From 4eb6f31278abb633b40d926976d0977d9a6a56ae Mon Sep 17 00:00:00 2001 From: Scott Black Date: Tue, 27 Sep 2022 11:39:34 -0600 Subject: [PATCH 1/4] update credentials exception messaging to provide more detail --- dspback/dependencies.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/dspback/dependencies.py b/dspback/dependencies.py index f4afe6a..2c92d7c 100644 --- a/dspback/dependencies.py +++ b/dspback/dependencies.py @@ -213,17 +213,24 @@ async def get_current_user( payload = jwt.decode(token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm]) token_data = TokenData(**payload) if token_data.orcid is None: + credentials_exception.detail = "Token is missing the orcid" raise credentials_exception if token_data.expiration < datetime.utcnow().timestamp(): # TODO register token in db for requested expiration credentials_exception.detail = "Token is expired" raise credentials_exception - except JWTError: + except JWTError as e: + credentials_exception.detail = f"Exception occurred while decoding token [{str(e)}]" raise credentials_exception user: UserTable = get_user_table(db, orcid=token_data.orcid) if user is None: + credentials_exception.detail = f"No user found for orcid {token_data.orcid}" raise credentials_exception - if not user.access_token or user.access_token != token: + if not user.access_token: + credentials_exception.detail = "User access token is missing" + raise credentials_exception + if user.access_token != token: + credentials_exception.detail = "Access token is invalid" raise credentials_exception return user From 6d58cb9a80fb2848213e346f3fe2ca66e5261721 Mon Sep 17 00:00:00 2001 From: Scott Black Date: Tue, 27 Sep 2022 11:40:23 -0600 Subject: [PATCH 2/4] delete submission before attempting to delete repository record --- dspback/routers/earthchem.py | 4 ++-- dspback/routers/hydroshare.py | 4 ++-- dspback/routers/zenodo.py | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/dspback/routers/earthchem.py b/dspback/routers/earthchem.py index 65bb918..dc46a68 100644 --- a/dspback/routers/earthchem.py +++ b/dspback/routers/earthchem.py @@ -137,6 +137,8 @@ async def get_metadata_repository(self, request: Request, identifier) -> respons description="Deletes the EarthChem record along with the submission record.", ) async def delete_metadata_repository(self, request: Request, identifier): + delete_submission(self.db, self.repository_type, identifier, self.user) + access_token = await self.access_token(request) response = requests.delete( self.delete_url % str(identifier), @@ -145,8 +147,6 @@ async def delete_metadata_repository(self, request: Request, identifier): if response.status_code == 403: raise RepositoryException(status_code=response.status_code, detail=response.text) - delete_submission(self.db, self.repository_type, identifier, self.user) - @router.put( '/submit/earthchem/{identifier}', name="submit", diff --git a/dspback/routers/hydroshare.py b/dspback/routers/hydroshare.py index 84a0bbe..66fb6f8 100644 --- a/dspback/routers/hydroshare.py +++ b/dspback/routers/hydroshare.py @@ -105,14 +105,14 @@ async def get_metadata_repository(self, request: Request, identifier): description="Deletes the HydroShare resource along with the submission record.", ) async def delete_metadata_repository(self, request: Request, identifier): + delete_submission(self.db, self.repository_type, identifier, self.user) + access_token = await self.access_token(request) response = requests.delete(self.delete_url % identifier, params={"access_token": access_token}) if response.status_code == 403: raise RepositoryException(status_code=response.status_code, detail=response.text) - delete_submission(self.db, self.repository_type, identifier, self.user) - @router.put( '/submit/hydroshare/{identifier}', name="submit", diff --git a/dspback/routers/zenodo.py b/dspback/routers/zenodo.py index 5cafc7e..607e88a 100644 --- a/dspback/routers/zenodo.py +++ b/dspback/routers/zenodo.py @@ -128,13 +128,13 @@ async def get_metadata_repository(self, request: Request, identifier): description="Deletes the Zenodo record along with the submission record.", ) async def delete_metadata_repository(self, request: Request, identifier): + delete_submission(self.db, self.repository_type, identifier, self.user) + access_token = await self.access_token(request) response = requests.delete(self.delete_url % identifier, params={"access_token": access_token}) if response.status_code == 403: raise RepositoryException(status_code=response.status_code, detail=response.text) - delete_submission(self.db, self.repository_type, identifier, self.user) - @router.put( '/submit/zenodo/{identifier}', name="submit", From 8b66b66a93343f9bb1def68f5c36a3a66fec70c2 Mon Sep 17 00:00:00 2001 From: Scott Black Date: Tue, 27 Sep 2022 12:05:06 -0600 Subject: [PATCH 3/4] check repo response codes above 200 level --- dspback/routers/earthchem.py | 2 +- dspback/routers/hydroshare.py | 2 +- dspback/routers/zenodo.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dspback/routers/earthchem.py b/dspback/routers/earthchem.py index dc46a68..fbe6002 100644 --- a/dspback/routers/earthchem.py +++ b/dspback/routers/earthchem.py @@ -144,7 +144,7 @@ async def delete_metadata_repository(self, request: Request, identifier): self.delete_url % str(identifier), headers={"accept": "application/json", "Authorization": "Bearer " + str(access_token)}, ) - if response.status_code == 403: + if response.status_code >= 300: raise RepositoryException(status_code=response.status_code, detail=response.text) @router.put( diff --git a/dspback/routers/hydroshare.py b/dspback/routers/hydroshare.py index 66fb6f8..41dbf72 100644 --- a/dspback/routers/hydroshare.py +++ b/dspback/routers/hydroshare.py @@ -110,7 +110,7 @@ async def delete_metadata_repository(self, request: Request, identifier): access_token = await self.access_token(request) response = requests.delete(self.delete_url % identifier, params={"access_token": access_token}) - if response.status_code == 403: + if response.status_code >= 300: raise RepositoryException(status_code=response.status_code, detail=response.text) @router.put( diff --git a/dspback/routers/zenodo.py b/dspback/routers/zenodo.py index 607e88a..9909f5f 100644 --- a/dspback/routers/zenodo.py +++ b/dspback/routers/zenodo.py @@ -132,7 +132,7 @@ async def delete_metadata_repository(self, request: Request, identifier): access_token = await self.access_token(request) response = requests.delete(self.delete_url % identifier, params={"access_token": access_token}) - if response.status_code == 403: + if response.status_code >= 300: raise RepositoryException(status_code=response.status_code, detail=response.text) @router.put( From 90a2e465a765c836c48e3cb51a62fbd00c53516b Mon Sep 17 00:00:00 2001 From: Scott Black Date: Tue, 27 Sep 2022 12:06:02 -0600 Subject: [PATCH 4/4] update access token detail --- dspback/dependencies.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dspback/dependencies.py b/dspback/dependencies.py index 2c92d7c..4286c94 100644 --- a/dspback/dependencies.py +++ b/dspback/dependencies.py @@ -227,7 +227,7 @@ async def get_current_user( credentials_exception.detail = f"No user found for orcid {token_data.orcid}" raise credentials_exception if not user.access_token: - credentials_exception.detail = "User access token is missing" + credentials_exception.detail = "Access token is missing" raise credentials_exception if user.access_token != token: credentials_exception.detail = "Access token is invalid"