genenetwork3/gn3/auth/authentication/oauth2, branch auth/implement-authorization-code-flow

genenetwork3/gn3/auth/authentication/oauth2, branch auth/implement-authorization-code-flow GeneNetwork3 REST API for data science and machine learning http://git.genenetwork.org/genenetwork3/atom?h=auth%2Fimplement-authorization-code-flow 2023-05-09T10:15:47+00:00 auth: Implement "Authorization Code Flow" 2023-05-09T10:15:47+00:00 Frederick Muriuki Muriithi 2023-05-08T13:31:38+00:00 urn:sha1:5526f0316c2714d30e47a90f81e0ff686a29042f Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types. auth: Don't try loading the user if no client is found 2023-03-23T06:18:10+00:00 Frederick Muriuki Muriithi 2023-03-23T06:18:10+00:00 urn:sha1:d4b48aef6cca3182559f7479cace3bd77cc1fb40 Fix the bug where the system was trying to load a user from a non-existing OAuth2 client, leading to an exception. auth: separate user detail migration from data migration 2023-03-13T03:26:14+00:00 Frederick Muriuki Muriithi 2023-03-13T03:26:14+00:00 urn:sha1:4bcbe992b132dd77ff6f61185b0ad7299a4b7863 Due to the fact that the data migration requires higher privileges than the user details, separate the user details migration endpoint from the data migrations endpoint. auth: introspection: Protect introspection endpoint 2023-03-09T01:39:37+00:00 Frederick Muriuki Muriithi 2023-03-09T01:39:37+00:00 urn:sha1:dee42dd14dc7786b1ccf9465bb28dfe74024166c The introspection endpoint could contain privileged information, thus requires that the endpoint be protected. This commit ensures that a user has authenticated to the system and that the client they are using be one of the allowed clients. auth: user_by_id: Return a user or raise an exception 2023-03-07T02:49:21+00:00 Frederick Muriuki Muriithi 2023-03-07T02:49:21+00:00 urn:sha1:09c2330e9e8279f6c9fd391a736435ceb4705873 Fetching the user by id should return the user, or raise an exception. We get rid of the Maybe monad here since it is leading to some weird code flows - probably the wrong monad to use here. auth: resources: Enable assigning a user roles on resources 2023-03-06T11:57:53+00:00 Frederick Muriuki Muriithi 2023-03-06T11:57:53+00:00 urn:sha1:98e93be1b8e5353656e18f1452026db6f2902e6c auth: Reorganise modules/packages for easier dev and maintenance 2023-02-02T09:03:51+00:00 Frederick Muriuki Muriithi 2023-02-02T08:35:51+00:00 urn:sha1:dfe5eb18e3ec8dc570d118bfe95c5d4dcb2c7575 Split the views/routes into separate modules each dealing with a narrower scope of the application to aid in maintenance, and help with making the development easier. auth: Set the token scope as a string, not a list 2023-01-31T02:00:09+00:00 Frederick Muriuki Muriithi 2023-01-31T01:45:53+00:00 urn:sha1:94b1f5b04bcee2ded0d0cbf11df4101bb86d6ce8 Setting the scope as a list of strings was leading to errors when attempting to logout. This commit leaves the scope as a string to avoid the errors. auth: Fix saving of scope values. Add scope items. 2023-01-21T00:16:05+00:00 Frederick Muriuki Muriithi 2023-01-21T00:16:05+00:00 urn:sha1:da57ac8cb3daf5d14841c0c3b6d0261a49c69504 mypy: minor fixes to typing errors 2023-01-20T09:43:47+00:00 Frederick Muriuki Muriithi 2023-01-20T09:43:47+00:00 urn:sha1:b7b743001eae170792c5f533757fa40d86a9788a