PyPI - cornflow - Versions diffs - 1.1.5a1__py3-none-any.whl → 1.2.0a1__py3-none-any.whl - Mend

cornflow 1.1.5a1py3-none-any.whl → 1.2.0a1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

cornflow/app.py +8 -3
cornflow/cli/service.py +14 -6
cornflow/config.py +9 -10
cornflow/endpoints/login.py +54 -57
cornflow/schemas/user.py +3 -17
cornflow/shared/authentication/auth.py +211 -254
cornflow/shared/const.py +3 -14
cornflow/tests/custom_test_case.py +42 -21
cornflow/tests/unit/test_actions.py +2 -2
cornflow/tests/unit/test_apiview.py +2 -2
cornflow/tests/unit/test_cases.py +20 -29
cornflow/tests/unit/test_dags.py +5 -5
cornflow/tests/unit/test_instances.py +2 -2
cornflow/tests/unit/test_instances_file.py +1 -1
cornflow/tests/unit/test_licenses.py +1 -1
cornflow/tests/unit/test_log_in.py +227 -207
cornflow/tests/unit/test_permissions.py +8 -8
cornflow/tests/unit/test_roles.py +10 -10
cornflow/tests/unit/test_tables.py +7 -7
cornflow/tests/unit/test_token.py +12 -6
{cornflow-1.1.5a1.dist-info → cornflow-1.2.0a1.dist-info}/METADATA +3 -2
{cornflow-1.1.5a1.dist-info → cornflow-1.2.0a1.dist-info}/RECORD +25 -25
{cornflow-1.1.5a1.dist-info → cornflow-1.2.0a1.dist-info}/WHEEL +1 -1
{cornflow-1.1.5a1.dist-info → cornflow-1.2.0a1.dist-info}/entry_points.txt +0 -0
{cornflow-1.1.5a1.dist-info → cornflow-1.2.0a1.dist-info}/top_level.txt +0 -0

