nlbone 0.8.7__py3-none-any.whl → 0.9.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. nlbone/adapters/auth/auth_service.py +18 -3
  2. nlbone/interfaces/api/dependencies/async_auth.py +3 -3
  3. nlbone/interfaces/api/dependencies/auth.py +5 -8
  4. nlbone/interfaces/api/middleware/authentication.py +1 -1
  5. {nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/METADATA +1 -1
  6. {nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/RECORD +9 -9
  7. {nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/WHEEL +0 -0
  8. {nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/entry_points.txt +0 -0
  9. {nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/licenses/LICENSE +0 -0
nlbone/adapters/auth/auth_service.py CHANGED
@@ -1,3 +1,5 @@
1
+ import functools
2
+
1
3
  import requests
2
4
 
3
5
  from nlbone.config.settings import get_settings
@@ -15,7 +17,12 @@ class AuthService(BaseAuthService):
15
17
  self._timeout = float(s.HTTP_TIMEOUT_SECONDS)
16
18
  self._client = requests.session()
17
19
 
18
- def has_access(self, token: str, permissions: list[str]) -> bool: ...
20
+ def has_access(self, token: str, permissions: list[str]) -> bool:
21
+ data = self.verify_token(token)
22
+ if not data:
23
+ return False
24
+ has_access = [self.client_id + "#" + perm in data.get("allowed_permissions", []) for perm in permissions]
25
+ return all(has_access)
19
26
 
20
27
  @cached(ttl=15 * 60)
21
28
  def verify_token(self, token: str) -> dict:
@@ -41,7 +48,9 @@ class AuthService(BaseAuthService):
41
48
  return result.json()
42
49
  return None
43
50
 
44
- def is_client_token(self, token: str, allowed_clients: set[str] | None = None) -> bool: ...
51
+ def is_client_token(self, token: str, allowed_clients: set[str] | None = None) -> bool:
52
+ data = self.verify_token(token)
53
+ return data.get('preferred_username').startswith('service-account')
45
54
 
46
55
  def client_has_access(self, token: str, permissions: list[str], allowed_clients: set[str] | None = None) -> bool:
47
56
  data = self.verify_token(token)
@@ -50,4 +59,10 @@ class AuthService(BaseAuthService):
50
59
  has_access = [self.client_id + "#" + perm in data.get("allowed_permissions", []) for perm in permissions]
51
60
  return all(has_access)
52
61
 
53
- def get_permissions(self, token: str) -> list[str]: ...
62
+ def get_permissions(self, token: str) -> list[str]:
63
+ data = self.verify_token(token)
64
+ return data.get('allowed_permissions', [])
65
+
66
+ @functools.lru_cache(maxsize=1)
67
+ def get_auth_service() -> AuthService:
68
+ return AuthService()
nlbone/interfaces/api/dependencies/async_auth.py CHANGED
@@ -1,6 +1,6 @@
1
1
  import functools
2
2
 
3
- from nlbone.adapters.auth import KeycloakAuthService
3
+ from nlbone.adapters.auth.auth_service import get_auth_service
4
4
  from nlbone.interfaces.api.exceptions import ForbiddenException, UnauthorizedException
5
5
  from nlbone.utils.context import current_request
6
6
 
@@ -16,7 +16,7 @@ async def current_user_id() -> int:
16
16
 
17
17
  async def current_client_id() -> str:
18
18
  request = current_request()
19
- if client_id := KeycloakAuthService().get_client_id(request.state.token):
19
+ if client_id := get_auth_service().get_client_id(request.state.token):
20
20
  return str(client_id)
21
21
  raise UnauthorizedException()
22
22
 
@@ -50,7 +50,7 @@ def has_access(*, permissions=None):
50
50
  request = current_request()
51
51
  if not await current_user_id():
52
52
  raise UnauthorizedException()
53
- if not KeycloakAuthService().has_access(request.state.token, permissions=permissions):
53
+ if not get_auth_service().has_access(request.state.token, permissions=permissions):
54
54
  raise ForbiddenException(f"Forbidden {permissions}")
55
55
 
56
56
  return await func(*args, **kwargs)
nlbone/interfaces/api/dependencies/auth.py CHANGED
@@ -1,8 +1,7 @@
1
1
  import functools
2
2
 
3
3
  from nlbone.core.domain.models import CurrentUserData
4
- from nlbone.adapters.auth import KeycloakAuthService
5
- from nlbone.adapters.auth.keycloak import get_auth_service
4
+ from nlbone.adapters.auth.auth_service import get_auth_service
6
5
  from nlbone.config.settings import get_settings
7
6
  from nlbone.interfaces.api.exceptions import ForbiddenException, UnauthorizedException
8
7
  from nlbone.utils.context import current_request
@@ -31,14 +30,14 @@ def current_user() -> CurrentUserData:
31
30
 
