PyPI - mage-ai - Versions diffs - 0.9.65__py3-none-any.whl → 0.9.67__py3-none-any.whl - Mend

mage-ai 0.9.65py3-none-any.whl → 0.9.67py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of mage-ai might be problematic. Click here for more details.

Files changed (242) hide show

mage_ai/api/monitors/BaseMonitor.py CHANGED Viewed

@@ -6,7 +6,7 @@ from mage_ai.usage_statistics.constants import EventNameType
 from mage_ai.usage_statistics.logger import UsageStatisticLogger
-class BaseMonitor():
+class BaseMonitor:
     def __init__(self, resource, user, error, **kwargs):
         self.error = error
         self.options = kwargs
@@ -24,21 +24,43 @@ class BaseMonitor():
         if self.error.type:
             data['type'] = self.error.type
-        asyncio.run(UsageStatisticLogger().error(
-            event_name=EventNameType.API_ERROR,
+        loop = asyncio.get_event_loop()
+        kwargs = dict(
             resource=self.resource,
-            **extract(data, [
-                'code',
-                'errors',
-                'message',
-                'type',
-            ]),
-            **extract(self.options, [
-                'operation',
-                'resource_id',
-                'resource_parent',
-                'resource_parent_id',
-            ]),
-        ))
+            **extract(
+                data,
+                [
+                    'code',
+                    'errors',
+                    'message',
+                    'type',
+                ],
+            ),
+            **extract(
+                self.options,
+                [
+                    'operation',
+                    'resource_id',
+                    'resource_parent',
+                    'resource_parent_id',
+                ],
+            ),
+        )
+        if loop is not None:
+            loop.create_task(
+                UsageStatisticLogger().error(
+                    EventNameType.API_ERROR,
+                    **kwargs
+                )
+            )
+        else:
+            asyncio.run(
+                UsageStatisticLogger().error(
+                    EventNameType.API_ERROR,
+                    **kwargs
+                )
+            )
         return data

mage_ai/api/policies/BackfillPolicy.py CHANGED Viewed

@@ -62,6 +62,7 @@ BackfillPolicy.allow_write([
     'interval_type',
     'interval_units',
     'name',
+    'settings',
     'start_datetime',
     'status',
     'variables',

mage_ai/api/resources/OauthResource.py CHANGED Viewed

@@ -69,7 +69,7 @@ class OauthResource(GenericResource):
                             model.update(**auth_url_response)
                 if authenticated or new_token:
-                    model['authenticated'] = authenticated
+                    model['authenticated'] = True
                     if new_token:
                         access_tokens = [new_token]
                     model['expires'] = max(
@@ -78,7 +78,7 @@ class OauthResource(GenericResource):
                 oauths.append(model)
             except Exception:
-                continue
+                pass
         return self.build_result_set(oauths, user, **kwargs)
@@ -110,12 +110,20 @@ class OauthResource(GenericResource):
                 client_id=client_id,
                 client_type=Oauth2Application.ClientType.PRIVATE,
                 name=provider,
-                user_id=user.id if user else None,
             )
-        access_token = Oauth2AccessToken.query.filter(
+        access_token_query = Oauth2AccessToken.query.filter(
             Oauth2AccessToken.token == token,
-        ).first()
+        )
+        if user:
+            access_token_query = access_token_query.filter(
+                Oauth2AccessToken.user_id == user.id,
+            )
+        else:
+            access_token_query = access_token_query.filter(
+                Oauth2AccessToken.user_id.is_(None),
+            )
+        access_token = access_token_query.first()
         if expires_in:
             expire_timedelta = timedelta(seconds=int(expires_in))

