From f75013fb228e4c5340d135ff05e8069d62715fdb Mon Sep 17 00:00:00 2001 From: Grigoriev Semyon <33061489+grigoriev-semyon@users.noreply.github.com> Date: Mon, 13 Mar 2023 11:50:58 +0300 Subject: [PATCH] scopes update (#16) --- auth_lib/aiomethods.py | 5 +++-- auth_lib/fastapi.py | 12 +++++------- auth_lib/methods.py | 6 +++--- setup.py | 2 +- 4 files changed, 12 insertions(+), 13 deletions(-) diff --git a/auth_lib/aiomethods.py b/auth_lib/aiomethods.py index c335f30..68b6a2f 100644 --- a/auth_lib/aiomethods.py +++ b/auth_lib/aiomethods.py @@ -4,6 +4,7 @@ from .exceptions import SessionExpired, AuthFailed, IncorrectData, NotFound +# See docs on https://api.test.profcomff.com/?urls.primaryName=auth class AsyncAuthLib: url: str @@ -28,7 +29,7 @@ async def check_token(self, token: str) -> dict[str, Any]: response = await session.get( url=f"{self.url}/me", headers=headers, - params={"info": ["groups", "indirect_groups", "scopes"]}, + params={"info": ["groups", "indirect_groups", "token_scopes", "user_scopes"]}, ) match response.status: case 200: @@ -41,7 +42,7 @@ async def check_token(self, token: str) -> dict[str, Any]: raise SessionExpired(response=await response.json()) async def logout(self, token: str) -> bool: - headers = {"token": token} + headers = {"Authorization": token} async with aiohttp.ClientSession() as session: response = await session.post(url=f"{self.url}/logout", headers=headers) diff --git a/auth_lib/fastapi.py b/auth_lib/fastapi.py index 1edb257..102fb45 100644 --- a/auth_lib/fastapi.py +++ b/auth_lib/fastapi.py @@ -1,5 +1,3 @@ -from urllib.parse import urljoin - import aiohttp from fastapi.exceptions import HTTPException from fastapi.openapi.models import APIKey, APIKeyIn @@ -18,8 +16,8 @@ class UnionAuth(SecurityBase): def __init__( self, - auth_url: str, - auto_error=True, + auth_url: str = "https://api.test.profcomff.com/auth", + auto_error = True, allow_none: bool = False, scopes: list[str] = [], ) -> None: @@ -48,9 +46,9 @@ async def __call__( return self._except() async with aiohttp.request( "GET", - urljoin(self.auth_url, "/me"), + f"{self.auth_url}/me", headers={"Authorization": token}, - params={"info": ["groups", "indirect_groups", "scopes"]}, + params={"info": ["groups", "indirect_groups", "token_scopes", "user_scopes"]}, ) as r: status_code = r.status user_session = await r.json() @@ -58,7 +56,7 @@ async def __call__( self._except() if len( set([scope.lower() for scope in self.scopes]) - & set([scope["name"].lower() for scope in user_session["scopes"]]) + & set([scope["name"].lower() for scope in user_session["session_scopes"]]) ) != len(set([scope.lower() for scope in self.scopes])): self._except() return user_session diff --git a/auth_lib/methods.py b/auth_lib/methods.py index 4b26136..0c5828b 100644 --- a/auth_lib/methods.py +++ b/auth_lib/methods.py @@ -5,7 +5,7 @@ from .exceptions import SessionExpired, AuthFailed, IncorrectData, NotFound -# See docs on https://auth.api.profcomff.com/docs +# See docs on https://api.test.profcomff.com/?urls.primaryName=auth class AuthLib: @@ -28,7 +28,7 @@ def check_token(self, token: str) -> dict[str, Any]: response = requests.get( url=f"{self.url}/me", headers=headers, - params={"info": ["groups", "indirect_groups", "scopes"]}, + params={"info": ["groups", "indirect_groups", "token_scopes", "user_session"]}, ) match response.status_code: case 200: @@ -41,7 +41,7 @@ def check_token(self, token: str) -> dict[str, Any]: raise SessionExpired(response=response.json()["body"]) def logout(self, token: str) -> bool: - headers = {"token": token} + headers = {"Authorization": token} response = requests.post(url=f"{self.url}/logout", headers=headers) match response.status_code: diff --git a/setup.py b/setup.py index 1bb3082..cb4b39f 100644 --- a/setup.py +++ b/setup.py @@ -5,7 +5,7 @@ setup( name="auth_lib_profcomff", - version="2023.02.23", + version="2023.03.13", author="Semyon Grigoriev", long_description=readme, long_description_content_type="text/markdown",