32
31
  def current_client_id() -> str:
33
32
  request = current_request()
34
- if client_id := KeycloakAuthService().get_client_id(request.state.token):
33
+ if client_id := get_auth_service().get_client_id(request.state.token):
35
34
  return str(client_id)
36
35
  raise UnauthorizedException()
37
36
 
38
37
 
39
38
  def client_has_access_func(*, permissions=None):
40
39
  request = current_request()
41
- if not KeycloakAuthService().client_has_access(request.state.token, permissions=permissions):
40
+ if not get_auth_service().client_has_access(request.state.token, permissions=permissions):
42
41
  raise ForbiddenException(f"Forbidden {permissions}")
43
42
  return True
44
43
 
@@ -71,10 +70,8 @@ def user_has_access_func(*, permissions=None):
71
70
  request = current_request()
72
71
  if not current_user_id():
73
72
  raise UnauthorizedException()
74
- user_permissions = get_auth_service().get_permissions(request.state.token)
75
- for p in permissions or []:
76
- if p not in user_permissions:
77
- raise ForbiddenException(f"Forbidden {permissions}")
73
+ if not get_auth_service().has_access(request.state.token, permissions=permissions):
74
+ raise ForbiddenException(f"Forbidden {permissions}")
78
75
  return True
79
76
 
