vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Refactor auth code to be cleaner and more extensible

Browse source 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
This commit is contained in:
Joseph Schorr 2018-01-05 16:27:03 -05:00
parent 8ba2e71fb1
commit e220b50543
31 changed files with 822 additions and 436 deletions
Download patch file Download diff file Expand all files Collapse all files

6
auth/test/test_oauth.py
View file

@ -21,7 +21,7 @@ def test_valid_oauth(app):
token = list(model.oauth.list_access_tokens_for_user(user))[0]
result = validate_bearer_auth('bearer ' + token.access_token)
assert result.oauthtoken == token
assert result.context.oauthtoken == token
assert result.authed_user == user
assert result.auth_valid
@ -32,7 +32,7 @@ def test_disabled_user_oauth(app):
access_token='foo')
result = validate_bearer_auth('bearer ' + token.access_token)
assert result.oauthtoken is None
assert result.context.oauthtoken is None
assert result.authed_user is None
assert not result.auth_valid
assert result.error_message == 'Granter of the oauth access token is disabled'
@ -44,7 +44,7 @@ def test_expired_token(app):
access_token='bar', expires_in=-1000)
result = validate_bearer_auth('bearer ' + token.access_token)
assert result.oauthtoken is None
assert result.context.oauthtoken is None
assert result.authed_user is None
assert not result.auth_valid
assert result.error_message == 'OAuth access token has expired'