Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Admin endpoints support "client_credentials" tokens again #1284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
paulineribeyre merged 4 commits into from
Jul 31, 2025
Merged

Admin endpoints support "client_credentials" tokens again #1284

paulineribeyre merged 4 commits into from
Jul 31, 2025

Conversation

@paulineribeyre
Copy link
Contributor

@paulineribeyre paulineribeyre commented Jul 30, 2025
edited
Loading

Fix bug introduced in #1234 when using client_credentials tokens to hit admin endpoints:

Traceback: Traceback (most recent call last):
  File "/fence/.venv/lib/python3.9/site-packages/flask/app.py", line 917, in full_dispatch_request
    rv = self.dispatch_request()
  File "/fence/.venv/lib/python3.9/site-packages/flask/app.py", line 902, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)  # type: ignore[no-any-return]
  File "/fence/fence/authz/auth.py", line 91, in wrapper
    return f(*f_args, **f_kwargs)
  File "/fence/fence/resources/audit/utils.py", line 128, in wrapper
    create_log_for_request(flask.request)
  File "/fence/fence/resources/audit/utils.py", line 103, in create_log_for_request
    username = get_user_from_claims(claims).username
  File "/fence/fence/auth.py", line 306, in get_user_from_claims
    .filter(User.id == claims["sub"])
KeyError: 'sub'

Bug Fixes

  • Admin endpoints support "client_credentials" tokens again

Improvements

  • Request logs now include the client ID, if any

@coveralls
Copy link

coveralls commented Jul 30, 2025
edited
Loading

Pull Request Test Coverage Report for Build 16633175591

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 1 unchanged line in 1 file lost coverage.
  • Overall coverage increased (+0.003%) to 74.669%
Files with Coverage Reduction New Missed Lines %
resources/audit/utils.py 1 94.52%
Totals Coverage Status
Change from base Build 16302199811: 0.003%
Covered Lines: 8280
Relevant Lines: 11089
💛 - Coveralls

pieterlukasse
pieterlukasse reviewed Jul 30, 2025
View reviewed changes
pieterlukasse
pieterlukasse reviewed Jul 30, 2025
View reviewed changes
Copy link
Contributor

@pieterlukasse pieterlukasse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me. Just a few minor questions / comments.

pieterlukasse
pieterlukasse reviewed Jul 30, 2025
View reviewed changes
@github-actions
Copy link

github-actions bot commented Jul 30, 2025

filepath passed skipped SUBTOTAL
tests/test_oauth2.py 15 0 15
tests/test_centralized_auth.py 16 0 16
tests/test_data_upload.py 8 1 9
tests/test_presigned_url.py 7 0 7
tests/test_audit_service.py 3 3 6
tests/test_user_token.py 5 0 5
tests/test_drs_endpoint.py 4 0 4
tests/test_register_user.py 2 0 2
tests/test_oidc_client.py 2 0 2
tests/test_google_data_access.py 1 0 1
tests/test_client_credentials.py 1 0 1
tests/test_dbgap.py 4 1 5
tests/test_ras_authn.py 0 3 3
TOTAL 68 8 76

Please find the detailed integration test report here (login here first)

pieterlukasse
pieterlukasse previously approved these changes Jul 30, 2025
View reviewed changes
@github-actions
Copy link

github-actions bot commented Jul 30, 2025

filepath passed failed skipped SUBTOTAL
tests/test_oauth2.py 15 0 0 15
tests/test_centralized_auth.py 16 0 0 16
tests/test_data_upload.py 8 0 1 9
tests/test_presigned_url.py 7 0 0 7
tests/test_audit_service.py 3 0 3 6
tests/test_dbgap.py 4 0 1 5
tests/test_register_user.py 1 1 0 2
tests/test_oidc_client.py 2 0 0 2
tests/test_drs_endpoint.py 4 0 0 4
tests/test_google_data_access.py 1 0 0 1
tests/test_client_credentials.py 1 0 0 1
tests/test_user_token.py 4 1 0 5
tests/test_ras_authn.py 0 0 3 3
TOTAL 66 2 8 76

Please find the detailed integration test report here (login here first)

@github-actions
Copy link

github-actions bot commented Jul 30, 2025

filepath passed SUBTOTAL
tests/test_user_token.py 5 5
TOTAL 5 5

Please find the detailed integration test report here (login here first)

@paulineribeyre paulineribeyre merged commit cc57cef into master Jul 31, 2025
11 checks passed
@paulineribeyre paulineribeyre deleted the paulineribeyre-patch-1 branch July 31, 2025 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pieterlukasse pieterlukasse pieterlukasse approved these changes

Assignees

No one assigned

Labels

TestUserToken

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@paulineribeyre @coveralls @pieterlukasse