fixed authentication_callback and getting the user w/ burnettk

src/spiffworkflow_backend/api.yml

@@ -1,11 +1,12 @@
 openapi: "3.0.2"
 info:
   version: 1.0.0
-  title: Workflow Microservice
+  title: spiffworkflow-backend
   license:
     name: MIT
 servers:
   - url: http://localhost:5000/v1.0
+# this is handled in flask now
 security: []
 #  - jwt: ["secret"]
 #  - oAuth2AuthCode:

src/spiffworkflow_backend/routes/process_api_blueprint.py

@@ -828,7 +828,7 @@ def authentication_callback(
     auth_method: str,
 ) -> werkzeug.wrappers.Response:
     """Authentication_callback."""
-    verify_token(request.args.get("token"))
+    verify_token(request.args.get("token"), force_run=True)
     response = request.args["response"]
     SecretService().update_secret(
         f"{service}/{auth_method}", response, g.user.id, create_if_not_exists=True
@@ -885,7 +885,6 @@ def process_instance_report_show(
 # @process_api_blueprint.route("/v1.0/tasks", methods=["GET"])
 def task_list_my_tasks(page: int = 1, per_page: int = 100) -> flask.wrappers.Response:
     """Task_list_my_tasks."""
-    print("WE LIST")
     principal = find_principal_or_raise()
 
     active_tasks = (

src/spiffworkflow_backend/routes/user.py

@@ -29,7 +29,7 @@ from spiffworkflow_backend.services.user_service import UserService
 
 # authorization_exclusion_list = ['status']
 def verify_token(
-    token: Optional[str] = None,
+    token: Optional[str] = None, force_run: Optional[bool] = False
 ) -> Optional[Dict[str, Optional[Union[str, int]]]]:
     """Verify the token for the user (if provided).
 
@@ -37,6 +37,7 @@ def verify_token(
 
     Args:
         token: Optional[str]
+        force_run: Optional[bool]
 
     Returns:
         token: str
@@ -45,7 +46,7 @@ def verify_token(
         ApiError:  If not on production and token is not valid, returns an 'invalid_token' 403 error.
         If on production and user is not authenticated, returns a 'no_user' 403 error.
     """
-    if AuthorizationService.should_disable_auth_for_request():
+    if not force_run and AuthorizationService.should_disable_auth_for_request():
         return None
 
     if not token and "Authorization" in request.headers:

src/spiffworkflow_backend/services/authorization_service.py

@@ -202,7 +202,7 @@ class AuthorizationService:
     @classmethod
     def should_disable_auth_for_request(cls) -> bool:
         """Should_disable_auth_for_request."""
-        authentication_exclusion_list = ["status"]
+        authentication_exclusion_list = ["status", "authentication_callback"]
         if request.method == "OPTIONS":
             return True
 

tests/spiffworkflow_backend/integration/test_process_api.py

@@ -1135,7 +1135,7 @@ class TestProcessApi(BaseTest):
         assert len(task_events) == 1
         task_event = task_events[0]
         assert task_event.user_id == with_super_admin_user.id
-        # TODO: When with_super_admin_user tasks work, we need to add some more assertions for action, task_state, etc.
+        # TODO: When user tasks work, we need to add some more assertions for action, task_state, etc.
 
     def test_task_show(
         self,