cornflow/tests/custom_test_case.py CHANGED Viewed

@@ -27,12 +27,12 @@ import jwt
 # Import from internal modules
 from cornflow.app import create_app
-from cornflow.models import UserRoleModel
+from cornflow.models import UserRoleModel, UserModel
 from cornflow.commands.access import access_init_command
 from cornflow.commands.dag import register_deployed_dags_command_test
 from cornflow.commands.permissions import register_dag_permissions_command
 from cornflow.shared.authentication import Auth
-from cornflow.shared.const import ADMIN_ROLE, PLANNER_ROLE, SERVICE_ROLE
+from cornflow.shared.const import ADMIN_ROLE, PLANNER_ROLE, SERVICE_ROLE, INTERNAL_TOKEN_ISSUER
 from cornflow.shared import db
 from cornflow.tests.const import (
     LOGIN_URL,
@@ -121,7 +121,8 @@ class CustomTestCase(TestCase):
             headers={"Content-Type": "application/json"},
         ).json["token"]
-        self.user = Auth.return_user_from_token(self.token)
+        data = Auth().decode_token(self.token)
+        self.user = UserModel.get_one_object(username=data["username"])
         self.url = None
         self.model = None
         self.copied_items = set()
@@ -828,7 +829,7 @@ class CheckTokenTestCase:
                     follow_redirects=True,
                     headers={
                         "Content-Type": "application/json",
-                        "Authorization": "Bearer " + self.token,
+                        "Authorization": f"Bearer {self.token}",
                     },
                 )
             else:
@@ -982,34 +983,45 @@ class LoginTestCases:
             """
             Tests using an expired token.
             """
-            token = (
-                "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MTA1MzYwNjUsImlhdCI6MTYxMDQ0OTY2NSwic3ViIjoxfQ"
-                ".QEfmO-hh55PjtecnJ1RJT3aW2brGLadkg5ClH9yrRnc "
-            )
+            # First log in to get a valid user
             payload = self.data
             response = self.client.post(
                 LOGIN_URL,
                 data=json.dumps(payload),
                 follow_redirects=True,
                 headers={"Content-Type": "application/json"},
             )
             self.idx = response.json["id"]
+            # Generate an expired token
+            expired_payload = {
+                # Token expired 1 hour ago
+                "exp": datetime.utcnow() - timedelta(hours=1),
+                # Token created 2 hours ago
+                "iat": datetime.utcnow() - timedelta(hours=2),
+                "sub": self.idx,
+                "iss": INTERNAL_TOKEN_ISSUER,
+            }
+            expired_token = jwt.encode(
+                expired_payload,
+                current_app.config["SECRET_TOKEN_KEY"],
+                algorithm="HS256"
+            )
+            # Try to use the expired token
             response = self.client.get(
                 USER_URL + str(self.idx) + "/",
                 follow_redirects=True,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Bearer " + token,
+                    "Authorization": f"Bearer {expired_token}",
                 },
             )
             self.assertEqual(400, response.status_code)
             self.assertEqual(
-                "The token has expired, please login again", response.json["error"]
+                "The token has expired, please login again",
+                response.json["error"]
             )
         def test_bad_format_token(self):
@@ -1040,13 +1052,8 @@ class LoginTestCases:
             """
             Tests using an invalid token.
             """
-            token = (
-                "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MTA1Mzk5NTMsImlhdCI6MTYxMDQ1MzU1Mywic3ViIjoxfQ"
-                ".g3Gh7k7twXZ4K2MnQpgpSr76Sl9VX6TkDWusX5YzImo"
-            )
+            # First log in to get a valid user
             payload = self.data
             response = self.client.post(
                 LOGIN_URL,
                 data=json.dumps(payload),
@@ -1055,18 +1062,32 @@ class LoginTestCases:
             )
             self.idx = response.json["id"]
+            # Generate an invalid token with wrong issuer
+            invalid_payload = {
+                "exp": datetime.utcnow() + timedelta(hours=1),
+                "iat": datetime.utcnow(),
+                "sub": self.idx,
+                "iss": "invalid_issuer",
+            }
+            invalid_token = jwt.encode(
+                invalid_payload,
+                current_app.config["SECRET_TOKEN_KEY"],
+                algorithm="HS256"
+            )
+            # Try to use the invalid token
             response = self.client.get(
                 USER_URL + str(self.idx) + "/",
                 follow_redirects=True,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Bearer " + token,
+                    "Authorization": f"Bearer {invalid_token}",
                 },
             )
             self.assertEqual(400, response.status_code)
             self.assertEqual(
-                "Invalid token, please try again with a new token",
+                "Invalid token issuer. Token must be issued by a valid provider",
                 response.json["error"],
             )

cornflow/tests/unit/test_actions.py CHANGED Viewed

@@ -67,7 +67,7 @@ class TestActionsListEndpoint(CustomTestCase):
                 follow_redirects=True,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Bearer " + self.token,
+                    "Authorization": f"Bearer {self.token}",
                 },
             )
             self.assertEqual(200, response.status_code)
@@ -89,7 +89,7 @@ class TestActionsListEndpoint(CustomTestCase):
                     follow_redirects=True,
                     headers={
                         "Content-Type": "application/json",
-                        "Authorization": "Bearer " + self.token,
+                        "Authorization": f"Bearer {self.token}",
                     },
                 )

cornflow/tests/unit/test_apiview.py CHANGED Viewed

@@ -71,7 +71,7 @@ class TestApiViewListEndpoint(CustomTestCase):
                 follow_redirects=True,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Bearer " + self.token,
+                    "Authorization": f"Bearer {self.token}",
                 },
             )
             self.assertEqual(200, response.status_code)
@@ -97,7 +97,7 @@ class TestApiViewListEndpoint(CustomTestCase):
                     follow_redirects=True,
                     headers={
                         "Content-Type": "application/json",
-                        "Authorization": "Bearer " + self.token,
+                        "Authorization": f"Bearer {self.token}",
                     },
                 )

