-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable GV Mock + HMAC Auth #10623
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good! found some nits but it took some effort -- i like how you've used dataclasses for lightweight bespoke fakery
|
||
|
||
@dataclasses.dataclass | ||
class _MockGVEntity: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
naming nitpick (feel free to disregard): could be confusing to call these things "mocks", since they have nothing to do with the standard Mock
interface (with assert_called
and friends) -- the word's not wrong, but the collision with a standard-lib term could be misleading...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤿
into gv-files-provider-waffle * 'develop' of https://github.com/CenterForOpenScience/osf.io: Configurable GV Mock + HMAC Auth (CenterForOpenScience#10623)
Purpose
Add
Changes
osf/external/gravyvalet/auth_helpers
is copied almost directly from GravyValet but adds support for sendingX-Requesting-User-URI
,X-Requested-Resource-URI
, andX-Requested-Resource-Permissions
headers (and including them in the HMAC signature).requests.Request
format instead of therest_framework.Request
formatvalidate_hmac_signed_headers
function to accept the new headersosf/external/gravyvalet/gv_mocks
implements naive versions of the top-level GravyValet entities as Dataclasses, provides utilities for configuring new entities, and provides a context manager that mocks and re-routes requests to GravyValet to retrieve these configured entities.QA Notes
Please make verification statements inspired by your code and what your code touches.
What are the areas of risk?
Any concerns/considerations/questions that development raised?
Documentation
Side Effects
Ticket