mage_ai/api/resources/SessionResource.py CHANGED Viewed

@@ -10,9 +10,10 @@ from mage_ai.orchestration.db import safe_db_query
 from mage_ai.orchestration.db.models.oauth import Role, User
 from mage_ai.settings import (
     AUTHENTICATION_MODE,
-    LDAP_DEFAULT_ACCESS,
     OAUTH_DEFAULT_ACCESS,
+    get_settings_value,
 )
+from mage_ai.settings.keys import LDAP_DEFAULT_ACCESS
 from mage_ai.usage_statistics.logger import UsageStatisticLogger
@@ -97,10 +98,11 @@ class SessionResource(BaseResource):
                 role_names = conn.get_user_roles(user_attributes)
                 if role_names:
                     roles = Role.query.filter(Role.name.in_(role_names)).all()
+                ldap_default_access = get_settings_value(LDAP_DEFAULT_ACCESS)
                 if not roles and \
-                        LDAP_DEFAULT_ACCESS is not None and \
-                        LDAP_DEFAULT_ACCESS in [r for r in Role.DefaultRole]:
-                    default_role = Role.get_role(LDAP_DEFAULT_ACCESS)
+                        ldap_default_access is not None and \
+                        ldap_default_access in [r for r in Role.DefaultRole]:
+                    default_role = Role.get_role(ldap_default_access)
                     if default_role:
                         roles.append(default_role)
                 user = User.create(

mage_ai/authentication/ldap.py CHANGED Viewed

@@ -6,7 +6,8 @@ from ldap3 import Connection, Server
 from ldap3.core.exceptions import LDAPException
 from mage_ai.data_preparation.repo_manager import get_repo_config
-from mage_ai.settings import (
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import (
     LDAP_AUTHENTICATION_FILTER,
     LDAP_AUTHORIZATION_FILTER,
     LDAP_BASE_DN,
@@ -120,14 +121,23 @@ class LDAPConnection(LDAPAuthenticator):
 def new_ldap_connection() -> LDAPConnection:
     ldap_config_from_env_vars = dict(
-        server_url=LDAP_SERVER,
-        bind_dn=LDAP_BIND_DN,
-        bind_password=LDAP_BIND_PASSWORD,
-        base_dn=LDAP_BASE_DN,
-        authentication_filter=LDAP_AUTHENTICATION_FILTER,
-        authorization_filter=LDAP_AUTHORIZATION_FILTER,
-        group_field=LDAP_GROUP_FIELD,
-        roles_mapping=LDAP_ROLES_MAPPING,
+        server_url=get_settings_value(LDAP_SERVER, 'ldaps://127.0.0.1:1636'),
+        bind_dn=get_settings_value(LDAP_BIND_DN, 'cd=admin,dc=example,dc=org'),
+        bind_password=get_settings_value(LDAP_BIND_PASSWORD, 'admin_password'),
+        base_dn=get_settings_value(LDAP_BASE_DN, 'dc=example,dc=org'),
+        authentication_filter=get_settings_value(
+            LDAP_AUTHENTICATION_FILTER,
+            '(&(|(objectClass=Pers)(objectClass=gro))(cn={username}))'
+        ),
+        authorization_filter=get_settings_value(
+            LDAP_AUTHORIZATION_FILTER,
+            '(&(objectClass=groupOfNames)(cn=group)(member={user_dn}))'
+        ),
+        group_field=get_settings_value(
+            LDAP_GROUP_FIELD,
+            'memberOf',
+        ),
+        roles_mapping=get_settings_value(LDAP_ROLES_MAPPING),
     )
     try:
         ldap_config = get_repo_config().ldap_config

