Skip to content

Commit

Permalink
Merge pull request #38 from CanDIG/hotfix/token
Browse files Browse the repository at this point in the history 
hotfix: a few minio bugs
  • Loading branch information
@daisieh
daisieh authored Nov 30, 2024
2 parents 90d9898 + 0375d38 commit 4bef997
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 11 deletions.
4 changes: 2 additions & 2 deletions src/authx/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -348,7 +348,7 @@ def remove_aws_credential(endpoint=None, bucket=None, vault_url=VAULT_URL):
# clean up endpoint name:
endpoint = re.sub(r"\W", "_", endpoint)

status_code = delete_service_store_secret("candig-ingest", key=f"aws/{endpoint}-{bucket}")
status_code = delete_service_store_secret("candig-ingest", key=f"aws/{endpoint}/{bucket}")
if status_code == 200:
result = {}
result['endpoint'] = endpoint
Expand All @@ -374,7 +374,7 @@ def get_minio_client(token=None, s3_endpoint=None, bucket=None, access_key=None,
else:
endpoint = s3_endpoint
if access_key is None and not public:
response, status_code = get_aws_credential(token=token, endpoint=s3_endpoint, bucket=bucket)
response, status_code = get_aws_credential(endpoint=s3_endpoint, bucket=bucket)
if "error" in response:
raise CandigAuthError(response)
access_key = response["access_key"]
Expand Down
12 changes: 3 additions & 9 deletions test_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,17 +166,11 @@ def test_put_aws_credential():
return
endpoint = "http://test.endpoint"
# store credential using not-site-admin token
result, status_code = src.authx.auth.store_aws_credential(token=src.authx.auth.get_auth_token(FakeRequest()), endpoint=endpoint, bucket="test_bucket", access="test", secret="secret", vault_url=VAULT_URL)
result, status_code = src.authx.auth.store_aws_credential(endpoint=endpoint, bucket="test_bucket", access="test", secret="secret", vault_url=VAULT_URL)
print(result, status_code)
assert status_code == 200

# try getting it with a non-site_admin token
result, status_code = src.authx.auth.get_aws_credential(token=src.authx.auth.get_auth_token(FakeRequest()), vault_url=VAULT_URL, endpoint=endpoint, bucket="test_bucket")
print(result)
assert "errors" in result

# try getting it with a site_admin token
result, status_code = src.authx.auth.get_aws_credential(token=src.authx.auth.get_auth_token(FakeRequest(site_admin=True)), vault_url=VAULT_URL, endpoint=endpoint, bucket="test_bucket")
result, status_code = src.authx.auth.get_aws_credential(vault_url=VAULT_URL, endpoint=endpoint, bucket="test_bucket")
assert result['secret'] == 'secret'
assert result['url'] == 'test.endpoint'
else:
Expand All @@ -197,7 +191,7 @@ def test_get_s3_url():
if os.getenv("SERVICE_NAME") != "candig-ingest":
warnings.warn(UserWarning("aws credential tests can only be run within the candig-ingest container"))
return
result, status_code = src.authx.auth.store_aws_credential(token=src.authx.auth.get_auth_token(FakeRequest()),endpoint=MINIO_URL, bucket="test", access=MINIO_ACCESS_KEY, secret=MINIO_SECRET_KEY, vault_url=VAULT_URL)
result, status_code = src.authx.auth.store_aws_credential(endpoint=MINIO_URL, bucket="test", access=MINIO_ACCESS_KEY, secret=MINIO_SECRET_KEY, vault_url=VAULT_URL)
assert result['url'] in MINIO_URL
minio = src.authx.auth.get_minio_client(token=src.authx.auth.get_auth_token(FakeRequest()), s3_endpoint=MINIO_URL, bucket="test")
assert minio['endpoint'] == MINIO_URL
Expand Down

0 comments on commit 4bef997

Please sign in to comment.