Skip to content

Commit

Permalink
Issue 1058 | Gateway: allow nested fields verification (#1059)
Browse files Browse the repository at this point in the history
  • Loading branch information
@IceKhan13
IceKhan13 authored Oct 31, 2023
1 parent e60d0ee commit c750dbe
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 3 deletions.
13 changes: 10 additions & 3 deletions gateway/api/authentication.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,16 @@ def authenticate(self, request):
)

if verification_data is not None:
verified = verification_data.get(
settings.SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD, False
)
verifications = []
for (
verification_field
) in settings.SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD.split(";"):
nested_field_value = verification_data
for nested_field in verification_field.split(","):
nested_field_value = nested_field_value.get(nested_field)
verifications.append(nested_field_value)

verified = all(verifications)

if user_id is not None and verified:
try:
Expand Down
14 changes: 14 additions & 0 deletions gateway/main/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,20 @@
SETTINGS_TOKEN_AUTH_VERIFICATION_URL = os.environ.get(
"SETTINGS_TOKEN_AUTH_VERIFICATION_URL", None
)
# verification fields to check when returned from auth api
# Example of checking multiple fields:
# For following verification data
# {
# "is_valid": true,
# "some": {
# "nested": {
# "field": true
# },
# "other": "bla"
# }
# }
# setting string will be:
# "SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD", "is_valid;some,nested,field"
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD = os.environ.get(
"SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD", None
)
Expand Down
63 changes: 63 additions & 0 deletions gateway/tests/api/test_authentication.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,3 +43,66 @@ def test_custom_token_authentication(self):
self.assertEqual(token.token, b"AWESOME_TOKEN")

self.assertEqual(user.username, "AwesomeUser")

@responses.activate
def test_with_nested_verification_fields(self):
"""Tests custom token auth."""
responses.add(
responses.POST,
"http://token_auth_url",
json={"userId": "AwesomeUser", "id": "requestId"},
status=200,
)

responses.add(
responses.GET,
"http://token_auth_verification_url",
json={"is_valid": True, "other": {"nested": {"field": "something_here"}}},
status=200,
)

custom_auth = CustomTokenBackend()
request = MagicMock()
request.META.get.return_value = "Bearer AWESOME_TOKEN"

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,nested,field",
):
user, token = custom_auth.authenticate(request)

self.assertIsInstance(token, CustomToken)
self.assertEqual(token.token, b"AWESOME_TOKEN")

self.assertEqual(user.username, "AwesomeUser")

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,WRONG_NESTED_FIELD",
):
user, token = custom_auth.authenticate(request)

self.assertIsNone(user)
self.assertEqual(token.token, b"AWESOME_TOKEN")

responses.add(
responses.GET,
"http://token_auth_verification_url",
json={"is_valid": True, "other": "no nested fields"},
status=200,
)

with self.settings(
SETTINGS_TOKEN_AUTH_URL="http://token_auth_url",
SETTINGS_TOKEN_AUTH_USER_FIELD="userId",
SETTINGS_TOKEN_AUTH_VERIFICATION_URL="http://token_auth_verification_url",
SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD="is_valid;other,nested,field",
):
# this should raise an error as `SETTINGS_TOKEN_AUTH_VERIFICATION_FIELD`
# is not configured properly
with self.assertRaises(AttributeError):
custom_auth.authenticate(request)

0 comments on commit c750dbe

Please sign in to comment.