mage_ai/authentication/oauth/constants.py CHANGED Viewed

@@ -1,7 +1,9 @@
-import os
 from enum import Enum
 from typing import Optional
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import GHE_HOSTNAME
 ACTIVE_DIRECTORY_CLIENT_ID = '51aec820-9d49-40a9-b046-17c1f28f620d'
 GITHUB_CLIENT_ID = '8577f13ddc81e2848b07'
@@ -10,6 +12,7 @@ GITHUB_STATE = '1337'
 class ProviderName(str, Enum):
     ACTIVE_DIRECTORY = 'active_directory'
+    AZURE_DEVOPS = 'azure_devops'
     BITBUCKET = 'bitbucket'
     GITHUB = 'github'
     GITLAB = 'gitlab'
@@ -21,28 +24,19 @@ class ProviderName(str, Enum):
 VALID_OAUTH_PROVIDERS = [e.value for e in ProviderName]
-GHE_CLIENT_ID_ENV_VAR = 'GHE_CLIENT_ID'
-GHE_CLIENT_SECRET_ENV_VAR = 'GHE_CLIENT_SECRET'
-GHE_HOSTNAME_ENV_VAR = 'GHE_HOSTNAME'
-GITLAB_HOST = os.getenv('GITLAB_HOST')
-GITLAB_CLIENT_ID = os.getenv('GITLAB_CLIENT_ID')
-GITLAB_CLIENT_SECRET = os.getenv('GITLAB_CLIENT_SECRET')
-BITBUCKET_HOST = os.getenv('BITBUCKET_HOST')
-BITBUCKET_OAUTH_KEY = os.getenv('BITBUCKET_OAUTH_KEY')
-BITBUCKET_OAUTH_SECRET = os.getenv('BITBUCKET_OAUTH_SECRET')
 DEFAULT_GITHUB_HOSTNAME = 'https://github.com'
+# Github and GHE don't need to be added to this list because they are handled
+# separately for now.
 GIT_OAUTH_PROVIDERS = [
+    ProviderName.AZURE_DEVOPS,
     ProviderName.BITBUCKET,
     ProviderName.GITLAB,
 ]
 def get_ghe_hostname() -> Optional[str]:
-    ghe_hostname = os.getenv(GHE_HOSTNAME_ENV_VAR)
+    ghe_hostname = get_settings_value(GHE_HOSTNAME)
     if ghe_hostname and not ghe_hostname.startswith('http'):
         ghe_hostname = f'https://{ghe_hostname}'

mage_ai/authentication/oauth/utils.py CHANGED Viewed

@@ -22,8 +22,6 @@ def access_tokens_for_client(
 ) -> List[Oauth2AccessToken]:
     query = Oauth2Application.query.filter(Oauth2Application.client_id == client_id)
     query.cache = True
-    if user:
-        query.filter(Oauth2Application.user_id == user.id)
     oauth_client = query.first()
@@ -31,10 +29,18 @@ def access_tokens_for_client(
     if oauth_client:
         access_tokens_query = Oauth2AccessToken.query
         access_tokens_query.cache = True
-        access_tokens = access_tokens_query.filter(
+        access_tokens_query = access_tokens_query.filter(
             Oauth2AccessToken.expires > datetime.utcnow(),
             Oauth2AccessToken.oauth2_application_id == oauth_client.id,
         )
+        if user:
+            access_tokens = access_tokens_query.filter(
+                Oauth2AccessToken.user_id == user.id
+            )
+        else:
+            access_tokens = access_tokens_query.filter(
+                Oauth2AccessToken.user_id.is_(None)
+            )
     return [row for row in access_tokens]
@@ -47,8 +53,6 @@ async def refresh_token_for_client(
 ) -> Awaitable[Optional[Oauth2AccessToken]]:
     query = Oauth2Application.query.filter(Oauth2Application.client_id == client_id)
     query.cache = True
-    if user:
-        query.filter(Oauth2Application.user_id == user.id)
     oauth_client = query.first()
@@ -56,10 +60,18 @@ async def refresh_token_for_client(
     if oauth_client:
         access_tokens_query = Oauth2AccessToken.query
         access_tokens_query.cache = True
-        refreshable_tokens = access_tokens_query.filter(
+        access_tokens_query = access_tokens_query.filter(
             Oauth2AccessToken.refresh_token.is_not(None),
             Oauth2AccessToken.oauth2_application_id == oauth_client.id,
         )
+        if user:
+            refreshable_tokens = access_tokens_query.filter(
+                Oauth2AccessToken.user_id == user.id
+            )
+        else:
+            refreshable_tokens = access_tokens_query.filter(
+                Oauth2AccessToken.user_id.is_(None)
+            )
     new_token = None
     if refreshable_tokens:

