Skip to content

Commit

Permalink
Add new guard clauses to the oauth2 client credentials flow.
Browse files Browse the repository at this point in the history
Closes pulp#1049
  • Loading branch information
decko committed Aug 27, 2024
1 parent 5d2d8e5 commit 73a5c0a
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGES/1049.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add some guard clauses to the OAuth2 Client Credentials grant flow to avoid loops and other issues.
7 changes: 6 additions & 1 deletion pulp-glue/pulp_glue/common/authentication.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@ def __init__(
self.access_token: t.Optional[str] = None
self.expire_at: t.Optional[datetime] = None

if not any([client_id, client_secret, token_url]):
return None

def __call__(self, request: requests.PreparedRequest) -> requests.PreparedRequest:
if self.expire_at is None or self.expire_at < datetime.now():
self.retrieve_token()
Expand Down Expand Up @@ -78,10 +81,12 @@ def retrieve_token(self) -> None:
data = {
"client_id": self.client_id,
"client_secret": self.client_secret,
"scope": " ".join(self.scopes),
"grant_type": "client_credentials",
}

if scope := " ".join(self.scopes):
data["scope"] = scope

response: requests.Response = requests.post(self.token_url, data=data)

response.raise_for_status()
Expand Down

0 comments on commit 73a5c0a

Please sign in to comment.