sartography/spiff-arena
1
0
Fork 0
mirror of https://github.com/sartography/spiff-arena.git synced 2025-01-27 09:45:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/fix-service-task-oauth-flow (#1108)

Browse Source 
* corrected service task controller excluded auth methods to reference the correct controller w/ burnettk

* fixed docs requirements file w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
This commit is contained in:
jasquat 2024-02-26 10:54:26 -05:00 committed by GitHub
parent 4a9266bb37
commit 13848e85e3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/requirements.txt
View File

@ -17,14 +17,14 @@ imagesize==1.4.1
Jinja2==3.1.2 Jinja2==3.1.2
lazy-object-proxy==1.10.0 lazy-object-proxy==1.10.0
livereload==2.6.3 livereload==2.6.3
lsprotocol==2023.0.0a1 lsprotocol==2023.0.1
markdown-it-py==3.0.0 markdown-it-py==3.0.0
MarkupSafe==2.1.2 MarkupSafe==2.1.2
mdit-py-plugins==0.4.0 mdit-py-plugins==0.4.0
mdurl==0.1.2 mdurl==0.1.2
myst-parser==2.0.0 myst-parser==2.0.0
packaging==23.1 packaging==23.1
pygls==1.0.2 pygls==1.3.0
Pygments==2.17.2 Pygments==2.17.2
pyspellchecker==0.7.2 pyspellchecker==0.7.2
PyYAML==6.0.1 PyYAML==6.0.1

4
spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py
View File

@ -64,7 +64,7 @@ def verify_token(token: str | None = None, force_run: bool | None = False) -> di
if not force_run and AuthorizationService.should_disable_auth_for_request(): if not force_run and AuthorizationService.should_disable_auth_for_request():
return None return None
token_info = _find_token_from_headers(token) token_info = _find_token_from_request(token)
# This should never be set here but just in case # This should never be set here but just in case
_clear_auth_tokens_from_thread_local_data() _clear_auth_tokens_from_thread_local_data()
@ -306,7 +306,7 @@ def _force_logout_user_if_necessary(user_model: UserModel | None, decoded_token:
return False return False
def _find_token_from_headers(token: str | None) -> dict[str, str | None]: def _find_token_from_request(token: str | None) -> dict[str, str | None]:
api_key = None api_key = None
if not token and "Authorization" in request.headers: if not token and "Authorization" in request.headers:
token = request.headers["Authorization"].removeprefix("Bearer ") token = request.headers["Authorization"].removeprefix("Bearer ")

4
spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
View File

@ -78,8 +78,8 @@ PATH_SEGMENTS_FOR_PERMISSION_ALL = [
] ]
AUTHENTICATION_EXCLUSION_LIST = { AUTHENTICATION_EXCLUSION_LIST = {
"authentication_begin": "spiffworkflow_backend.routes.authentication_controller", "authentication_begin": "spiffworkflow_backend.routes.service_tasks_controller",
"authentication_callback": "spiffworkflow_backend.routes.authentication_controller", "authentication_callback": "spiffworkflow_backend.routes.service_tasks_controller",
"authentication_options": "spiffworkflow_backend.routes.authentication_controller", "authentication_options": "spiffworkflow_backend.routes.authentication_controller",
"github_webhook_receive": "spiffworkflow_backend.routes.webhooks_controller", "github_webhook_receive": "spiffworkflow_backend.routes.webhooks_controller",
"login": "spiffworkflow_backend.routes.authentication_controller", "login": "spiffworkflow_backend.routes.authentication_controller",