cornflow/tests/unit/test_cases.py CHANGED Viewed

@@ -90,11 +90,10 @@ class TestCasesModels(CustomTestCase):
         self.payload = load_file(INSTANCE_PATH)
         self.payloads = [load_file(f) for f in INSTANCES_LIST]
         parents = [None, 1, 1, 3, 3, 3, 1, 7, 7, 9, 7]
-        user = UserModel.get_one_user(self.user)
-        data = {**self.payload, **dict(user_id=user.id)}
+        data = {**self.payload, **dict(user_id=self.user.id)}
         for parent in parents:
             if parent is not None:
-                parent = CaseModel.get_one_object(user=user, idx=parent)
+                parent = CaseModel.get_one_object(user=self.user, idx=parent)
             node = CaseModel(data=data, parent=parent)
             node.save()
@@ -106,10 +105,9 @@ class TestCasesModels(CustomTestCase):
         - Correct path generation for cases
         - Proper parent-child relationships
         """
-        user = UserModel.get_one_user(self.user)
-        case = CaseModel.get_one_object(user=user, idx=6)
+        case = CaseModel.get_one_object(user=self.user, idx=6)
         self.assertEqual(case.path, "1/3/")
-        case = CaseModel.get_one_object(user=user, idx=11)
+        case = CaseModel.get_one_object(user=self.user, idx=11)
         self.assertEqual(case.path, "1/7/")
     def test_move_case(self):
@@ -120,9 +118,8 @@ class TestCasesModels(CustomTestCase):
         - Cases can be moved to new parents
         - Path updates correctly after move
         """
-        user = UserModel.get_one_user(self.user)
-        case6 = CaseModel.get_one_object(user=user, idx=6)
-        case11 = CaseModel.get_one_object(user=user, idx=11)
+        case6 = CaseModel.get_one_object(user=self.user, idx=6)
+        case11 = CaseModel.get_one_object(user=self.user, idx=11)
         case6.move_to(case11)
         self.assertEqual(case6.path, "1/7/11/")
@@ -135,11 +132,10 @@ class TestCasesModels(CustomTestCase):
         - Nested path updates
         - Path integrity after moves
         """
-        user = UserModel.get_one_user(self.user)
-        case3 = CaseModel.get_one_object(user=user, idx=3)
-        case11 = CaseModel.get_one_object(user=user, idx=11)
-        case9 = CaseModel.get_one_object(user=user, idx=9)
-        case10 = CaseModel.get_one_object(user=user, idx=10)
+        case3 = CaseModel.get_one_object(user=self.user, idx=3)
+        case11 = CaseModel.get_one_object(user=self.user, idx=11)
+        case9 = CaseModel.get_one_object(user=self.user, idx=9)
+        case10 = CaseModel.get_one_object(user=self.user, idx=10)
         case3.move_to(case11)
         case9.move_to(case3)
         self.assertEqual(case10.path, "1/7/11/3/9/")
@@ -152,10 +148,9 @@ class TestCasesModels(CustomTestCase):
         - Case deletion removes the case
         - Child cases are properly handled
         """
-        user = UserModel.get_one_user(self.user)
-        case7 = CaseModel.get_one_object(user=user, idx=7)
+        case7 = CaseModel.get_one_object(user=self.user, idx=7)
         case7.delete()
-        case11 = CaseModel.get_one_object(user=user, idx=11)
+        case11 = CaseModel.get_one_object(user=self.user, idx=11)
         self.assertIsNone(case11)
     def test_descendants(self):
@@ -166,8 +161,7 @@ class TestCasesModels(CustomTestCase):
         - Correct counting of descendants
         - Proper descendant relationships
         """
-        user = UserModel.get_one_user(self.user)
-        case7 = CaseModel.get_one_object(user=user, idx=7)
+        case7 = CaseModel.get_one_object(user=self.user, idx=7)
         self.assertEqual(len(case7.descendants), 4)
     def test_depth(self):
@@ -178,8 +172,7 @@ class TestCasesModels(CustomTestCase):
         - Correct depth calculation in case tree
         - Proper nesting level determination
         """
-        user = UserModel.get_one_user(self.user)
-        case10 = CaseModel.get_one_object(user=user, idx=10)
+        case10 = CaseModel.get_one_object(user=self.user, idx=10)
         self.assertEqual(case10.depth, 4)
@@ -234,12 +227,11 @@ class TestCasesFromInstanceExecutionEndpoint(CustomTestCase):
             "execution_id": execution_id,
             "schema": "solve_model_dag",
         }
-        self.user_object = UserModel.get_one_user(self.user)
         self.instance = InstanceModel.get_one_object(
-            user=self.user_object, idx=instance_id
+            user=self.user, idx=instance_id
         )
         self.execution = ExecutionModel.get_one_object(
-            user=self.user_object, idx=execution_id
+            user=self.user, idx=execution_id
         )
     def test_new_case_execution(self):
@@ -266,7 +258,7 @@ class TestCasesFromInstanceExecutionEndpoint(CustomTestCase):
         self.payload["schema"] = self.instance.schema
         self.payload["solution"] = self.execution.data
         self.payload["solution_hash"] = self.execution.data_hash
-        self.payload["user_id"] = self.user
+        self.payload["user_id"] = self.user.id
         self.payload["indicators"] = ""
         for key in self.response_items:
@@ -293,7 +285,7 @@ class TestCasesFromInstanceExecutionEndpoint(CustomTestCase):
         self.payload["data"] = self.instance.data
         self.payload["data_hash"] = self.instance.data_hash
         self.payload["schema"] = self.instance.schema
-        self.payload["user_id"] = self.user
+        self.payload["user_id"] = self.user.id
         self.payload["solution"] = None
         self.payload["solution_hash"] = hash_json_256(None)
         self.payload["indicators"] = ""
@@ -488,10 +480,9 @@ class TestCaseCopyEndpoint(CustomTestCase):
         new_case = self.create_new_row(
             self.url + str(self.case_id) + "/copy/", self.model, {}, check_payload=False
         )
-        user = UserModel.get_one_user(self.user)
-        original_case = CaseModel.get_one_object(user=user, idx=self.case_id)
-        new_case = CaseModel.get_one_object(user=user, idx=new_case["id"])
+        original_case = CaseModel.get_one_object(user=self.user, idx=self.case_id)
+        new_case = CaseModel.get_one_object(user=self.user, idx=new_case["id"])
         for key in self.copied_items:
             self.assertEqual(getattr(original_case, key), getattr(new_case, key))

