darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-01 07:35:34 -05:00
Code Issues Packages Projects Releases Wiki Activity

more debug

Browse Source
This commit is contained in:
Kenneth Kehl
2024-09-04 13:03:21 -07:00
parent 74d8bfdee8
commit cf246aba7d
1 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
app/authentication/auth.py
View File

@@ -15,7 +15,7 @@ from notifications_python_client.errors import (
from sqlalchemy.orm.exc import NoResultFound from sqlalchemy.orm.exc import NoResultFound
from app.serialised_models import SerialisedService from app.serialised_models import SerialisedService
from app.utils import debug_not_production, hilite from app.utils import debug_not_production
from notifications_utils import request_helper from notifications_utils import request_helper
# stvnrlly - this is silly, but bandit has a multiline string bug (https://github.com/PyCQA/bandit/issues/658) # stvnrlly - this is silly, but bandit has a multiline string bug (https://github.com/PyCQA/bandit/issues/658)
@@ -64,14 +64,15 @@ def requires_admin_auth():
def requires_internal_auth(expected_client_id): def requires_internal_auth(expected_client_id):
debug_not_production( debug_not_production(
hilite( f"TODO REMOVE: Enter requires_internal_auth with expected client id {expected_client_id}"
f"Enter requires_internal_auth with expected client id {expected_client_id}"
)
) )
# if expected_client_id not in current_app.config.get("INTERNAL_CLIENT_API_KEYS"): # Looks like we are hitting this for some reason
# debug_not_production( if expected_client_id not in current_app.config.get("INTERNAL_CLIENT_API_KEYS"):
# f"TODO REMOVE: expected_client_id {expected_client_id} not in {current_app.config.get("INTERNAL_CLIENT_API_KEYS")}, raising TypeError\n") keys = current_app.config.get("INTERNAL_CLIENT_API_KEYS")
# raise TypeError("Unknown client_id for internal auth") debug_not_production(
f"TODO REMOVE: {expected_client_id} not in {keys}, raising TypeError\n"
)
raise TypeError("Unknown client_id for internal auth")
request_helper.check_proxy_header_before_request() request_helper.check_proxy_header_before_request()
auth_token = _get_auth_token(request) auth_token = _get_auth_token(request)
@@ -140,6 +141,16 @@ def _decode_jwt_token(auth_token, api_keys, service_id=None):
for api_key in api_keys: for api_key in api_keys:
try: try:
decode_jwt_token(auth_token, api_key.secret) decode_jwt_token(auth_token, api_key.secret)
except TypeError:
debug_not_production(
f"TODO REMOVE: Hit TypeError!!! service_id {service_id} api_keys {api_keys}"
)
raise AuthError(
"Invalid token: type error",
403,
service_id=service_id,
api_key_id=api_key.id,
)
except TokenExpiredError: except TokenExpiredError:
if not current_app.config.get("ALLOW_EXPIRED_API_TOKEN", False): if not current_app.config.get("ALLOW_EXPIRED_API_TOKEN", False):
err_msg = ( err_msg = (