Skip to content

Commit

Permalink
[#485] tokenauth setup configuration (#494)
Browse files Browse the repository at this point in the history
* [#485] Merge closed branch

* [#485] Add SitesConfigurationStep and TokenAuthConfigurationStep in settings

* [#485] Black and isort

* [#485] Create Step and Model

* [#485] Fix requirements

* [#485] Fix yaml file

* [#485] Update namespace

* [#485] Fix tests

* [#485] Update generate tokens

* [#485] Fix docs

* [#485] Add missing field in docs

* [#485] Add validate_no_empty for identifier

* [#485] Open-api-framework new realease

* [#485] Run bin/generate_envvar_docs.sh

* [#485] Update fixtures demodata

* [#485] Add sites_config_enable in data.yaml
  • Loading branch information
danielmursa-dev authored Dec 19, 2024
1 parent 33faf07 commit 64fa395
Show file tree
Hide file tree
Showing 23 changed files with 826 additions and 10 deletions.
23 changes: 23 additions & 0 deletions docker/setup_configuration/data.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
sites_config_enable: true
sites_config:
items:
- domain: example.com
name: Example site


zgw_consumers_config_enable: true
zgw_consumers:
services:
Expand All @@ -19,20 +26,36 @@ zgw_consumers:
header_key: Authorization
header_value: Token ba9d233e95e04c4a8a661a27daffe7c9bd019067


notifications_config_enable: true
notifications_config:
notifications_api_service_identifier: notifications-api
notification_delivery_max_retries: 1
notification_delivery_retry_backoff: 2
notification_delivery_retry_backoff_max: 3


objecttypes_config_enable: true
objecttypes:
items:
- uuid: b427ef84-189d-43aa-9efd-7bb2c459e281
name: Object Type 1
service_identifier: objecttypes-api


tokenauth_config_enable: true
tokenauth:
items:
- identifier: token-1
token: 18b2b74ef994314b84021d47b9422e82b685d82f
contact_person: Person 1
email: person-1@example.com
organization: Organization 1
application: Application 1
administration: Administration 1
is_superuser: true


oidc_db_config_enable: true
oidc_db_config_admin_auth:
items:
Expand Down
22 changes: 22 additions & 0 deletions docs/installation/config_cli.rst
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,28 @@ created. An example of a configuration could be seen below:
Tokens configuration
--------------------
Create or update the (single) YAML configuration file with your settings:

.. code-block:: yaml
...
tokenauth_config_enable: true
tokenauth:
items:
- identifier: token-1
token: ba9d233e95e04c4a8a661a27daffe7c9bd019067
contact_person: Person 1
email: person-1@example.com
organization: Organization XYZ # optional
application: Application XYZ # optional
administration: Administration XYZ # optional
is_superuser: true # optional
- identifier: token-2
token: 7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799
contact_person: Person 2
email: person-2@example.com
...
Mozilla-django-oidc-db
----------------------
Expand Down
1 change: 1 addition & 0 deletions requirements/base.in
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ jsonschema
furl

# Common ground libraries
django-setup-configuration>=0.5.0
notifications-api-common[setup-configuration]
zgw-consumers[setup-configuration]
mozilla-django-oidc-db[setup-configuration]
3 changes: 2 additions & 1 deletion requirements/base.txt
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,9 @@ django-sendfile2==0.7.0
# via django-privates
django-sessionprofile==3.0.0
# via open-api-framework
django-setup-configuration==0.4.0
django-setup-configuration==0.5.0
# via
# -r requirements/base.in
# mozilla-django-oidc-db
# notifications-api-common
# open-api-framework
Expand Down
2 changes: 1 addition & 1 deletion requirements/ci.txt
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,7 @@ django-sessionprofile==3.0.0
# via
# -r requirements/base.txt
# open-api-framework
django-setup-configuration==0.4.0
django-setup-configuration==0.5.0
# via
# -r requirements/base.txt
# mozilla-django-oidc-db
Expand Down
2 changes: 1 addition & 1 deletion requirements/dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -254,7 +254,7 @@ django-sessionprofile==3.0.0
# via
# -r requirements/base.txt
# open-api-framework
django-setup-configuration==0.4.0
django-setup-configuration==0.5.0
# via
# -r requirements/base.txt
# mozilla-django-oidc-db
Expand Down
3 changes: 2 additions & 1 deletion src/objects/conf/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,9 @@
# Django setup configuration
#
SETUP_CONFIGURATION_STEPS = (
"django_setup_configuration.contrib.sites.steps.SitesConfigurationStep",
"zgw_consumers.contrib.setup_configuration.steps.ServiceConfigurationStep",
"notifications_api_common.contrib.setup_configuration.steps.NotificationConfigurationStep",
"objects.setup_configuration.steps.objecttypes.ObjectTypesConfigurationStep",
"mozilla_django_oidc_db.setup_configuration.steps.AdminOIDCConfigurationStep",
"objects.setup_configuration.steps.token_auth.TokenAuthConfigurationStep",
)
3 changes: 2 additions & 1 deletion src/objects/fixtures/demodata.json
Original file line number Diff line number Diff line change
Expand Up @@ -779,7 +779,8 @@
"organization": "",
"last_modified": "2020-12-23T11:43:16.820Z",
"created": "2020-12-22T16:27:00.751Z",
"token": "cd63e158f3aca276ef284e3033d020a22899c728"
"token": "cd63e158f3aca276ef284e3033d020a22899c728",
"identifier": "token-1"
}
},
{
Expand Down
23 changes: 23 additions & 0 deletions src/objects/setup_configuration/models/token_auth.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
from django_setup_configuration.models import ConfigurationModel

from objects.token.models import TokenAuth


class TokenAuthConfigurationModel(ConfigurationModel):
class Meta:
django_model_refs = {
TokenAuth: (
"identifier",
"token",
"contact_person",
"email",
"organization",
"application",
"administration",
"is_superuser",
)
}


class TokenAuthGroupConfigurationModel(ConfigurationModel):
items: list[TokenAuthConfigurationModel]
75 changes: 75 additions & 0 deletions src/objects/setup_configuration/steps/token_auth.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
import logging

from django.core.exceptions import ValidationError
from django.db import IntegrityError

from django_setup_configuration.configuration import BaseConfigurationStep
from django_setup_configuration.exceptions import ConfigurationRunFailed

from objects.setup_configuration.models.token_auth import (
TokenAuthGroupConfigurationModel,
)
from objects.token.models import TokenAuth

logger = logging.getLogger(__name__)


class TokenAuthConfigurationStep(
BaseConfigurationStep[TokenAuthGroupConfigurationModel]
):
"""
Configure tokens for other applications to access Objects API
"""

namespace = "tokenauth"
enable_setting = "tokenauth_config_enable"

verbose_name = "Configuration to set up authentication tokens for objects"
config_model = TokenAuthGroupConfigurationModel

def execute(self, model: TokenAuthGroupConfigurationModel) -> None:
if len(model.items) == 0:
logger.warning("No tokens provided for configuration")

for item in model.items:
logger.info(f"Configuring {item.identifier}")

model_kwargs = {
"identifier": item.identifier,
"token": item.token,
"contact_person": item.contact_person,
"email": item.email,
"organization": item.organization,
"application": item.application,
"administration": item.administration,
"is_superuser": item.is_superuser,
}

token_instance = TokenAuth(**model_kwargs)

try:
token_instance.full_clean(exclude=("id",), validate_unique=False)
except ValidationError as exception:
exception_message = (
f"Validation error(s) occured for {item.identifier}."
)
raise ConfigurationRunFailed(exception_message) from exception

logger.debug(f"No validation errors found for {item.identifier}")

try:
logger.debug(f"Saving {item.identifier}")

TokenAuth.objects.update_or_create(
identifier=item.identifier,
defaults={
key: value
for key, value in model_kwargs.items()
if key != "identifier"
},
)
except IntegrityError as exception:
exception_message = f"Failed configuring token {item.identifier}."
raise ConfigurationRunFailed(exception_message) from exception

logger.info(f"Configured {item.identifier}")
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
tokenauth_config_enable: true
tokenauth:
items:
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
tokenauth_config_enable: true
tokenauth:
items:
- identifier: token-1
token: 18b2b74ef994314b84021d47b9422e82b685d82f
contact_person: Person 1
email: person-1@example.com
organization: Organization 1
application: Application 1
administration: Administration 1
is_superuser: True

- identifier: token-2
token: e882642bd0ec2482adcdc97258c2e6f98cb06d85
contact_person: Person 2
email: person-2@example.com
organization: Organization 2
application: Application 2
administration: Administration 2
is_superuser: True
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
tokenauth_config_enable: true
tokenauth:
items:
- identifier: token-1
token: 18b2b74ef994314b84021d47b9422e82b685d82f
contact_person: Person 1
email: person-1@example.com

- identifier: token-2
token: e882642bd0ec2482adcdc97258c2e6f98cb06d85
contact_person: Person 2
email: person-2@example.com
Loading

0 comments on commit 64fa395

Please sign in to comment.