mage_ai/authentication/providers/active_directory.py CHANGED Viewed

@@ -13,10 +13,11 @@ from mage_ai.authentication.providers.oauth import OauthProvider
 from mage_ai.authentication.providers.sso import SsoProvider
 from mage_ai.authentication.providers.utils import get_base_url
 from mage_ai.server.logger import Logger
-from mage_ai.settings import ACTIVE_DIRECTORY_DIRECTORY_ID
-from mage_ai.settings.sso import (
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import (
     ACTIVE_DIRECTORY_CLIENT_ID,
     ACTIVE_DIRECTORY_CLIENT_SECRET,
+    ACTIVE_DIRECTORY_DIRECTORY_ID,
     ACTIVE_DIRECTORY_ROLES_MAPPING,
 )
@@ -25,24 +26,28 @@ logger = Logger().new_server_logger(__name__)
 class ADProvider(SsoProvider, OauthProvider):
     provider = ProviderName.ACTIVE_DIRECTORY
+    scope = 'User.Read'
     def __init__(self):
+        self.directory_id = get_settings_value(ACTIVE_DIRECTORY_DIRECTORY_ID)
+        self.client_id = get_settings_value(ACTIVE_DIRECTORY_CLIENT_ID)
+        self.client_secret = get_settings_value(ACTIVE_DIRECTORY_CLIENT_SECRET)
         self.__validate()
-        self.roles_mapping = {}
-        if ACTIVE_DIRECTORY_ROLES_MAPPING:
+        self.roles_mapping = get_settings_value(ACTIVE_DIRECTORY_ROLES_MAPPING)
+        if self.roles_mapping:
             try:
-                self.roles_mapping = json.loads(ACTIVE_DIRECTORY_ROLES_MAPPING)
+                self.roles_mapping = json.loads(self.roles_mapping)
             except Exception:
                 logger.exception('Failed to parse roles mapping.')
     def __validate(self):
-        if not ACTIVE_DIRECTORY_DIRECTORY_ID:
+        if not self.directory_id:
             raise Exception(
                 'AD directory id is empty. '
                 'Make sure the ACTIVE_DIRECTORY_DIRECTORY_ID environment variable is set.'
             )
-        if ACTIVE_DIRECTORY_CLIENT_ID and not ACTIVE_DIRECTORY_CLIENT_SECRET:
+        if self.client_id and not self.client_secret:
             raise Exception(
                 'AD client secret is empty. '
                 'Make sure the ACTIVE_DIRECTORY_CLIENT_SECRET environment variable is set.'
@@ -55,20 +60,20 @@ class ADProvider(SsoProvider, OauthProvider):
         set up in Azure. They can additionally set the ACTIVE_DIRECTORY_CLIENT_ID and
         ACTIVE_DIRECTORY_CLIENT_SECRET which will use their own Mage application in Azure.
         """
-        ad_directory_id = ACTIVE_DIRECTORY_DIRECTORY_ID
-        if ACTIVE_DIRECTORY_CLIENT_ID:
+        ad_directory_id = self.directory_id
+        if self.client_id:
             base_url = get_base_url(redirect_uri)
             redirect_uri_query = dict(
                 provider=self.provider,
                 redirect_uri=redirect_uri,
             )
             query = dict(
-                client_id=ACTIVE_DIRECTORY_CLIENT_ID,
+                client_id=self.client_id,
                 redirect_uri=quote_plus(
                     f'{base_url}/oauth',
                 ),
                 response_type='code',
-                scope='User.Read',
+                scope=self.scope,
                 state=uuid.uuid4().hex,
             )
             query_strings = []
@@ -88,7 +93,7 @@ class ADProvider(SsoProvider, OauthProvider):
                 client_id=ACTIVE_DIRECTORY_MAGE_CLIENT_ID,
                 redirect_uri=f'https://api.mage.ai/v1/oauth/{self.provider}',
                 response_type='code',
-                scope='User.Read',
+                scope=self.scope,
                 state=quote_plus(
                     json.dumps(
                         dict(
@@ -116,12 +121,12 @@ class ADProvider(SsoProvider, OauthProvider):
                     'Accept': 'application/json',
                 },
                 data=dict(
-                    client_id=ACTIVE_DIRECTORY_CLIENT_ID,
-                    client_secret=ACTIVE_DIRECTORY_CLIENT_SECRET,
+                    client_id=self.client_id,
+                    client_secret=self.client_secret,
                     code=code,
                     grant_type='authorization_code',
                     redirect_uri=f'{base_url}/oauth',
-                    tenant=ACTIVE_DIRECTORY_DIRECTORY_ID,
+                    tenant=self.directory_id,
                 ),
                 timeout=20,
             ) as response:
@@ -150,7 +155,7 @@ class ADProvider(SsoProvider, OauthProvider):
             if self.roles_mapping:
                 try:
                     async with session.get(
-                        f'https://graph.microsoft.com/v1.0/servicePrincipals?$filter=appId eq \'{ACTIVE_DIRECTORY_CLIENT_ID}\'&$select=id',  # noqa: E501
+                        f'https://graph.microsoft.com/v1.0/servicePrincipals?$filter=appId eq \'{self.client_id}\'&$select=id',  # noqa: E501
                         headers={
                             'Content-Type': 'application\\json',
                             'Authorization': f'Bearer {access_token}',

