From 64d63ae771a6ea7d2b0e5b72972af7fb739dcd65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20=22decko=22=20de=20Brito?= Date: Mon, 26 Aug 2024 20:42:42 -0300 Subject: [PATCH] Add new guard clauses to the oauth2 client credentials flow. Closes #1049 --- CHANGES/1049.bugfix | 1 + pulp-glue/pulp_glue/common/authentication.py | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 CHANGES/1049.bugfix diff --git a/CHANGES/1049.bugfix b/CHANGES/1049.bugfix new file mode 100644 index 00000000..42618863 --- /dev/null +++ b/CHANGES/1049.bugfix @@ -0,0 +1 @@ +Add some guard clauses to the OAuth2 Client Credentials grant flow to avoid loops and other issues. diff --git a/pulp-glue/pulp_glue/common/authentication.py b/pulp-glue/pulp_glue/common/authentication.py index 646ee530..d9dff758 100644 --- a/pulp-glue/pulp_glue/common/authentication.py +++ b/pulp-glue/pulp_glue/common/authentication.py @@ -25,6 +25,9 @@ def __init__( self.access_token: t.Optional[str] = None self.expire_at: t.Optional[datetime] = None + if not all([client_id, client_secret, token_url]): + return None + def __call__(self, request: requests.PreparedRequest) -> requests.PreparedRequest: if self.expire_at is None or self.expire_at < datetime.now(): self.retrieve_token() @@ -78,10 +81,12 @@ def retrieve_token(self) -> None: data = { "client_id": self.client_id, "client_secret": self.client_secret, - "scope": " ".join(self.scopes), "grant_type": "client_credentials", } + if scope := " ".join(self.scopes): + data["scope"] = scope + response: requests.Response = requests.post(self.token_url, data=data) response.raise_for_status()