aboutsummaryrefslogtreecommitdiff
path: root/gn3/auth/authentication/oauth2
AgeCommit message (Expand)Author
2023-03-23auth: Don't try loading the user if no client is found...Fix the bug where the system was trying to load a user from a non-existing OAuth2 client, leading to an exception. Frederick Muriuki Muriithi
2023-03-13auth: separate user detail migration from data migration...Due to the fact that the data migration requires higher privileges than the user details, separate the user details migration endpoint from the data migrations endpoint. Frederick Muriuki Muriithi
2023-03-09auth: introspection: Protect introspection endpoint...The introspection endpoint could contain privileged information, thus requires that the endpoint be protected. This commit ensures that a user has authenticated to the system and that the client they are using be one of the allowed clients. Frederick Muriuki Muriithi
2023-03-07auth: user_by_id: Return a user or raise an exception...Fetching the user by id should return the user, or raise an exception. We get rid of the Maybe monad here since it is leading to some weird code flows - probably the wrong monad to use here. Frederick Muriuki Muriithi
2023-03-06auth: resources: Enable assigning a user roles on resourcesFrederick Muriuki Muriithi
2023-02-02auth: Reorganise modules/packages for easier dev and maintenance...Split the views/routes into separate modules each dealing with a narrower scope of the application to aid in maintenance, and help with making the development easier. Frederick Muriuki Muriithi
2023-01-31auth: Set the token scope as a string, not a list...Setting the scope as a list of strings was leading to errors when attempting to logout. This commit leaves the scope as a string to avoid the errors. Frederick Muriuki Muriithi
2023-01-21auth: Fix saving of scope values. Add scope items.Frederick Muriuki Muriithi
2023-01-20mypy: minor fixes to typing errorsFrederick Muriuki Muriithi
2023-01-20auth: rename revocation endpointFrederick Muriuki Muriithi
2023-01-20auth: Save token with update...If the token already exists, then update the details rather than trying to insert. Frederick Muriuki Muriithi
2023-01-20auth: Setup the user correctly...* gn3/auth/authentication/oauth2/grants/password_grant.py: Return user rather than boolean * gn3/auth/authentication/oauth2/models/oauth2client.py: provide optional `user` argument to allow flexibility in setting up the client's user * gn3/auth/authentication/oauth2/models/oauth2token.py: Set token and client user correctly * gn3/auth/authentication/oauth2/server.py: Set token user from the request Frederick Muriuki Muriithi
2023-01-20auth: Add development utils/tools...To avoid having to manually rebuild some default data for exploration of concepts while developing the system, add a way to build up the test users and oauth2 clients to use for testing. Frederick Muriuki Muriithi
2023-01-04auth: Add `/register-user` endpoint...* gn3/app.py: register top-level error handlers. reorganise oauth2 blueprint. * gn3/auth/__init__.py: reorganise oaut2 blueprint. * gn3/auth/authentication/oauth2/views.py: reorganise oauth2 blueprint. * gn3/auth/authorisation/exceptions.py -> gn3/auth/authorisation/errors.py * gn3/auth/authorisation/groups.py: rename file/module * gn3/auth/authorisation/resources.py: rename file/module * gn3/auth/authorisation/views.py: Add `/register-user` endpoint * gn3/auth/blueprint.py: reorganise oauth2 blueprint. * gn3/errors.py: register top-level error handlers. Frederick Muriuki Muriithi
2023-01-04auth: return group info as part of user details...* gn3/app.py: import blueprint from authorisation views inorder to get all endpoints * gn3/auth/authentication/oauth2/views.py: remove the `/user` endpoint * gn3/auth/authorisation/views.py: add the `/user` endpoint and add the group information to the user details. Frederick Muriuki Muriithi
2023-01-03auth: Fetch all of a user's roles....* gn3/auth/authorisation/roles.py: Fetch roles from DB * gn3/auth/authorisation/views.py: Provide API endpoint for user roles * tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly Fix linting and typing issues in the following files: * gn3/auth/authentication/oauth2/resource_server.py * gn3/auth/authentication/oauth2/views.py * tests/unit/auth/fixtures/oauth2_client_fixtures.py Frederick Muriuki Muriithi
2022-12-28auth: Add resource server and /user endpoint...Add a resource server with the validator for the bearer token to protect the resources endpoints. Add a protected `/user` endpoint that returns the user details for valid tokens. * gn3/auth/authentication/oauth2/resource_server.py: new file * gn3/auth/authentication/oauth2/views.py: add /user endpoint Frederick Muriuki Muriithi
2022-12-22auth: implement OAuth2 flow....Add code to implement the OAuth2 flow. * Add test fixtures for setting up users and OAuth2 clients * Add tests for token generation with the "Password Grant" flow * Fix some issues with test due to changes in the database connection's row_factory oauth2_auth_flowFrederick Muriuki Muriithi