Details
- Reviewers
vlorentz - Group Reviewers
Reviewers - Commits
- rDWAPPS61b4f5db76df: auth/backends: Add DRF bearer token authentication using OpenID Connect
Diff Detail
- Repository
- rDWAPPS Web applications
- Branch
- oidc-bearer-token-drf-auth
- Lint
No Linters Available - Unit
No Unit Test Coverage - Build Status
Buildable 10915 Build 16416: Cypress tests for swh-web diffs Jenkins Build 16415: tox-on-jenkins Jenkins Build 16414: arc lint + arc unit
Event Timeline
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/990/ for more details.
Build has FAILED
Link to build: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/599/
See console output for more information: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/599/console
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/992/ for more details.
Build has FAILED
Link to build: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/601/
See console output for more information: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/601/console
Nice too! Just a few nitpicks:
| swh/web/auth/backends.py | ||
|---|---|---|
| 113 | You don't need to call .get() again. And mypy might complain some day that the type of auth_header changes | |
| 114 | token = auth_header[-1]. But why do we need to support missing auth type? RFC 7235 always requires it (https://tools.ietf.org/html/rfc7235#section-4.2 and https://tools.ietf.org/html/rfc7235#appendix-C ) And it should also check the auth type in case we add more types in the future, so: (auth_scheme, token) = auth_header.split(' ', 1)
if auth_scheme != 'Bearer':
raise ... | |
| 128 | Does the client have control over decoded['exp']? If yes, we should clamp the value of the ttl. | |
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/995/ for more details.
Build has FAILED
Link to build: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/604/
See console output for more information: https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/604/console
Update: Fix cypress tests launch
Since the addition of DRF authentication backends, the following error was reported when
launching swh-web in end to end tests mode:
Traceback (most recent call last):
File "swh/web/manage.py", line 46, in <module>
execute_from_command_line(sys.argv)
File "/home/jenkins/.local/lib/python3.7/site-packages/django/core/management/__init__.py", line 381, in execute_from_command_line
utility.execute()
File "/home/jenkins/.local/lib/python3.7/site-packages/django/core/management/__init__.py", line 325, in execute
settings.INSTALLED_APPS
File "/home/jenkins/.local/lib/python3.7/site-packages/django/conf/__init__.py", line 79, in __getattr__
self._setup(name)
File "/home/jenkins/.local/lib/python3.7/site-packages/django/conf/__init__.py", line 66, in _setup
self._wrapped = Settings(settings_module)
File "/home/jenkins/.local/lib/python3.7/site-packages/django/conf/__init__.py", line 157, in __init__
mod = importlib.import_module(self.SETTINGS_MODULE)
File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
File "<frozen importlib._bootstrap>", line 983, in _find_and_load
File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 728, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/home/jenkins/workspace/DWAPPS/cypress-diff/swh/web/settings/tests.py", line 107, in <module>
from swh.web.tests.data import get_tests_data, override_storages # noqa
File "/home/jenkins/workspace/DWAPPS/cypress-diff/swh/web/tests/data.py", line 12, in <module>
from rest_framework.decorators import api_view
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/decorators.py", line 13, in <module>
from rest_framework.views import APIView
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/views.py", line 17, in <module>
from rest_framework.schemas import DefaultSchema
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/schemas/__init__.py", line 33, in <module>
authentication_classes=api_settings.DEFAULT_AUTHENTICATION_CLASSES,
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/settings.py", line 220, in __getattr__
val = perform_import(val, attr)
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/settings.py", line 168, in perform_import
return [import_from_string(item, setting_name) for item in val]
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/settings.py", line 168, in <listcomp>
return [import_from_string(item, setting_name) for item in val]
File "/home/jenkins/.local/lib/python3.7/site-packages/rest_framework/settings.py", line 177, in import_from_string
return import_string(val)
File "/home/jenkins/.local/lib/python3.7/site-packages/django/utils/module_loading.py", line 17, in import_string
module = import_module(module_path)
File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "/home/jenkins/workspace/DWAPPS/cypress-diff/swh/web/auth/backends.py", line 20, in <module>
from swh.web.auth.models import OIDCUser
File "/home/jenkins/workspace/DWAPPS/cypress-diff/swh/web/auth/models.py", line 9, in <module>
from django.contrib.auth.models import User
File "/home/jenkins/.local/lib/python3.7/site-packages/django/contrib/auth/models.py", line 2, in <module>
from django.contrib.auth.base_user import AbstractBaseUser, BaseUserManager
File "/home/jenkins/.local/lib/python3.7/site-packages/django/contrib/auth/base_user.py", line 47, in <module>
class AbstractBaseUser(models.Model):
File "/home/jenkins/.local/lib/python3.7/site-packages/django/db/models/base.py", line 103, in __new__
app_config = apps.get_containing_app_config(module)
File "/home/jenkins/.local/lib/python3.7/site-packages/django/apps/registry.py", line 252, in get_containing_app_config
self.check_apps_ready()
File "/home/jenkins/.local/lib/python3.7/site-packages/django/apps/registry.py", line 135, in check_apps_ready
raise AppRegistryNotReady("Apps aren't loaded yet.")
django.core.exceptions.AppRegistryNotReady: Apps aren't loaded yet.So move end to end test DRF views implementation in a dedicated module and import it only when required.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/996/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/605/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/998/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/607/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/1002/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/611/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/tox/1016/ for more details.
Build is green
See https://jenkins.softwareheritage.org/job/DWAPPS/job/cypress-diff/625/ for more details.