Add end-to-end OAuth login and attach tests
This commit is contained in:
Joseph Schorr
parent
36324708db
commit
dbdcb802b1
4 changed files with 194 additions and 13 deletions
|
|
@ -4,6 +4,7 @@ import logging
|
|||
import time
|
||||
|
||||
from cachetools import TTLCache
|
||||
from cachetools.func import lru_cache
|
||||
from jwkest.jwk import KEYS
|
||||
from util import slash_join
|
||||
|
||||
|
|
@ -64,12 +65,14 @@ class OAuthConfig(object):
|
|||
else:
|
||||
get_access_token = http_client.post(token_url, params=payload, headers=headers, auth=auth)
|
||||
|
||||
if get_access_token.status_code / 100 != 2:
|
||||
return None
|
||||
|
||||
json_data = get_access_token.json()
|
||||
if not json_data:
|
||||
return ''
|
||||
return None
|
||||
|
||||
token = json_data.get('access_token', '')
|
||||
return token
|
||||
return json_data.get('access_token', None)
|
||||
|
||||
|
||||
class GithubOAuthConfig(OAuthConfig):
|
||||
|
|
@ -265,11 +268,15 @@ class OIDCConfig(OAuthConfig):
|
|||
super(OIDCConfig, self).__init__(config, key_name)
|
||||
|
||||
self._public_key_cache = TTLCache(1, PUBLIC_KEY_CACHE_TTL, missing=self._get_public_key)
|
||||
self._oidc_config = {}
|
||||
self._config = config
|
||||
self._http_client = config['HTTPCLIENT']
|
||||
|
||||
@lru_cache(maxsize=1)
|
||||
def _oidc_config(self):
|
||||
if self.config.get('OIDC_SERVER'):
|
||||
self._load_via_discovery(config.get('DEBUGGING', False))
|
||||
return self._load_via_discovery(self._config.get('DEBUGGING', False))
|
||||
else:
|
||||
return {}
|
||||
|
||||
def _load_via_discovery(self, is_debugging):
|
||||
oidc_server = self.config['OIDC_SERVER']
|
||||
|
|
@ -283,16 +290,16 @@ class OIDCConfig(OAuthConfig):
|
|||
raise Exception("Could not load OIDC discovery information")
|
||||
|
||||
try:
|
||||
self._oidc_config = json.loads(discovery.text)
|
||||
return json.loads(discovery.text)
|
||||
except ValueError:
|
||||
logger.exception('Could not parse OIDC discovery for url: %s', discovery_url)
|
||||
raise Exception("Could not parse OIDC discovery information")
|
||||
|
||||
def authorize_endpoint(self):
|
||||
return self._oidc_config.get('authorization_endpoint', '') + '?'
|
||||
return self._oidc_config().get('authorization_endpoint', '') + '?'
|
||||
|
||||
def token_endpoint(self):
|
||||
return self._oidc_config.get('token_endpoint')
|
||||
return self._oidc_config().get('token_endpoint')
|
||||
|
||||
def user_endpoint(self):
|
||||
return None
|
||||
|
|
@ -322,9 +329,9 @@ class OIDCConfig(OAuthConfig):
|
|||
# a random key chose to be stored in the cache, and could be anything.
|
||||
return self._public_key_cache[None]
|
||||
|
||||
def _get_public_key(self):
|
||||
def _get_public_key(self, _):
|
||||
""" Retrieves the public key for this handler. """
|
||||
keys_url = self._oidc_config['jwks_uri']
|
||||
keys_url = self._oidc_config()['jwks_uri']
|
||||
|
||||
keys = KEYS()
|
||||
keys.load_from_url(keys_url)
|
||||
|
|
|
|||
Reference in a new issue