mage_ai/authentication/providers/azure_devops.py ADDED Viewed

@@ -0,0 +1,18 @@
+from mage_ai.authentication.oauth.constants import ProviderName
+from mage_ai.authentication.providers.active_directory import ADProvider
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import AZURE_DEVOPS_ORGANIZATION
+class AzureDevopsProvider(ADProvider):
+    provider = ProviderName.AZURE_DEVOPS
+    # This is a hardcoded scope value that is used to get Git access to the Azure DevOps project.
+    # This should not be changed unless this scope stops working properly.
+    scope = '499b84ac-1321-427f-aa17-267ca6975798/.default'
+    def __init__(self):
+        super().__init__()
+        if not get_settings_value(AZURE_DEVOPS_ORGANIZATION):
+            raise Exception(
+                'Azure DevOps organization is empty. '
+                'Make sure the AZURE_DEVOPS_ORGANIZATION environment variable is set.')

mage_ai/authentication/providers/bitbucket.py CHANGED Viewed

@@ -5,23 +5,24 @@ from typing import Awaitable, Dict
 import aiohttp
 from aiohttp import BasicAuth
-from mage_ai.authentication.oauth.constants import (
+from mage_ai.authentication.oauth.constants import ProviderName
+from mage_ai.authentication.providers.oauth import OauthProvider
+from mage_ai.authentication.providers.utils import get_base_url
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import (
     BITBUCKET_HOST,
     BITBUCKET_OAUTH_KEY,
     BITBUCKET_OAUTH_SECRET,
-    ProviderName,
 )
-from mage_ai.authentication.providers.oauth import OauthProvider
-from mage_ai.authentication.providers.utils import get_base_url
 class BitbucketProvider(OauthProvider):
     provider = ProviderName.BITBUCKET
     def __init__(self):
-        self.hostname = BITBUCKET_HOST or 'https://bitbucket.org'
-        self.key = BITBUCKET_OAUTH_KEY
-        self.secret = BITBUCKET_OAUTH_SECRET
+        self.hostname = get_settings_value(BITBUCKET_HOST) or 'https://bitbucket.org'
+        self.key = get_settings_value(BITBUCKET_OAUTH_KEY)
+        self.secret = get_settings_value(BITBUCKET_OAUTH_SECRET)
         self.__validate()
     def __validate(self):
@@ -71,7 +72,7 @@ class BitbucketProvider(OauthProvider):
                     code=code,
                     redirect_uri=f'{base_url}/oauth',
                 ),
-                auth=BasicAuth(BITBUCKET_OAUTH_KEY, BITBUCKET_OAUTH_SECRET),
+                auth=BasicAuth(self.key, self.secret),
                 timeout=20,
             ) as response:
                 data = await response.json()
@@ -91,7 +92,7 @@ class BitbucketProvider(OauthProvider):
                     grant_type='refresh_token',
                     refresh_token=refresh_token,
                 ),
-                auth=BasicAuth(BITBUCKET_OAUTH_KEY, BITBUCKET_OAUTH_SECRET),
+                auth=BasicAuth(self.key, self.secret),
                 timeout=20,
             ) as response:
                 data = await response.json()

