Skip to content

Prevent usage of set_token when service client access_token was set. … #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion authress/api/invites_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -590,7 +590,7 @@ def respond_to_invite_with_http_info(self, invite_id : Annotated[constr(strict=T
_auth_settings = ['oauth2'] # noqa: E501

_response_types_map = {
'200': "Account",
'200': None,
'401': None,
'403': None,
'404': None,
Expand Down
7 changes: 6 additions & 1 deletion authress/authress_client.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,17 @@ class AuthressClient(object):
def __init__(self, authress_api_url=None, service_client_access_key=None, user_agent=None):
self._host = authress_api_url if authress_api_url.startswith('http') else f"https://{authress_api_url}"
self._host = re.sub(r'/+$', '', self._host)
self._service_client_access_key = service_client_access_key

self._http_client = HttpClient(host=self._host, access_key=service_client_access_key, user_agent=user_agent)
self._token_verifier = token_verifier.TokenVerifier(http_client=self._http_client)

def set_token(self, token: str):
self._http_client.set_token(token)
if self._service_client_access_key is None:
self._http_client.set_token(token)
return

raise Exception("An AuthressClient cannot use set_token, when the client has been instantiated with a service client access key. It must either be used for User tokens or with Service Client Access Keys, but not both.")

def get_client_token(self) -> str:
"""Generates a Service Client Machine JWT to be used for securing machine to machine requests."""
Expand Down
13 changes: 4 additions & 9 deletions authress/http_client.py
Original file line number Diff line number Diff line change
Expand Up @@ -65,14 +65,6 @@ def __init__(self, host=None, access_key=None, user_agent=None):
def set_token(self, token):
self.default_headers['Authorization'] = f'Bearer {token.replace("Bearer", "").strip()}'

def get_user_from_token(self):
token = self.default_headers['Authorization'].replace("Bearer", "").strip()
jwtData = jwt.decode(token, options={"verify_signature": False})
if 'aud' in jwtData and 'https://api.authress.io' in jwtData['aud']:
return f"Authress|{jwtData['sub']}"

return jwtData['sub']

def __enter__(self):
return self

Expand Down Expand Up @@ -762,4 +754,7 @@ def __deserialize_model(self, data, klass):
return klass.from_dict(data)

def _get_client_token(self) -> str:
return self.service_client_token_provider.get_client_token()
if self.service_client_token_provider is None:
return None

return self.service_client_token_provider.get_client_token()
7 changes: 2 additions & 5 deletions docs/EXAMPLES.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,7 @@ from authress import AuthressClient
# create an instance of the API class during service initialization
# Authress custom domain or if there isn't one yet, use the authress account specific url
authress_api_url = "https://authress.yourdomain.com" # or "https://ACCOUNT_ID.api.authress.io"

# The Service Client Access Key for your service client.
service_client_access_key = "sc_key_001"
authress_client = AuthressClient(authress_api_url=authress_api_url , service_client_access_key=service_client_access_key)
authress_client = AuthressClient(authress_api_url=authress_api_url)

# on api route
from flask import request
Expand Down Expand Up @@ -46,7 +43,7 @@ authress_api_url = "https://authress.yourdomain.com" # or "https://ACCOUNT_ID.ap

# Create a service client in the Authress management portal and past the access token here
service_client_access_key = 'eyJrZXlJ....'
authress_client = AuthressClient(authress_api_url=authress_api_url , service_client_access_key=service_client_access_key)
authress_client = AuthressClient(authress_api_url=authress_api_url, service_client_access_key=service_client_access_key)

# on api route
from flask import request
Expand Down
Loading