gn-auth - GN authentication and authorization service

Age	Commit message (Expand)	Author
2024-08-05	Fix linting errors.	Frederick Muriuki Muriithi
2024-07-31	Update all endpoints to use the `client_secret_post` auth method.	Frederick Muriuki Muriithi
2024-07-31	Extend default JWTBearerToken to include a user member.	Frederick Muriuki Muriithi
2024-07-31	Fetch a client's JWKs from a URI	Frederick Muriuki Muriithi
2024-07-30	JWT refresh: Deactivate the checks and revocation...The checks for whether a token is already linked, and then revoking it and raising an error were causing issues in multi-threaded environments, where there'd be multiple requests to the auth server all using an expired token. This just links the refresh token and avoids the check and revocation for the time being.	Frederick Muriuki Muriithi
2024-06-03	Raise explicit error messages for more graceful handling.enable-sending-emails	Frederick Muriuki Muriithi
2024-05-24	Revoke refresh token, and all its children.	Frederick Muriuki Muriithi
2024-05-24	Check whether a refresh token has been used before...Check whether a refresh token has been used before using it to generate a new JWT token. If the refresh token has been used previously, it should be revoked, and an error raised. As of this commit the actual revocation process hasn't been implemented.	Frederick Muriuki Muriithi
2024-05-24	Use monads consistently to reduce chances of errors.	Frederick Muriuki Muriithi
2024-05-13	Fix myriad of linting error...These linting errors can't be rebased into the newer commits.	Frederick Muriuki Muriithi
2024-05-13	Initialise JWTRefreshToken model...Add a model for the JWT refresh tokens.	Frederick Muriuki Muriithi
2024-05-02	Compute and cache the client's KeySet.	Frederick Muriuki Muriithi
2024-04-24	Move the errors module up one level to break circular dependencies.	Frederick Muriuki Muriithi
2024-03-21	Rename the_user -> _user....* gn_auth/auth/authentication/oauth2/models/oauth2client.py (client): Rename the_user -> _user. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-13	Rename users -> fetch_users....Use verbs for methods. * gn_auth/auth/authentication/oauth2/models/oauth2client.py (OAuth2Client): (oauth2_clients): Rename users -> fetch_users. * gn_auth/auth/authentication/users.py (users): Ditto. (fetch_users): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-13	Define AuthorisationCode using frozen dataclass....* gn_auth/auth/authentication/oauth2/models/authorization_code.py: Import dataclass, asdict, cached_property and AuthorizationCodeMixin. Remove NamedTuple import. (AuthorisationCode): Use frozen dataclass and explicitly inherit from AuthorizationCodeMixin. Delete unnecessary comment. (AuthorisationCode.response_type): Make this a cached_property. (AuthorisationCode.get_nonce): Delete. This is not defined in the RFC6749 spec. (save_authorisation_code): Replace _asdict() with asdict(...). Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-13	Define OAuth2Client using frozen dataclass....* gn_auth/auth/authentication/oauth2/models/oauth2client.py: Import dataclass, cached_property and ClientMixin. Remove NamedTuple import. (OAuth2Client): Use frozen dataclass and explicitly inherit from ClientMixin. (OAuth2Client.token_endpoint_auth_method): Make this a cached property. (OAuth2Client.client_type): Ditto. (OAuth2Client.id): Ditto. (OAuth2Client.grant_types): Ditto. (OAuth2Client.redirect_uris): Ditto. (OAuth2Client.response_types): Ditto. (OAuth2Client.scope): Ditto. (OAuth2Client.get_allowed_scope): Autopep-8 it. (client): Autopep-8 it and use kw args for OAuthClient. (client_by_id_and_secret): Ditto. (oauth2_clients): Ditto. (save_client): Ditto. (delete_client): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-13	Define OAuth2Token using a frozen dataclass....* gn_auth/auth/authentication/oauth2/endpoints/introspection.py (IntrospectionEndpoint.introspect_token): Replace token.get_scope() with token.scope. * gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import dataclass, TokenMixin and cached_property. Delete NamedTuple import. (OAuth2Token): Use a frozen dataclass and explicitly inherit from TokenMixin. (OAuth2Token.expires_at): Make this a cached_property. (OAuth2Token.check_client): Add the "# pylint ..." in it's own line. Tested-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-08	Replace "if" branching with "monad_from_none_or_value"....* gn_auth/auth/authentication/oauth2/models/authorization_code.py: Import "monad_from_none_or_value". (authorisation_code): Replace if branching for Nothing/Just check with "monad_from_none_or_value". * gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import "monad_from_none_or_value". (__token_from_resultset__): Replace if branching for Nothing/Just check with "monad_from_none_or_value". (token_by_access_token): Ditto. (token_by_refresh_token): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-08	Rename "__5_MINUTES__" to "EXPIRY_IN_SECONDS"....* gn_auth/auth/authentication/oauth2/models/authorization_code.py (AuthorisationCode.__5_MINUTES__): Rename this to EXPIRY_IN_SECONDS. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2024-03-08	Explicitly add keyword arguments to AuthorisationCode....This improves readability. * gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py (AuthorisationCodeGrant.save_authorization_code): Use keyword arguments. * gn_auth/auth/authentication/oauth2/models/authorization_code.py (authorisation_code): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>	Munyoki Kilyungi
2023-08-23	pylint: Replace `lambda ...` statements with `def ...`	Frederick Muriuki Muriithi
2023-08-07	Change imports to new unified db module.	Frederick Muriuki Muriithi
2023-08-07	Update module name/path...Change from gn3 to gn_auth	Frederick Muriuki Muriithi
2023-08-04	Copy over files from GN3 repository.	Frederick Muriuki Muriithi