Skip to content
Snippets Groups Projects
Commit f6dc5ba9 authored by geant-release-service's avatar geant-release-service
Browse files

Finished release 2.4.

parents 7cf14fc8 dd9c37a0
Branches
Tags
No related merge requests found
Pipeline #87365 passed
......@@ -2,6 +2,9 @@
All notable changes to this project will be documented in this file.
## [2.4] - 2024-06-25
- Fixed the issue with client_credentials grant type token in Authentication part.
## [2.3] - 2024-06-19
- Changed Modify IP trunk label to Modify ISIS
......
......@@ -239,11 +239,14 @@ class OIDCUser(HTTPBearer):
logger.info("User is not active", url=request.url, user_info=intercepted_token)
raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail="User is not active")
user_info = await self.userinfo(async_request, token)
user_info["client_id"] = intercepted_token.get("client_id")
client_id = intercepted_token.get("client_id")
if "sub" not in intercepted_token:
return OIDCUserModel(client_id=client_id)
user_info = await self.userinfo(async_request, token)
user_info["client_id"] = client_id
logger.debug("OIDCUserModel object.", intercepted_token=intercepted_token)
return user_info
async def check_openid_config(self, async_request: AsyncClient) -> None:
......
......@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
setup(
name="geant-service-orchestrator",
version="2.3",
version="2.4",
author="GÉANT Orchestration and Automation Team",
author_email="goat@geant.org",
description="GÉANT Service Orchestrator",
......
......@@ -237,7 +237,7 @@ def test_evaluate_decision_deny_with_auto_error():
@pytest.mark.asyncio()
async def test_oidc_user_call_with_token(oidc_user, mock_request, mock_async_client):
oidc_user.introspect_token = AsyncMock(return_value={"active": True})
oidc_user.introspect_token = AsyncMock(return_value={"active": True, "sub": "123", "client_id": "test_client"})
oidc_user.userinfo = AsyncMock(return_value=OIDCUserModel({"sub": "123", "name": "John Doe"}))
result = await oidc_user.__call__(mock_request, token="test_token") # noqa: S106
......@@ -245,11 +245,24 @@ async def test_oidc_user_call_with_token(oidc_user, mock_request, mock_async_cli
assert isinstance(result, OIDCUserModel)
assert result["sub"] == "123"
assert result["name"] == "John Doe"
assert result["client_id"] == "test_client"
@pytest.mark.asyncio()
async def test_oidc_user_call_with_client_credential_token(oidc_user, mock_request, mock_async_client):
oidc_user.introspect_token = AsyncMock(return_value={"active": True})
oidc_user.userinfo = AsyncMock(return_value=OIDCUserModel({"sub": "123", "name": "John Doe"}))
result = await oidc_user.__call__(mock_request, token="test_token") # noqa: S106
assert isinstance(result, OIDCUserModel)
assert result["client_id"] is None
oidc_user.userinfo.assert_not_called()
@pytest.mark.asyncio()
async def test_oidc_user_call_inactive_token(oidc_user, mock_request, mock_async_client):
oidc_user.introspect_token = AsyncMock(return_value={"active": False})
oidc_user.introspect_token = AsyncMock(return_value={"active": False, "sub": "123"})
with pytest.raises(HTTPException) as exc_info:
await oidc_user.__call__(mock_request, token="test_token") # noqa: S106
......@@ -278,7 +291,7 @@ async def test_oidc_user_call_token_from_request(oidc_user, mock_request, mock_a
mock_request.state.credentials = Mock()
mock_request.state.credentials.credentials = "request_token"
oidc_user.introspect_token = AsyncMock(return_value={"active": True})
oidc_user.introspect_token = AsyncMock(return_value={"active": True, "sub": "123"})
oidc_user.userinfo = AsyncMock(return_value=OIDCUserModel({"sub": "123", "name": "John Doe"}))
result = await oidc_user.__call__(mock_request) # noqa: PLC2801
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment