You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2023/02/21 22:59:58 UTC

[airavata-django-portal] branch develop updated: AIRAVATA-3682 Fix token based auth

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git


The following commit(s) were added to refs/heads/develop by this push:
     new a5d6cd17 AIRAVATA-3682 Fix token based auth
a5d6cd17 is described below

commit a5d6cd17618b90d201304cfeab50a256a808d57d
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Feb 21 17:59:45 2023 -0500

    AIRAVATA-3682 Fix token based auth
---
 django_airavata/apps/api/authentication.py | 3 +++
 django_airavata/apps/auth/middleware.py    | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/django_airavata/apps/api/authentication.py b/django_airavata/apps/api/authentication.py
index 226b5e58..2cf95e4d 100644
--- a/django_airavata/apps/api/authentication.py
+++ b/django_airavata/apps/api/authentication.py
@@ -3,6 +3,7 @@ import logging
 from django.contrib.auth import authenticate
 from rest_framework import authentication, exceptions
 
+from django_airavata.apps.auth import utils
 from django_airavata.apps.auth.middleware import set_admin_group_attributes
 
 logger = logging.getLogger(__name__)
@@ -21,6 +22,8 @@ class OAuthAuthentication(authentication.BaseAuthentication):
 
                 logger.debug(f"OAuthAuthentication authenticated user {user}")
                 # Set request attributes that are normally set by middleware
+                request.authz_token = utils.get_authz_token(request, user=user, access_token=token)
+                request.user = user
                 set_admin_group_attributes(request)
                 return (user, token)
             except Exception as e:
diff --git a/django_airavata/apps/auth/middleware.py b/django_airavata/apps/auth/middleware.py
index 46a0d08a..53569325 100644
--- a/django_airavata/apps/auth/middleware.py
+++ b/django_airavata/apps/auth/middleware.py
@@ -35,6 +35,7 @@ def set_admin_group_attributes(request, gateway_groups=None):
     """Set is_gateway_admin and is_read_only_gateway_admin request attrs."""
     if gateway_groups is None:
         gateway_groups = request.airavata_client.getGatewayGroups(request.authz_token)
+        gateway_groups = copy.deepcopy(gateway_groups.__dict__)
     admins_group_id = gateway_groups['adminsGroupId']
     read_only_admins_group_id = gateway_groups['readOnlyAdminsGroupId']
     group_manager_client = request.profile_service['group_manager']
@@ -66,7 +67,7 @@ def gateway_groups_middleware(get_response):
                     request.authz_token)
                 gateway_groups_dict = copy.deepcopy(gateway_groups.__dict__)
                 request.session['GATEWAY_GROUPS'] = gateway_groups_dict
-            set_admin_group_attributes(request, request.session.get("GATEWAY_GROUPS"))
+            set_admin_group_attributes(request, gateway_groups=request.session.get("GATEWAY_GROUPS"))
             # Gateway Admins are made 'superuser' in Django so they can edit
             # pages in the CMS
             if request.is_gateway_admin and (