timber-common 0.2.3__tar.gz → 0.2.4__tar.gz

{timber_common-0.2.3 → timber_common-0.2.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: timber-common
-Version: 0.2.3
+Version: 0.2.4
 Summary: Configuration-driven persistence library with automatic encryption, caching, vector search, and GDPR compliance for Python applications
 License: MIT
 License-File: LICENSE

{timber_common-0.2.3 → timber_common-0.2.4}/common/services/security/oauth_service.py

@@ -45,7 +45,7 @@ def _patch_oauth2_client_methods():
     
     # Check if method already exists
     if hasattr(OAuth2Client, 'check_endpoint_auth_method'):
-        logger.info("OAuth2Client already has check_endpoint_auth_method")
+        logger.debug("OAuth2Client already has check_endpoint_auth_method")
         return
     
     import secrets
@@ -65,12 +65,12 @@ def _patch_oauth2_client_methods():
             # If client has a configured method, use it strictly
             if hasattr(self, 'token_endpoint_auth_method') and self.token_endpoint_auth_method:
                 result = method == self.token_endpoint_auth_method
-                logger.info(f"Client {self.client_id}: checking {method} against configured {self.token_endpoint_auth_method} = {result}")
+                logger.debug(f"Client {self.client_id}: checking {method} against configured {self.token_endpoint_auth_method} = {result}")
                 return result
             
             # Otherwise allow common methods
             result = method in ['client_secret_post', 'client_secret_basic', 'none']
-            logger.info(f"Client {self.client_id}: {method} allowed by default = {result}")
+            logger.debug(f"Client {self.client_id}: {method} allowed by default = {result}")
             return result
         
         return False
@@ -81,9 +81,25 @@ def _patch_oauth2_client_methods():
     
     def check_client_secret(self, client_secret):
         """Validate client secret using constant-time comparison"""
+        logger.debug(f"check_client_secret called for client {self.client_id}")
+        logger.debug(f"Has client_secret attribute: {hasattr(self, 'client_secret')}")
+        
         if not self.has_client_secret():
+            logger.warning(f"Client {self.client_id} has no secret configured")
             return False
-        return secrets.compare_digest(self.client_secret, client_secret)
+        
+        stored_secret = self.client_secret
+        provided_secret = client_secret
+        
+        logger.debug(f"Stored secret length: {len(stored_secret)}")
+        logger.debug(f"Provided secret length: {len(provided_secret)}")
+        logger.debug(f"Stored secret (first 10 chars): {stored_secret[:10]}...")
+        logger.debug(f"Provided secret (first 10 chars): {provided_secret[:10]}...")
+        
+        result = secrets.compare_digest(stored_secret, provided_secret)
+        logger.debug(f"Secret comparison result: {result}")
+        
+        return result
     
     def get_client_id(self):
         """Return the client_id"""
@@ -344,15 +360,22 @@ class ModularAuthorizationServer(AuthorizationServer):
     
     def query_client(self, client_id: str):
         """Implements the mandatory client query for Authlib."""
+        logger.debug(f"query_client called with client_id: {client_id}")
+        
         OAuth2Client = _get_model('OAuth2Client')
         if not OAuth2Client:
+            logger.error("OAuth2Client model not found in registry")
             return None
         
         with db_service.session_scope() as session:
             client = session.query(OAuth2Client).filter_by(client_id=client_id).first()
             if client:
                 session.expunge(client)
-                logger.info(f"Found client: {client_id}")
+                logger.debug(f"Found client: {client_id}")
+                logger.debug(f"Client name: {getattr(client, 'client_name', 'N/A')}")
+                logger.debug(f"Client has secret: {bool(getattr(client, 'client_secret', None))}")
+                logger.debug(f"Client auth method: {getattr(client, 'token_endpoint_auth_method', 'N/A')}")
+                logger.debug(f"Client is_active: {getattr(client, 'is_active', 'N/A')}")
             else:
                 logger.warning(f"Client not found: {client_id}")
             return client
@@ -394,6 +417,22 @@ class ModularAuthorizationServer(AuthorizationServer):
         This is required by Authlib but was not implemented, causing NotImplementedError.
         """
         return status_code, payload, headers
+    
+    def send_signal(self, name, *args, **kwargs):
+        """
+        Send a signal/event notification.
+        
+        Authlib uses this for hooks like 'after_authenticate_client'.
+        We don't need to do anything with signals for basic OAuth,
+        but the method must exist to avoid NotImplementedError.
+        
+        Args:
+            name: Signal name (e.g., 'after_authenticate_client')
+            *args, **kwargs: Signal-specific arguments
+        """
+        logger.debug(f"Signal sent: {name}")
+        # Signals are optional - we don't need to do anything
+        pass
 
     def create_oauth2_request(self, request):
         """
@@ -579,35 +618,35 @@ class MyPasswordGrant(grants.ResourceOwnerPasswordCredentialsGrant):
         try:
             with db_service.session_scope() as session:
                 # Find user by email
-                logger.info(f"Querying for user with email: {username}")
+                logger.debug(f"Querying for user with email: {username}")
                 user = session.query(User).filter_by(email=username).first()
                 
                 if not user:
                     logger.warning(f"Password grant: User not found: {username}")
                     # List available users for debugging
                     all_users = session.query(User).all()
-                    logger.info(f"Available users in database: {[u.email for u in all_users[:5]]}")
+                    logger.debug(f"Available users in database: {[u.email for u in all_users[:5]]}")
                     return None
                 
-                logger.info(f"User found: {user.email}, ID: {user.id}")
+                logger.debug(f"User found: {user.email}, ID: {user.id}")
                 
                 # Check if user is active
                 is_active = getattr(user, 'is_active', True)
-                logger.info(f"User is_active: {is_active}")
+                logger.debug(f"User is_active: {is_active}")
                 
                 if not is_active:
                     logger.warning(f"Password grant: User not active: {username}")
                     return None
                 
                 # Verify password
-                logger.info(f"Checking password for user: {username}")
+                logger.debug(f"Checking password for user: {username}")
                 
                 if not hasattr(user, 'check_password'):
                     logger.error(f"User model has no check_password method!")
                     return None
                 
                 password_valid = user.check_password(password)
-                logger.info(f"Password validation result: {password_valid}")
+                logger.debug(f"Password validation result: {password_valid}")
                 
                 if not password_valid:
                     logger.warning(f"Password grant: Invalid password for user: {username}")
@@ -615,7 +654,7 @@ class MyPasswordGrant(grants.ResourceOwnerPasswordCredentialsGrant):
                 
                 # Update last login
                 if hasattr(user, 'update_last_login'):
-                    logger.info(f"Updating last login for user: {username}")
+                    logger.debug(f"Updating last login for user: {username}")
                     user.update_last_login()
                     session.flush()
                 

{timber_common-0.2.3 → timber_common-0.2.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "timber-common"
-version = "0.2.3"
+version = "0.2.4"
 description = "Configuration-driven persistence library with automatic encryption, caching, vector search, and GDPR compliance for Python applications"
 authors = ["Pumulo Sikaneta <pumulo@gmail.com>"]
 maintainers = ["Pumulo Sikaneta <pumulo@gmail.com>"]