Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix using access token #113

Merged
merged 2 commits into from
Apr 9, 2024
Merged

Fix using access token #113

merged 2 commits into from
Apr 9, 2024

Conversation

CasperWA
Copy link
Collaborator

@CasperWA CasperWA commented Apr 9, 2024

Fixes #112

This moves the call to verify_user_access_token() "up" in the verify_token() function as well as tests that the function is invoked when expected.

CasperWA added 2 commits April 9, 2024 14:35
@CasperWA
Move checking for user-provided access token
2ae7ff8 
This check is moved "up" in the code, to the block where an authorized
call to the OpenID userinfo-endpoint failed, meaning the provided
credentials were not valid as an OpenID.

Previously this was done if the returned JSON-decoded response could not
be validated as a `GitLabOpenIDUserInfo` model - something that is done
after a (successful) response to the OpenID userinfo-endpoint.
@CasperWA
Test verify_user_access_token() is called when expected
73f94c7
@CasperWA CasperWA requested a review from Treesarj April 9, 2024 13:13
@codecov Codecov
Copy link

codecov bot commented Apr 9, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 50.00000% with 3 lines in your changes are missing coverage. Please review.

Project coverage is 89.84%. Comparing base (4128798) to head (73f94c7).

Files Patch % Lines
entities_service/service/security.py 50.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #113      +/-   ##
==========================================
+ Coverage   89.34%   89.84%   +0.50%     
==========================================
  Files          21       21              
  Lines        1192     1192              
==========================================
+ Hits         1065     1071       +6     
+ Misses        127      121       -6
Flag Coverage Δ
docker 70.05% <16.66%> (+1.34%) ⬆️
local 88.59% <50.00%> (+0.50%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@CasperWA CasperWA merged commit 5a8adbb into main Apr 9, 2024
10 of 11 checks passed
@CasperWA CasperWA deleted the cwa/fix-using-access-token branch April 9, 2024 17:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Treesarj Treesarj Treesarj approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

An access token is not tested properly in the service
2 participants
@CasperWA @Treesarj