mage_ai/authentication/providers/constants.py CHANGED Viewed

@@ -1,5 +1,6 @@
 from mage_ai.authentication.oauth.constants import ProviderName
 from mage_ai.authentication.providers.active_directory import ADProvider
+from mage_ai.authentication.providers.azure_devops import AzureDevopsProvider
 from mage_ai.authentication.providers.bitbucket import BitbucketProvider
 from mage_ai.authentication.providers.ghe import GHEProvider
 from mage_ai.authentication.providers.gitlab import GitlabProvider
@@ -9,6 +10,7 @@ from mage_ai.authentication.providers.okta import OktaProvider
 NAME_TO_PROVIDER = {
     ProviderName.ACTIVE_DIRECTORY: ADProvider,
+    ProviderName.AZURE_DEVOPS: AzureDevopsProvider,
     ProviderName.BITBUCKET: BitbucketProvider,
     ProviderName.GHE: GHEProvider,
     ProviderName.GITLAB: GitlabProvider,

mage_ai/authentication/providers/ghe.py CHANGED Viewed

@@ -1,18 +1,14 @@
-import os
 import urllib.parse
 import uuid
 from typing import Awaitable, Dict
 import aiohttp
-from mage_ai.authentication.oauth.constants import (
-    GHE_CLIENT_ID_ENV_VAR,
-    GHE_CLIENT_SECRET_ENV_VAR,
-    ProviderName,
-    get_ghe_hostname,
-)
+from mage_ai.authentication.oauth.constants import ProviderName, get_ghe_hostname
 from mage_ai.authentication.providers.oauth import OauthProvider
 from mage_ai.authentication.providers.utils import get_base_url
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import GHE_CLIENT_ID, GHE_CLIENT_SECRET
 class GHEProvider(OauthProvider):
@@ -20,8 +16,8 @@ class GHEProvider(OauthProvider):
     def __init__(self):
         self.hostname = get_ghe_hostname()
-        self.client_id = os.getenv(GHE_CLIENT_ID_ENV_VAR)
-        self.client_secret = os.getenv(GHE_CLIENT_SECRET_ENV_VAR)
+        self.client_id = get_settings_value(GHE_CLIENT_ID)
+        self.client_secret = get_settings_value(GHE_CLIENT_SECRET)
         self.__validate()
     def __validate(self):

mage_ai/authentication/providers/gitlab.py CHANGED Viewed

@@ -4,25 +4,22 @@ from typing import Awaitable, Dict
 import aiohttp
-from mage_ai.authentication.oauth.constants import (
-    GITLAB_CLIENT_ID,
-    GITLAB_CLIENT_SECRET,
-    GITLAB_HOST,
-    ProviderName,
-)
+from mage_ai.authentication.oauth.constants import ProviderName
 from mage_ai.authentication.providers.oauth import OauthProvider
 from mage_ai.authentication.providers.utils import get_base_url
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import GITLAB_CLIENT_ID, GITLAB_CLIENT_SECRET, GITLAB_HOST
 class GitlabProvider(OauthProvider):
     provider = ProviderName.GITLAB
     def __init__(self):
-        self.hostname = GITLAB_HOST or 'https://gitlab.com'
+        self.hostname = get_settings_value(GITLAB_HOST) or 'https://gitlab.com'
         if not self.hostname.startswith('http'):
             self.hostname = f'https://{self.hostname}'
-        self.client_id = GITLAB_CLIENT_ID
-        self.client_secret = GITLAB_CLIENT_SECRET
+        self.client_id = get_settings_value(GITLAB_CLIENT_ID)
+        self.client_secret = get_settings_value(GITLAB_CLIENT_SECRET)
         self.__validate()
     def __validate(self):

