From 1104bde5b43efde9a5863629283d1e2a3ca27f5c Mon Sep 17 00:00:00 2001 From: Daniel Grams Date: Fri, 12 Feb 2021 09:03:34 +0100 Subject: [PATCH 1/5] Make Swagger Auth URLs https #107 --- project/init_data.py | 13 +++++++++++-- tests/test_init_data.py | 14 ++++++++++++++ 2 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 tests/test_init_data.py diff --git a/project/init_data.py b/project/init_data.py index 28c6500..ab59ac0 100644 --- a/project/init_data.py +++ b/project/init_data.py @@ -6,14 +6,23 @@ from project.services.event import upsert_event_category from project.models import Location from flask import url_for from apispec.exceptions import DuplicateComponentNameError +import os @app.before_first_request def add_oauth2_scheme(): + # At some sites the https scheme is not set yet + if os.getenv("AUTHLIB_INSECURE_TRANSPORT", "False").lower() in ["true", "1"]: + authorizationUrl = url_for("authorize", _external=True) + tokenUrl = url_for("issue_token", _external=True) + else: + authorizationUrl = url_for("authorize", _external=True, _scheme="https") + tokenUrl = url_for("issue_token", _external=True, _scheme="https") + oauth2_scheme = { "type": "oauth2", - "authorizationUrl": url_for("authorize", _external=True), - "tokenUrl": url_for("issue_token", _external=True), + "authorizationUrl": authorizationUrl, + "tokenUrl": tokenUrl, "flow": "accessCode", "scopes": scopes, } diff --git a/tests/test_init_data.py b/tests/test_init_data.py new file mode 100644 index 0000000..a7dceb7 --- /dev/null +++ b/tests/test_init_data.py @@ -0,0 +1,14 @@ +import pytest + + +@pytest.mark.parametrize("insecure", [None, "0", "1"]) +def test_add_oauth2_scheme(app, utils, insecure): + import os + + if insecure: + os.environ["AUTHLIB_INSECURE_TRANSPORT"] = insecure + else: + del os.environ["AUTHLIB_INSECURE_TRANSPORT"] + + url = utils.get_url("home") + utils.get_ok(url) From 0fb69ec3c2bfd6ff32dc119bbd869976e622ec77 Mon Sep 17 00:00:00 2001 From: Daniel Grams Date: Fri, 12 Feb 2021 09:29:50 +0100 Subject: [PATCH 2/5] Make Swagger Auth URLs https #107 --- tests/test_init_data.py | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/tests/test_init_data.py b/tests/test_init_data.py index a7dceb7..4fc81ab 100644 --- a/tests/test_init_data.py +++ b/tests/test_init_data.py @@ -1,14 +1,7 @@ -import pytest - - -@pytest.mark.parametrize("insecure", [None, "0", "1"]) -def test_add_oauth2_scheme(app, utils, insecure): +def test_add_oauth2_scheme(app, utils): import os - if insecure: - os.environ["AUTHLIB_INSECURE_TRANSPORT"] = insecure - else: - del os.environ["AUTHLIB_INSECURE_TRANSPORT"] + del os.environ["AUTHLIB_INSECURE_TRANSPORT"] url = utils.get_url("home") utils.get_ok(url) From 78197986e993d9f98c0392f56965bb446e1b213b Mon Sep 17 00:00:00 2001 From: Daniel Grams Date: Fri, 12 Feb 2021 09:39:35 +0100 Subject: [PATCH 3/5] Make Swagger Auth URLs https #107 --- tests/conftest.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/conftest.py b/tests/conftest.py index 7572e7e..7e1a454 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -13,6 +13,8 @@ def pytest_generate_tests(metafunc): @pytest.fixture def app(): + os.environ["AUTHLIB_INSECURE_TRANSPORT"] = "1" + from project import app app.config["TESTING"] = True From d38afdca2b1474c42b76656868b5143895a1f9fe Mon Sep 17 00:00:00 2001 From: Daniel Grams Date: Fri, 12 Feb 2021 10:22:59 +0100 Subject: [PATCH 4/5] Make Swagger Auth URLs https #107 --- project/api/__init__.py | 24 ++++++++++++++++++++++++ project/init_data.py | 25 +++---------------------- tests/api/test___init__.py | 8 ++++++++ tests/conftest.py | 2 -- tests/test_init_data.py | 7 ------- 5 files changed, 35 insertions(+), 31 deletions(-) delete mode 100644 tests/test_init_data.py diff --git a/project/api/__init__.py b/project/api/__init__.py index 4ca00d0..7662634 100644 --- a/project/api/__init__.py +++ b/project/api/__init__.py @@ -9,6 +9,8 @@ from flask_marshmallow import Marshmallow from apispec import APISpec from apispec.ext.marshmallow import MarshmallowPlugin from flask_apispec.extension import FlaskApiSpec +from flask import