cornflow/tests/unit/test_dags.py CHANGED Viewed

@@ -372,7 +372,7 @@ class TestDeployedDAG(TestCase):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
@@ -403,7 +403,7 @@ class TestDeployedDAG(TestCase):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
@@ -428,7 +428,7 @@ class TestDeployedDAG(TestCase):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
@@ -440,7 +440,7 @@ class TestDeployedDAG(TestCase):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
@@ -455,7 +455,7 @@ class TestDeployedDAG(TestCase):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
         self.assertEqual(response.status_code, 400)

cornflow/tests/unit/test_instances.py CHANGED Viewed

@@ -67,7 +67,7 @@ class TestInstancesListEndpoint(BaseTestCases.ListFilters):
             follow_redirects=True,
             headers={
                 "Content-Type": "application/json",
-                "Authorization": "Bearer " + self.token,
+                "Authorization": f"Bearer {self.token}",
             },
         )
         self.assertEqual(400, response.status_code)
@@ -203,7 +203,7 @@ class TestInstancesDataEndpoint(TestInstancesDetailEndpointBase):
         idx = self.create_new_row(self.url, self.model, self.payload)
         headers = {
             "Content-Type": "application/json",
-            "Authorization": "Bearer " + self.token,
+            "Authorization": f"Bearer {self.token}",
             "Accept-Encoding": "gzip",
         }
         response = self.client.get(INSTANCE_URL + idx + "/data/", headers=headers)

cornflow/tests/unit/test_instances_file.py CHANGED Viewed

@@ -28,7 +28,7 @@ class TestInstances(CustomTestCase):
                 follow_redirects=True,
                 headers={
                     "Content-Type": "multipart/form-data",
-                    "Authorization": "Bearer " + self.token,
+                    "Authorization": f"Bearer {self.token}",
                 },
             )

cornflow/tests/unit/test_licenses.py CHANGED Viewed

@@ -33,7 +33,7 @@ class TestLicensesListEndpoint(CustomTestCase):
                 follow_redirects=True,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Bearer " + self.token,
+                    "Authorization": f"Bearer {self.token}",
                 },
             )

cornflow 1.1.5a1__py3-none-any.whl → 1.2.0a1__py3-none-any.whl

cornflow 1.1.5a1py3-none-any.whl → 1.2.0a1py3-none-any.whl