| Age | Commit message (Expand) | Author |
|---|
| 2024-04-24 | Move the errors module up one level to break circular dependencies. | Frederick Muriuki Muriithi |
| 2024-04-23 | pylint: Fix linting errors. | Frederick Muriuki Muriithi |
| 2024-04-22 | Resolve the key using the "kid" field. | Frederick Muriuki Muriithi |
| 2024-04-22 | Separate clients' keys from authorisation server's key...The authorisation server uses its key to sign any token it generates.
It uses the clients' public keys to validate any assertions it
receives from a client using the client's public key.
| Frederick Muriuki Muriithi |
| 2024-04-20 | Separate authentication from token generation...Authenticate with the usual authentication code flow.
Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use
the JWTBearerGrant to generate the token after the user has already
been successfully authenticated.
| Frederick Muriuki Muriithi |
| 2024-04-20 | Remove unused import | Frederick Muriuki Muriithi |
| 2024-04-20 | Use the response_type in the request. | Frederick Muriuki Muriithi |
| 2024-04-20 | Setup token validators at app initialisation. | Frederick Muriuki Muriithi |
| 2024-04-20 | Define and register grant for JWT tokens. | Frederick Muriuki Muriithi |
| 2024-04-02 | Remove unused group argument. | Frederick Muriuki Muriithi |
| 2024-03-30 | Update call: Drop unused argument in call. | Frederick Muriuki Muriithi |
| 2024-03-25 | Flatten roles list in "get_user_roles_on_resource."...* gn_auth/auth/authorisation/resources/views.py: Import operator.
(get_user_roles_on_resource): Flatten roles list.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Return empty tuples when metadata is queried for data....* gn_auth/auth/authorisation/resources/models.py (resource_data): A
metadata resource is not linked to any data so we return an empty
tuple.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Add extra endpoint to get user authorisation given a resource name....* gn_auth/auth/authorisation/resources/models.py
(user_roles_on_resources): New function.
* gn_auth/auth/authorisation/resources/views.py
(resources_authorisation): New endpoint.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Revert "Add an extra endpoint for metadata authorisation."...This reverts commit f5e833c0d72eaec80425203b15210ed304cc4811.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Fix typo....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Replace "the" prefix with an underscore....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Delete dead comment....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Rename the_user -> _user....* gn_auth/auth/authentication/oauth2/models/oauth2client.py
(client): Rename the_user -> _user.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Delete commented out import....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-21 | Rename "the_code" to "_code"....* gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
(__query_authorization_code__): Rename the_code -> _code.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Delete a debug print query....Debugging this if necessary should be handled by pdb.
* gn_auth/auth/authentication/users.py (fetch_users): Delete print
statement.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Rename users -> fetch_users....Use verbs for methods.
* gn_auth/auth/authentication/oauth2/models/oauth2client.py (OAuth2Client):
(oauth2_clients): Rename users -> fetch_users.
* gn_auth/auth/authentication/users.py (users): Ditto.
(fetch_users): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Delete dictify....This module is redundant since dataclasses already provides the asdict
method.
* gn_auth/auth/dictify.py: Delete.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Remove unused imports....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define AuthorisationCode using frozen dataclass....* gn_auth/auth/authentication/oauth2/models/authorization_code.py:
Import dataclass, asdict, cached_property and AuthorizationCodeMixin.
Remove NamedTuple import.
(AuthorisationCode): Use frozen dataclass and explicitly inherit from
AuthorizationCodeMixin. Delete unnecessary comment.
(AuthorisationCode.response_type): Make this a cached_property.
(AuthorisationCode.get_nonce): Delete. This is not defined in the
RFC6749 spec.
(save_authorisation_code): Replace _asdict() with asdict(...).
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define Resource/ResourceCategory using frozen dataclass....* gn_auth/auth/authorisation/resources/base.py: Import dataclass and
asdict. Remove NamedTuple and dictify.
(ResourceCategory): Use frozen dataclass.
(ResourceCategory.dictify): Delete.
(Resource): Use frozen dataclass.
(Resource.dictify): Delete.
* gn_auth/auth/authorisation/resources/models.py: Delete dictify
import.
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py: Import asdict.
Remove dictify import.
(list_resource_categories): Replace dictify with asdict.
(create_resource): Ditto.