80
77
 
nlbone/interfaces/api/middleware/authentication.py CHANGED
@@ -88,7 +88,7 @@ class AuthenticationMiddleware(BaseHTTPMiddleware):
88
88
  return await call_next(request)
89
89
  if request.headers.get("X-Client-Id") == "website" and request.headers.get("Authorization"):
90
90
  authenticate_user(request)
91
- elif request.cookies.get("access_token"):
91
+ elif request.cookies.get("access_token") or request.headers.get("Authorization"):
92
92
  authenticate_user(request)
93
93
  elif request.headers.get("Authorization"):
94
94
  authenticate_admin_user(request, auth_service=self._get_auth)
{nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: nlbone
3
- Version: 0.8.7
3
+ Version: 0.9.0
4
4
  Summary: Backbone package for interfaces and infrastructure in Python projects
5
5
  Author-email: Amir Hosein Kahkbazzadeh <a.khakbazzadeh@gmail.com>
6
6
  License: MIT
{nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/RECORD RENAMED
@@ -4,7 +4,7 @@ nlbone/types.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
4
4
  nlbone/adapters/__init__.py,sha256=NzUmk4XPyp3GJOw7VSE86xkQMZLtG3MrOoXLeoB551M,41
5
5
  nlbone/adapters/snowflake.py,sha256=eC5eXWgkTIJlO5J44VFbD1-MXj8HYs0lCNp37paSfXY,2324
6
6
  nlbone/adapters/auth/__init__.py,sha256=hkDHvsFhw_UiOHG9ZSMqjiAhK4wumEforitveSZswVw,42
7
- nlbone/adapters/auth/auth_service.py,sha256=9KoVqWUr5PpB8nYkdduogh6DtEGzVUSaXJ9ZbdGgKuM,2051
7
+ nlbone/adapters/auth/auth_service.py,sha256=l8SyskSyswas940i-hXEnJ-gboTpjsXURm_GiAMQwMY,2591
8
8
  nlbone/adapters/auth/keycloak.py,sha256=IhEriaFl5mjIGT6ZUCU9qROd678ARchvWgd4UJ6zH7s,4925
9
9
  nlbone/adapters/auth/token_provider.py,sha256=kzjFAaFY8SPnU0Tn6l-YVrhEOAiFV0QE3eit3D7u2VQ,1438
10
10
  nlbone/adapters/cache/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -81,15 +81,15 @@ nlbone/interfaces/api/additional_filed/resolver.py,sha256=jv1TIBBHN4LBIMwHGipcy4
81
81
  nlbone/interfaces/api/additional_filed/default_field_rules/__init__.py,sha256=LUSAOO3xRUt5ptlraIx7H-7dSkdr1D-WprmnqXRB16g,48
82
82
  nlbone/interfaces/api/additional_filed/default_field_rules/image_field_rules.py,sha256=ecKqPeXZ-YiF14RK9PmK7ln3PCzpCUc18S5zm5IF3fw,339
83
83
  nlbone/interfaces/api/dependencies/__init__.py,sha256=rnYRrFVZCfICQrp_PVFlzNg3BeC57yM08wn2DbOHCfk,359
84
- nlbone/interfaces/api/dependencies/async_auth.py,sha256=uQV36yk7s7SVsnwuA3eZ2NfqqVOe0vPFOSLuZcVsS8s,2122
85
- nlbone/interfaces/api/dependencies/auth.py,sha256=GGhXTUG0J_VHOjsQTBFpxHQV1OvT6RIGo2Jvj9IwQ6E,3310
84
+ nlbone/interfaces/api/dependencies/async_auth.py,sha256=CSl87X76qNuUfvvmtDN6uPwFJNbdrKWUuW4U3CZ3e1E,2126
85
+ nlbone/interfaces/api/dependencies/auth.py,sha256=tE9T5HeRPqtimVDB-lYX_5lBaVvERSILT9FP55P-9hk,3190
86
86
  nlbone/interfaces/api/dependencies/client_credential.py,sha256=Bo4dYx75Qw0JzTKD9ZfV5EXDEOuwndJk2D-V37K2ePg,1293
87
87
  nlbone/interfaces/api/dependencies/db.py,sha256=-UD39J_86UU7ZJs2ZncpdND0yhAG0NeeeALrgSDuuFw,466
88
88
  nlbone/interfaces/api/dependencies/uow.py,sha256=QfLEvLYLNWZJQN1k-0q0hBVtUld3D75P4j39q_RjcnE,1181
89
89
  nlbone/interfaces/api/middleware/__init__.py,sha256=zbX2vaEAfxRMIYwO2MVY_2O6bqG5H9o7HqGpX14U3Is,158
90
90
  nlbone/interfaces/api/middleware/access_log.py,sha256=vIkxxxfy2HcjqqKb8XCfGCcSrivAC8u6ie75FMq5x-U,1032
91
91
  nlbone/interfaces/api/middleware/add_request_context.py,sha256=o8mdo-D6fODM9OyHunE5UodkVxsh4F__5tDv8ju8Sxg,1952
92
- nlbone/interfaces/api/middleware/authentication.py,sha256=Bt6sYu4KtXAyUQnSIp-Z2Z1yKNNtfRy9Y3rOZcYTFhw,3299
92
+ nlbone/interfaces/api/middleware/authentication.py,sha256=scXytNOtV7bg7iLtw19tdhmeIFQmY5qF6HCXAUbKGXg,3339
93
93
  nlbone/interfaces/api/pagination/__init__.py,sha256=pA1uC4rK6eqDI5IkLVxmgO2B6lExnOm8Pje2-hifJZw,431
94
94
  nlbone/interfaces/api/pagination/offset_base.py,sha256=pdfNgmP99eFC5qCWyY1JgW8hNhOuEGnmrlvQPGArdj8,4709
95
95
  nlbone/interfaces/api/schema/__init__.py,sha256=LAqgynfupeqOQ6u0I5ucrcYnojRMZUg9yW8IjKSQTNI,119
@@ -116,8 +116,8 @@ nlbone/utils/normalize_mobile.py,sha256=sGH4tV9gX-6eVKozviNWJhm1DN1J28Nj-ERldCYk
116
116
  nlbone/utils/read_files.py,sha256=mx8dfvtaaARQFRp_U7OOiERg-GT62h09_lpTzIQsVhs,291
117
117
  nlbone/utils/redactor.py,sha256=-V4HrHmHwPi3Kez587Ek1uJlgK35qGSrwBOvcbw8Jas,1279
118
118
  nlbone/utils/time.py,sha256=DjjyQ9GLsfXoT6NK8RDW2rOlJg3e6sF04Jw6PBUrSvg,1268
119
- nlbone-0.8.7.dist-info/METADATA,sha256=BWhAnL79xAnbCEzF5gr7ttturbVDNcn-N2JvysN-4Yk,2294
120
- nlbone-0.8.7.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
121
- nlbone-0.8.7.dist-info/entry_points.txt,sha256=CpIL45t5nbhl1dGQPhfIIDfqqak3teK0SxPGBBr7YCk,59
122
- nlbone-0.8.7.dist-info/licenses/LICENSE,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
123
- nlbone-0.8.7.dist-info/RECORD,,
119
+ nlbone-0.9.0.dist-info/METADATA,sha256=2GgKIXQKJN0w0vK9mjf5aPvQ3bjuC-Db0VLUY_Jwmh8,2294
120
+ nlbone-0.9.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
121
+ nlbone-0.9.0.dist-info/entry_points.txt,sha256=CpIL45t5nbhl1dGQPhfIIDfqqak3teK0SxPGBBr7YCk,59
122
+ nlbone-0.9.0.dist-info/licenses/LICENSE,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
123
+ nlbone-0.9.0.dist-info/RECORD,,
{nlbone-0.8.7.dist-info → nlbone-0.9.0.dist-info}/WHEEL RENAMED
File without changes