mage_ai/authentication/providers/google.py CHANGED Viewed

@@ -8,18 +8,21 @@ from mage_ai.authentication.oauth.constants import ProviderName
 from mage_ai.authentication.providers.oauth import OauthProvider
 from mage_ai.authentication.providers.sso import SsoProvider
 from mage_ai.authentication.providers.utils import get_base_url
-from mage_ai.settings.sso import GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
 class GoogleProvider(SsoProvider, OauthProvider):
     provider = ProviderName.GOOGLE
     def __init__(self):
-        if not GOOGLE_CLIENT_ID:
+        self.client_id = get_settings_value(GOOGLE_CLIENT_ID)
+        self.client_secret = get_settings_value(GOOGLE_CLIENT_SECRET)
+        if not self.client_id:
             raise Exception(
                 'Google client id is empty. '
                 'Make sure the GOOGLE_CLIENT_ID environment variable is set.')
-        if not GOOGLE_CLIENT_SECRET:
+        if not self.client_secret:
             raise Exception(
                 'Google client secret is empty. '
                 'Make sure the GOOGLE_CLIENT_SECRET environment variable is set.')
@@ -31,7 +34,7 @@ class GoogleProvider(SsoProvider, OauthProvider):
             redirect_uri=redirect_uri,
         )
         query = dict(
-            client_id=GOOGLE_CLIENT_ID,
+            client_id=self.client_id,
             prompt='select_account',
             redirect_uri=urllib.parse.quote_plus(
                 f'{base_url}/oauth',
@@ -58,8 +61,8 @@ class GoogleProvider(SsoProvider, OauthProvider):
                 'https://oauth2.googleapis.com/token',
                 data=dict(
                     code=code,
-                    client_id=GOOGLE_CLIENT_ID,
-                    client_secret=GOOGLE_CLIENT_SECRET,
+                    client_id=self.client_id,
+                    client_secret=self.client_secret,
                     redirect_uri=f'{base_url}/oauth',
                     grant_type='authorization_code',
                 ),

mage_ai/authentication/providers/oidc.py CHANGED Viewed

@@ -10,7 +10,8 @@ from mage_ai.authentication.providers.oauth import OauthProvider
 from mage_ai.authentication.providers.sso import SsoProvider
 from mage_ai.authentication.providers.utils import get_base_url
 from mage_ai.server.logger import Logger
-from mage_ai.settings.sso import OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, OIDC_DISCOVERY_URL
+from mage_ai.settings import get_settings_value
+from mage_ai.settings.keys import OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, OIDC_DISCOVERY_URL
 logger = Logger().new_server_logger(__name__)
@@ -19,9 +20,9 @@ class OidcProvider(OauthProvider, SsoProvider):
     provider = ProviderName.OIDC_GENERIC
     def __init__(self):
-        self.discovery_url = OIDC_DISCOVERY_URL
-        self.client_id = OIDC_CLIENT_ID
-        self.client_secret = OIDC_CLIENT_SECRET
+        self.discovery_url = get_settings_value(OIDC_DISCOVERY_URL)
+        self.client_id = get_settings_value(OIDC_CLIENT_ID)
+        self.client_secret = get_settings_value(OIDC_CLIENT_SECRET)
         self.__validate()
         self.discover()
@@ -122,6 +123,7 @@ class OidcProvider(OauthProvider, SsoProvider):
                 },
                 timeout=10,
             ) as response:
+                response.raise_for_status()
                 userinfo_resp = await response.json()
         email = userinfo_resp.get('email')

mage-ai 0.9.65__py3-none-any.whl → 0.9.67__py3-none-any.whl

Potentially problematic release.

mage-ai 0.9.65py3-none-any.whl → 0.9.67py3-none-any.whl