(view_resource): Ditto.
(__safe_get_requests_page__): Ditto.
* gn_auth/auth/authorisation/users/views.py:
(user_resources): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Rename "the_client" to "_client"....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Remove unused imports....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Auto-pep8 this file....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define Privilege/Role using frozen dataclass....* gn_auth/auth/authorisation/privileges.py: Import dataclass. Remove
NamedTuple import.
(Privilege): Use frozen dataclass.
(Privelege.dictify): Delete.
* gn_auth/auth/authorisation/resources/groups/views.py: Import
dataclasses.asdict.
(group_privileges): Replace dictify with asdict.
(add_priv_to_role): Ditto.
(delete_priv_from_role): Ditto.
* gn_auth/auth/authorisation/resources/models.py:
(assign_resource_user): Replace dictify with asdict.
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/system/views.py: Import
dataclasses.asdict. Remove dictify import.
(system_roles): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
(resources_authorisation): Ditto.
* gn_auth/auth/authorisation/roles/models.py: Remove dictify and
NameTuple import.
(Role): Use frozen dataclass.
(Role.dictify): Replace dictify(priv) with asdict(priv).
* gn_auth/auth/authorisation/roles/views.py: Import
dataclasses.asdict. Remove dictify import.
(view_role): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/views.py:
(user_roles): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define OAuth2Client using frozen dataclass....* gn_auth/auth/authentication/oauth2/models/oauth2client.py: Import
dataclass, cached_property and ClientMixin. Remove NamedTuple import.
(OAuth2Client): Use frozen dataclass and explicitly inherit from
ClientMixin.
(OAuth2Client.token_endpoint_auth_method): Make this a cached
property.
(OAuth2Client.client_type): Ditto.
(OAuth2Client.id): Ditto.
(OAuth2Client.grant_types): Ditto.
(OAuth2Client.redirect_uris): Ditto.
(OAuth2Client.response_types): Ditto.
(OAuth2Client.scope): Ditto.
(OAuth2Client.get_allowed_scope): Autopep-8 it.
(client): Autopep-8 it and use kw args for OAuthClient.
(client_by_id_and_secret): Ditto.
(oauth2_clients): Ditto.
(save_client): Ditto.
(delete_client): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define GroupRole using frozen dataclass....* gn_auth/auth/authorisation/resources/groups/models.py: Import
dataclasses.asdict. Remove dictify import.
(GroupRole): Use frozen dataclass.
(GroupRole.dictify): Replace dictify(...) with self.role.dictify().
* gn_auth/auth/authorisation/resources/groups/views.py:
(group_roles): Replace dictify with asdict.
(view_group_role): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define Group using a frozen dataclass....* gn_auth/auth/authorisation/data/genotypes.py: Import
dataclasses.asdict.
(link_genotype_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/data/mrna.py: Import dataclasses.asdict.
(link_mrna_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/data/phenotypes.py: Import
dataclasses.asdict.
(link_phenotype_data): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/groups/models.py: Import
dataclass.
(Group): Use frozen dataclass.
(Group.dictify): Delete.
(GroupRole.dictify): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/groups/views.py: Import
dataclasses.asdict. Remove dictify import.
(list_groups): Replace dictify with asdict.
(create_group): Ditto.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/views.py: Import
dataclasses.asdict. Remove dictify import.
(user_details): Replace dictify with asdict.
(user_group): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define OAuth2Token using a frozen dataclass....* gn_auth/auth/authentication/oauth2/endpoints/introspection.py
(IntrospectionEndpoint.introspect_token): Replace token.get_scope()
with token.scope.
* gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import
dataclass, TokenMixin and cached_property. Delete NamedTuple import.
(OAuth2Token): Use a frozen dataclass and explicitly inherit from
TokenMixin.
(OAuth2Token.expires_at): Make this a cached_property.
(OAuth2Token.check_client): Add the "# pylint ..." in it's own line.
Tested-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-13 | Define User using a frozen dataclass....* gn_auth/auth/authentication/users.py: Import dataclass. Remove
NamedTuple and Tuple import.
(User): Use a frozen dataclass.
(User.get_user_id): Delete.
(User.dictify): Ditto.
* gn_auth/auth/authorisation/data/views.py: Import dataclasses.dict.