url_for +from apispec.exceptions import DuplicateComponentNameError class RestApi(Api): @@ -139,6 +141,28 @@ def add_api_resource(resource, url, endpoint): api_docs.register(resource, endpoint=endpoint) +def add_oauth2_scheme_with_transport(insecure: bool): + if insecure: + authorizationUrl = url_for("authorize", _external=True) + tokenUrl = url_for("issue_token", _external=True) + else: + authorizationUrl = url_for("authorize", _external=True, _scheme="https") + tokenUrl = url_for("issue_token", _external=True, _scheme="https") + + oauth2_scheme = { + "type": "oauth2", + "authorizationUrl": authorizationUrl, + "tokenUrl": tokenUrl, + "flow": "accessCode", + "scopes": scopes, + } + + try: + api_docs.spec.components.security_scheme("oauth2", oauth2_scheme) + except DuplicateComponentNameError: # pragma: no cover + pass + + marshmallow_plugin.converter.add_attribute_function(enum_to_properties) import project.api.event.resources diff --git a/project/init_data.py b/project/init_data.py index ab59ac0..020ff27 100644 --- a/project/init_data.py +++ b/project/init_data.py @@ -1,36 +1,17 @@ from project import app, db -from project.api import api_docs, scopes +from project.api import add_oauth2_scheme_with_transport from project.services.user import upsert_user_role from project.services.admin_unit import upsert_admin_unit_member_role from project.services.event import upsert_event_category from project.models import Location -from flask import url_for -from apispec.exceptions import DuplicateComponentNameError import os @app.before_first_request def add_oauth2_scheme(): # At some sites the https scheme is not set yet - if os.getenv("AUTHLIB_INSECURE_TRANSPORT", "False").lower() in ["true", "1"]: - authorizationUrl = url_for("authorize", _external=True) - tokenUrl = url_for("issue_token", _external=True) - else: - authorizationUrl = url_for("authorize", _external=True, _scheme="https") - tokenUrl = url_for("issue_token", _external=True, _scheme="https") - - oauth2_scheme = { - "type": "oauth2", - "authorizationUrl": authorizationUrl, - "tokenUrl": tokenUrl, - "flow": "accessCode", - "scopes": scopes, - } - - try: - api_docs.spec.components.security_scheme("oauth2", oauth2_scheme) - except DuplicateComponentNameError: # pragma: no cover - pass + insecure = os.getenv("AUTHLIB_INSECURE_TRANSPORT", "False").lower() in ["true", "1"] + add_oauth2_scheme_with_transport(insecure) @app.before_first_request diff --git a/tests/api/test___init__.py b/tests/api/test___init__.py index 07f3d71..dd83f51 100644 --- a/tests/api/test___init__.py +++ b/tests/api/test___init__.py @@ -81,3 +81,11 @@ def test_handle_error_unspecificRaises(app): with pytest.raises(Exception): api.handle_error(error) + + +def test_add_oauth2_scheme(app, utils): + from project.api import add_oauth2_scheme_with_transport + + app.config["SERVER_NAME"] = "127.0.0.1" + with app.app_context(): + add_oauth2_scheme_with_transport(False) diff --git a/tests/conftest.py b/tests/conftest.py index 7e1a454..7572e7e 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -13,8 +13,6 @@ def pytest_generate_tests(metafunc): @pytest.fixture def app(): - os.environ["AUTHLIB_INSECURE_TRANSPORT"] = "1" - from project import app app.config["TESTING"] = True diff --git a/tests/test_init_data.py b/tests/test_init_data.py deleted file mode 100644 index 4fc81ab..0000000 --- a/tests/test_init_data.py +++ /dev/null @@ -1,7 +0,0 @@ -def test_add_oauth2_scheme(app, utils): - import os - - del os.environ["AUTHLIB_INSECURE_TRANSPORT"] - - url = utils.get_url("home") - utils.get_ok(url) From 0a8d814f41004fb80cf94295937767e6ddb28d95 Mon Sep 17 00:00:00 2001 From: Daniel Grams Date: Fri, 12 Feb 2021 10:35:51 +0100 Subject: [PATCH 5/5] Make Swagger Auth URLs https #107 --- tests/conftest.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/conftest.py b/tests/conftest.py index 7572e7e..5a2cb77 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -15,6 +15,7 @@ def pytest_generate_tests(metafunc): def app(): from project import app + app.config["SERVER_NAME"] = None app.config["TESTING"] = True app.testing = True