From f580a528f765db7903fb6ac9185e23503444bb0c Mon Sep 17 00:00:00 2001 From: RayPlante Date: Thu, 2 May 2024 15:39:17 -0400 Subject: [PATCH] dbio: tweak handling of invalid agents --- python/nistoar/midas/dbio/wsgi/base.py | 7 +++++++ python/nistoar/midas/dbio/wsgi/project.py | 7 ------- python/nistoar/web/rest/base.py | 3 ++- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/python/nistoar/midas/dbio/wsgi/base.py b/python/nistoar/midas/dbio/wsgi/base.py index 0592a67..9d62222 100644 --- a/python/nistoar/midas/dbio/wsgi/base.py +++ b/python/nistoar/midas/dbio/wsgi/base.py @@ -43,6 +43,13 @@ def __init__(self, svcapp: ServiceApp, dbclient: DBClient, wsgienv: dict, start_ if hasattr(self._app, "_recorder") and self._app._recorder: self._reqrec = self._app._recorder.from_wsgi(self._env) + def preauthorize(self): + """ + determine if the client agent is authorized to access this endpoint. This implementation + ensures that a valid client agent has been established and is valid. + """ + return bool(self.who) and self.who.agent_class != Agent.INVALID + def acceptable(self): """ return True if the client's Accept request is compatible with this handler. diff --git a/python/nistoar/midas/dbio/wsgi/project.py b/python/nistoar/midas/dbio/wsgi/project.py index a9bb029..e096423 100644 --- a/python/nistoar/midas/dbio/wsgi/project.py +++ b/python/nistoar/midas/dbio/wsgi/project.py @@ -879,13 +879,6 @@ def __init__(self, service_factory: ProjectServiceFactory, log: Logger, config: super(MIDASProjectApp, self).__init__(service_factory.project_type, log, config) self.svcfact = service_factory - def preauthorize(self): - """ - determine if the client agent is authorized to access this endpoint. This implementation - ensures that a valid client agent has been established. - """ - return bool(self.who) and self.who.agent_class != Agent.INVALID - def create_handler(self, env: dict, start_resp: Callable, path: str, who: Agent) -> Handler: """ return a handler instance to handle a particular request to a path diff --git a/python/nistoar/web/rest/base.py b/python/nistoar/web/rest/base.py index ee6e7cd..c2604d5 100644 --- a/python/nistoar/web/rest/base.py +++ b/python/nistoar/web/rest/base.py @@ -713,7 +713,8 @@ def authenticate_via_authkey(svcname: str, env: Mapping, authcfg: Mapping, log: log.warning("Unrecognized token from client %s", str(client_id)) if authcfg.get('raise_on_invalid'): raise Unauthenticated("Unrecognized auth token") - return Agent(svcname, Agent.UNKN, Agent.ANONYMOUS, Agent.INVALID, agents) + return Agent(svcname, Agent.UNKN, Agent.ANONYMOUS, Agent.INVALID, agents, + invalid_reason="Unrecognized auth token") def authenticate_via_proxy_x509(svcname: str, env: Mapping, authcfg: Mapping, log: Logger, agents: List[str]=None, client_id: str=None):