIRECTORY
from app import app, config_provider, superusers, OVERRIDE_CONFIG_DIRECTORY, ip_resolver
from auth.permissions import SuperUserPermission
from auth.auth_context import get_authenticated_user
from data.database import configure
@ -20,7 +20,7 @@ from endpoints.api import (ApiResource, nickname, resource, internal_only, show_
from endpoints.common import common_login
from util.config.configutil import add_enterprise_config_defaults
from util.config.database import sync_database_with_config
from util.config.validator import validate_service_for_config, is_valid_config_upload_filename
from util.config.validator import validate_service_for_config, is_valid_config_upload_filename, ValidatorContext
import features
@ -405,6 +405,10 @@ class SuperUserConfigValidate(ApiResource):
# this is also safe since this method does not access any information not given in the request.
if not config_provider.config_exists() or SuperUserPermission().can():
config = request.get_json()['config']
return validate_service_for_config(service, config, request.get_json().get('password', ''))
validator_context = ValidatorContext.from_app(app, config, request.get_json().get('password', ''),
ip_resolver=ip_resolver,
config_provider=config_provider)
return validate_service_for_config(service, validator_context)
abort(403)

4
endpoints/api/user.py
View file

@ -12,7 +12,7 @@ from peewee import IntegrityError
import features
from app import (app, billing as stripe, authentication, avatar, user_analytics, all_queues,
oauth_login, namespace_gc_queue, ip_resolver)
oauth_login, namespace_gc_queue, ip_resolver, url_scheme_and_hostname)
from auth import scopes
from auth.auth_context import get_authenticated_user
@ -785,7 +785,7 @@ class ExternalLoginInformation(ApiResource):
try:
login_scopes = login_service.get_login_scopes()
auth_url = login_service.get_auth_url(app.config, redirect_suffix, csrf_token, login_scopes)
auth_url = login_service.get_auth_url(url_scheme_and_hostname, redirect_suffix, csrf_token, login_scopes)
return {'auth_url': auth_url}
except DiscoveryFailureException as dfe:
logger.exception('Could not discovery OAuth endpoint information')