(authorisation): Replace user._asdict() with asdict(user).
(metadata_resources): Ditto.
* gn_auth/auth/authorisation/resources/groups/views.py:
(group_members): Replace dictify with asdict.
* gn_auth/auth/authorisation/resources/models.py: Import
dataclasses.asdict.
(assign_resource_user): Replace dictify(user) with asdict(user).
(unassign_resource_user): Ditto.
* gn_auth/auth/authorisation/resources/views.py:
(resource_users): Replace dictify with asdict.
* gn_auth/auth/authorisation/users/masquerade/views.py: Import
dataclasses.asdict.
(masquerade): Replace masq_user._asdict() with asdict(masq_user).
* gn_auth/auth/authorisation/users/views.py:
(list_all_users): Replace dictify with asdict.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-08 | Correctly check for the refresh_token....* gn_auth/auth/authentication/oauth2/endpoints/utilities.py
(query_token): Replace "if" with "match" syntax. Also, correctly
check for the "refresh_token".
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-08 | Replace "if" branching with "monad_from_none_or_value"....* gn_auth/auth/authentication/oauth2/models/authorization_code.py:
Import "monad_from_none_or_value".
(authorisation_code): Replace if branching for Nothing/Just check with "monad_from_none_or_value".
* gn_auth/auth/authentication/oauth2/models/oauth2token.py: Import
"monad_from_none_or_value".
(__token_from_resultset__): Replace if branching for Nothing/Just
check with "monad_from_none_or_value".
(token_by_access_token): Ditto.
(token_by_refresh_token): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-08 | Rename "__5_MINUTES__" to "EXPIRY_IN_SECONDS"....* gn_auth/auth/authentication/oauth2/models/authorization_code.py
(AuthorisationCode.__5_MINUTES__): Rename this to EXPIRY_IN_SECONDS.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-08 | Explicitly add keyword arguments to AuthorisationCode....This improves readability.
* gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py
(AuthorisationCodeGrant.save_authorization_code): Use keyword arguments.
* gn_auth/auth/authentication/oauth2/models/authorization_code.py
(authorisation_code): Ditto.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-08 | Remove "raise" in auth.db Protocol classes....* gn_auth/auth/db/protocols.py (DbCursor): Remove "raise" in DBCursor
Protocol. See:
<https://typing.readthedocs.io/en/latest/spec/protocol.html>
| Munyoki Kilyungi |
| 2024-03-04 | Add an extra endpoint for metadata authorisation....* gn_auth/auth/authorisation/data/views.py: (metadata_resources): New
end-point for authorising metadata data.
* gn_auth/auth/authorisation/resources/models.py: Import sqlite3.Row.
(__metadata_resource_data__): New function.
(__assign_resource_owner_role__): Add __metadata_resource_data__
to the "resource_data_function" map.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-04 | Fix minor typo....* gn_auth/auth/authorisation/data/views.py (authorisation): Fix typo.
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-03-04 | Remove redundant error code for InvalidData....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
| Munyoki Kilyungi |
| 2024-02-29 | Allow POST for JSON requests. | Frederick Muriuki Muriithi |
| 2024-02-28 | Handle the "NotFoundError" exception at the route level...Handle the "NotFoundError" exception at the route level, since if we
do not, the application level handler takes over and simply returns a
JSON response with the details of the failure.
| Frederick Muriuki Muriithi |
| 2023-12-18 | Provide the correct Redis key...Previously, when the user would request to either import or delete the
collections they had created before logging in, the system would try
deleting the collections from the wrong key, leading to the
collections still showing up.
This commit fixes that by providing the code with the correct Redis
key to act upon.
| Frederick Muriuki Muriithi |
| 2023-11-28 | Remove bcrypt as a dependency...BCrypt has been superceded by argon, and this commit removes it and
all code depending on it from the repository.
| Frederick Muriuki Muriithi |
| 2023-11-23 | Scripts: Update script for newer db schema...The schema changed a while back, and the script that is used to make
all existing data public needs to be updated for the new schema. This
commit does exactly that.
| Frederick Muriuki Muriithi |
| 2023-11-22 | Move system admin creation...Make the system admin creation code part of the core system, and
simply call it from the script(s). This will help with maintenance,
since the changes are done in a single place only.
| Frederick Muriuki Muriithi |
