LukeParke/connexion
1
0
Fork 0
mirror of https://github.com/LukeHagar/connexion.git synced 2025-12-10 04:19:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Re-add attributes to OAuthScopeProblem

Browse Source
This commit is contained in:
Robbe Sneyders
2023-02-23 00:00:45 +01:00
parent 61f2aee1f7
commit ec5dd278d0
4 changed files with 27 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
connexion/exceptions.py
View File

@@ -124,7 +124,14 @@ class Forbidden(HTTPException):
class OAuthScopeProblem(Forbidden):
pass
def __init__(self, token_scopes: list, required_scopes: list) -> None:
self.required_scopes = required_scopes
self.token_scopes = token_scopes
detail = (
f"Provided token does not have the required scopes. "
f"Provided: {token_scopes}; Required: {required_scopes}"
)
super().__init__(detail=detail)
class UnsupportedMediaTypeProblem(ClientError):

3
connexion/security.py
View File

@@ -395,7 +395,8 @@ class SecurityHandlerFactory:
validation = await validation
if not validation:
raise OAuthScopeProblem(
detail="Provided token doesn't have the required scope",
required_scopes=required_scopes,
token_scopes=token_scopes,
)
return token_info

5
tests/api/test_secure_api.py
View File

@@ -105,9 +105,8 @@ def test_security(oauth_requests, secure_endpoint_app):
assert get_bye_wrong_scope.status_code == 403
assert get_bye_wrong_scope.headers.get("content-type") == "application/problem+json"
get_bye_wrong_scope_reponse = get_bye_wrong_scope.json()
assert (
get_bye_wrong_scope_reponse["detail"]
== "Provided token doesn't have the required scope"
assert get_bye_wrong_scope_reponse["detail"].startswith(
"Provided token does not have the required scope"
)
headers = {"Authorization": "Bearer 300"}

22
tests/decorators/test_security.py
View File

@@ -88,7 +88,9 @@ async def test_verify_oauth_scopes_remote(monkeypatch):
await wrapped_func(request)
assert exc_info.value.status_code == 403
assert exc_info.value.detail == "Provided token doesn't have the required scope"
assert exc_info.value.detail.startswith(
"Provided token does not have the required scope"
)
tokeninfo["scope"] += " admin"
assert await wrapped_func(request) is not None
@@ -98,7 +100,9 @@ async def test_verify_oauth_scopes_remote(monkeypatch):
await wrapped_func(request)
assert exc_info.value.status_code == 403
assert exc_info.value.detail == "Provided token doesn't have the required scope"
assert exc_info.value.detail.startswith(
"Provided token does not have the required scope"
)
tokeninfo["scope"].append("admin")
assert await wrapped_func(request) is not None
@@ -138,7 +142,9 @@ async def test_verify_oauth_scopes_local():
await wrapped_func(request)
assert exc_info.value.status_code == 403
assert exc_info.value.detail == "Provided token doesn't have the required scope"
assert exc_info.value.detail.startswith(
"Provided token does not have the required scope"
)
tokeninfo["scope"] += " admin"
assert await wrapped_func(request) is not None
@@ -148,7 +154,9 @@ async def test_verify_oauth_scopes_local():
await wrapped_func(request)
assert exc_info.value.status_code == 403
assert exc_info.value.detail == "Provided token doesn't have the required scope"
assert exc_info.value.detail.startswith(
"Provided token does not have the required scope"
)
tokeninfo["scope"].append("admin")
assert await wrapped_func(request) is not None
@@ -277,15 +285,15 @@ async def test_verify_security_oauthproblem():
"errors, most_specific",
[
([OAuthProblem()], OAuthProblem),
([OAuthProblem(), OAuthScopeProblem()], OAuthScopeProblem),
([OAuthProblem(), OAuthScopeProblem([], [])], OAuthScopeProblem),
(
[OAuthProblem(), OAuthScopeProblem(), BadRequestProblem],
[OAuthProblem(), OAuthScopeProblem([], []), BadRequestProblem],
OAuthScopeProblem,
),
(
[
OAuthProblem(),
OAuthScopeProblem(),
OAuthScopeProblem([], []),
BadRequestProblem,
ConnexionException,
],