From 0a31f61ee9db84eb35087073ef6b58f352252aae Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Tue, 3 Jan 2023 07:22:02 +0300 Subject: auth: Fetch all of a user's roles. * gn3/auth/authorisation/roles.py: Fetch roles from DB * gn3/auth/authorisation/views.py: Provide API endpoint for user roles * tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly Fix linting and typing issues in the following files: * gn3/auth/authentication/oauth2/resource_server.py * gn3/auth/authentication/oauth2/views.py * tests/unit/auth/fixtures/oauth2_client_fixtures.py --- gn3/auth/authentication/oauth2/resource_server.py | 4 ++-- gn3/auth/authentication/oauth2/views.py | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'gn3/auth/authentication') diff --git a/gn3/auth/authentication/oauth2/resource_server.py b/gn3/auth/authentication/oauth2/resource_server.py index 885cbd8..223e811 100644 --- a/gn3/auth/authentication/oauth2/resource_server.py +++ b/gn3/auth/authentication/oauth2/resource_server.py @@ -2,7 +2,7 @@ from flask import current_app as app from authlib.oauth2.rfc6750 import BearerTokenValidator as _BearerTokenValidator -from authlib.integrations.flask_oauth2 import ResourceProtector, current_token +from authlib.integrations.flask_oauth2 import ResourceProtector from gn3.auth import db from gn3.auth.authentication.oauth2.models.oauth2token import token_by_access_token @@ -11,7 +11,7 @@ class BearerTokenValidator(_BearerTokenValidator): """Extends `authlib.oauth2.rfc6750.BearerTokenValidator`""" def authenticate_token(self, token_string: str): with db.connection(app.config["AUTH_DB"]) as conn: - return token_by_access_token(conn, token_string).maybe( + return token_by_access_token(conn, token_string).maybe(# type: ignore[misc] None, lambda tok: tok) require_oauth = ResourceProtector() diff --git a/gn3/auth/authentication/oauth2/views.py b/gn3/auth/authentication/oauth2/views.py index 0947aa2..7d0d7dd 100644 --- a/gn3/auth/authentication/oauth2/views.py +++ b/gn3/auth/authentication/oauth2/views.py @@ -45,8 +45,9 @@ def introspect_token(): @oauth2.route("/user") @require_oauth("profile") def user_details(): - with require_oauth.acquire("profile") as token: - user = token.user + """Return user's details.""" + with require_oauth.acquire("profile") as the_token: + user = the_token.user return jsonify({ "user_id": user.user_id, "email": user.email, -- cgit v1.2.3