Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3137 new token pair endpoint #3181

Merged
merged 41 commits into from
Apr 3, 2023
Merged

3137 new token pair endpoint #3181

merged 41 commits into from
Apr 3, 2023

Conversation

shreyamalviya
Copy link
Contributor

@shreyamalviya shreyamalviya commented Mar 31, 2023
edited
Loading

What does this PR do?

Fixes a part of #3137

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the CHANGELOG.md updated to reflect the changes?
  • Was the documentation framework updated to reflect the changes?
  • Have you checked that you haven't introduced any duplicate code?

Testing Checklist

  • Added relevant unit tests?
  • Do all unit tests pass?
  • Do all end-to-end tests pass?
  • Any other testing performed?

    Tested the endpoint manually

  • If applicable, add screenshots or log transcripts of the feature working

@shreyamalviya shreyamalviya changed the base branch from 3137-send-refresh-token to develop March 31, 2023 07:39
@VakarisZ VakarisZ force-pushed the 3137-new-token-pair-endpoint branch from c6c31ca to 1cf264a Compare March 31, 2023 08:01
@VakarisZ VakarisZ marked this pull request as ready for review March 31, 2023 08:01
@codecov
Copy link

codecov bot commented Mar 31, 2023
edited
Loading

Codecov Report

Patch coverage has no change and project coverage change: +0.13 🎉

Comparison is base (37acd73) 72.50% compared to head (17e2755) 72.63%.

❗ Current head 17e2755 differs from pull request most recent head 315c23c. Consider uploading reports for the commit 315c23c to get more accurate results

Additional details and impacted files 
@@             Coverage Diff             @@
##           develop    #3181      +/-   ##
===========================================
+ Coverage    72.50%   72.63%   +0.13%     
===========================================
  Files          467      468       +1     
  Lines        13295    13344      +49     
===========================================
+ Hits          9640     9693      +53     
+ Misses        3655     3651       -4

see 10 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@VakarisZ VakarisZ marked this pull request as draft March 31, 2023 10:20
@shreyamalviya shreyamalviya marked this pull request as ready for review March 31, 2023 11:34
mssalvatore
mssalvatore requested changes Mar 31, 2023
View reviewed changes
Copy link
Collaborator

@mssalvatore mssalvatore left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added the "needs registration" tests back in and they fail. These tests MUST be here and they MUST pass.

@mssalvatore mssalvatore mentioned this pull request Mar 31, 2023
Closed
10 tasks
VakarisZ and others added 26 commits April 3, 2023 11:39
@VakarisZ @mssalvatore
Island: Fixup documentation of the new refresh token endpoint
f75c79c
@mssalvatore
UT: Add registration tests back in
976b288 
These tests were removed in the previous commit, but test
security-critical portions of the authentication system. They MUST exist
and they MUST pass.
@shreyamalviya @mssalvatore
UT: Improve test for AuthenticationService.generate_new_token_pair()
323c64a
@shreyamalviya @mssalvatore
Island: Rename resource Token to RefreshAuthenticationToken
57a1cab
@shreyamalviya @mssalvatore
UT: Rename test_token.py -> test_refresh_authentication_token.py
f7e8d91
@shreyamalviya @mssalvatore
UT: Fix AuthenticationService.needs_registration() tests
45c64dd
@shreyamalviya @mssalvatore
Island: Add TokenParser
52fc4d6
@shreyamalviya @mssalvatore
UT: Update and add tests for new TokenParser class
74b380d
@mssalvatore
Changelog: Fix the entry for /api/refesh-authentication-token
7de970c
@mssalvatore
Island: Fix linter errors in token_parser.py
4b47f8c
@ilija-lazoroski @mssalvatore
UT: Add failing tests for BadSignature and SignatureExpired in refresh
8eb6192 
token endpoint
@ilija-lazoroski @mssalvatore
Island: Handle token exceptions in RefreshAuthenticationToken endpoint
b327ae1
@mssalvatore
Island: Convert ParsedToken from dataclass to pydantic model
64d4ecd
@mssalvatore
Island: Rename ParsedToken.{payload,user_uniquifier}
07ffb4b
@mssalvatore
Island: Rename ParsedToken.{token,raw_token}
ad1f1c6
@mssalvatore
Island: Add ParsedToken.is_expired()
9e4a894
@mssalvatore
Island: Validate token signature upon construction of ParsedToken object
9553ec1
@mssalvatore
Island: Prevent invalid ParsedToken objects from being created
f1ff245 
All ParsedToken objects are valid at the time of creation. They have a
valid signature and not be expired. Since the token may expire sometime
after the object is created, `is_expired()` is provided so that other
components may check expiration at a later time.
@mssalvatore
Island: Raise specific TokenValidationError from TokenParser
8da903b
@mssalvatore
Island: Remove AuthenticationFacade's dependency on TokenValidator
5724313 
Since TokenParser will not return an invalid token, there is no longer
any need to call TokenValidator.validate_token().
@mssalvatore
Island: Remove disused TokenValidator
c08d71d
@mssalvatore
Island: Decouple RefreshAuthenticationToken from itsdangerous
e1259de
@mssalvatore
Island: Move token parsing responsibility within AuthenticationFacade
d306017
@mssalvatore
Island: Expose TokenValidationError from authentication_service.token
0150492
@mssalvatore
Island: Remove reference to nonexistant IncorrectCredentialsError
88091d5
@mssalvatore
UT: Strengthen the assertion in __fails_if_token_invalid()
a2ce7d3
@mssalvatore mssalvatore merged commit 46123ed into develop Apr 3, 2023
@mssalvatore mssalvatore deleted the 3137-new-token-pair-endpoint branch April 3, 2023 15:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VakarisZ VakarisZ VakarisZ approved these changes

@mssalvatore mssalvatore mssalvatore approved these changes

@ilija-lazoroski ilija-lazoroski ilija-lazoroski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@shreyamalviya @ilija-lazoroski @mssalvatore @VakarisZ @cakekoa