add todo for inventory-provider and client-credential flow

76a4008d · Mohammad Torkashvand · ba98cc43 · 76a4008d · 76a4008d · 76a4008d
Commit 76a4008d authored 11 months ago by Mohammad Torkashvand
--- a/gso/__init__.py
+++ b/gso/__init__.py
@@ -9,6 +9,9 @@ from orchestrator.graphql import SCALAR_OVERRIDES
 import gso.products
 import gso.workflows  # noqa: F401
 from gso.api import router as api_router
+from gso.auth.oidc import oidc_instance
+from gso.auth.opa import opa_instance
+from gso.middlewares import ModifyProcessEndpointResponse
 from gso.graphql_api.types import GSO_SCALAR_OVERRIDES

 SCALAR_OVERRIDES.update(GSO_SCALAR_OVERRIDES)
@@ -17,6 +20,8 @@ SCALAR_OVERRIDES.update(GSO_SCALAR_OVERRIDES)
 def init_gso_app() -> OrchestratorCore:
    """Initialise the :term:`GSO` app."""
    app = OrchestratorCore(base_settings=app_settings)
+    app.register_authentication(oidc_instance)
+    app.register_authorization(opa_instance)
    app.register_graphql()
    app.include_router(api_router, prefix="/api")
    return app

--- a/gso/api/v1/processes.py
+++ b/gso/api/v1/processes.py
@@ -6,11 +6,10 @@ from uuid import UUID
 from fastapi import APIRouter, Depends, HTTPException, status
 from orchestrator.db import ProcessStepTable
 from orchestrator.schemas.base import OrchestratorBaseModel
-from orchestrator.security import get_authorization
+from orchestrator.security import authorize

-authorization = get_authorization()

-router = APIRouter(prefix="/processes", tags=["Processes"], dependencies=[Depends(authorization.authorize)])
+router = APIRouter(prefix="/processes", tags=["Processes"], dependencies=[Depends(authorize)])


 class CallBackResultsBaseModel(OrchestratorBaseModel):

--- a/gso/auth/opa.py
+++ b/gso/auth/opa.py
@@ -21,11 +21,6 @@ class OPAAuthorization(OPAAuthorization):
            cls._instance = super(OPAAuthorization, cls).__new__(cls)
        return cls._instance

-    async def authorize(
-        self, request: Request, user_info: OIDCUserModel = Depends(oidc_instance.authenticate)
-    ) -> bool | None:
-        return await super().authorize(request, user_info)
-
    async def get_decision(self, async_request: AsyncClient, opa_input: dict) -> OPAResult:
        logger.debug("Posting input json to Policy agent", opa_url=self.opa_url, input=opa_input)
        try:
@@ -42,3 +37,5 @@ class OPAAuthorization(OPAAuthorization):
 opa_instance = OPAAuthorization(
    opa_url=oauth2lib_settings.OPA_URL,
 )
+
+# TODO - Think about Inventoryo-provider since it is not defined in the code but is used in the old branch
\ No newline at end of file