Skip to content
This repository has been archived by the owner on Aug 22, 2019. It is now read-only.

Commit

Permalink
Merge 7f3ae7a into f22a888
Browse files Browse the repository at this point in the history
  • Loading branch information
@gausie
gausie committed Oct 3, 2018
2 parents f22a888 + 7f3ae7a commit 0e7241c
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 18 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.rst
View file
Expand Up @@ -33,6 +33,7 @@ Fixed
- use utf8 everywhere when handling file IO
- argument ``--connector`` on run script accepts custom channel module names
- properly handle non ascii categorical slot values, e.g. ``大于100亿元``
- fixed HTTP server attempting to authenticate based on incorrect path to the correct JWT data field

[0.11.8] - 2018-09-28
^^^^^^^^^^^^^^^^^^^^^
Expand Down
6 changes: 4 additions & 2 deletions rasa_core/server.py
View file
Expand Up @@ -88,8 +88,10 @@ def sender_id_from_args(f, args, kwargs):

def sufficient_scope(*args, **kwargs):
jwt_data = view_decorators._decode_jwt_from_headers()
role = jwt_data.get("role", None)
username = jwt_data.get("username", None)
user = jwt_data.get("user", {})

username = user.get("user", None)
role = user.get("role", None)

if role == "admin":
return True
Expand Down
32 changes: 16 additions & 16 deletions tests/test_server.py
View file
Expand Up @@ -212,21 +212,21 @@ def test_list_conversations_with_jwt(secured_app):
# token generated with secret "core" and algorithm HS256
# on https://jwt.io/

# {"username": "testadmin", "role": "admin"}
# {"user": {"user": "testadmin", "role": "admin"}}
jwt_header = {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ"
"1c2VybmFtZSI6InRlc3RhZG1pbiIsInJvbGUiOiJhZG1pbi"
"J9.3gp-0pEEUJpU_NoR76lVYMrW86Aedx_QULKUcw3ODbo"
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
"eyJ1c2VyIjp7InVzZXIiOiJ0ZXN0YWRtaW4iLCJyb2xlIjoiYWRt"
"aW4ifX0.VUOiT2DL3LWoesfKm7wWv5Yp8mSnc5v2OXFSq6Tiis0"
}
response = secured_app.get("/conversations",
headers=jwt_header)
assert response.status_code == 200

# {"username": "testuser", "role": "user"}
# {"user": {"user": "testuser", "role": "user"}}
jwt_header = {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ"
"1c2VybmFtZSI6InRlc3R1c2VyIiwicm9sZSI6InVzZXIifQ"
".X4wN0sLRW0Urd9E-ProsCK_IQHjuNZ5SJwm4RXiX6fQ"
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
"eyJ1c2VyIjp7InVzZXIiOiJ0ZXN0dXNlciIsInJvbGUiOiJ1c2Vy"
"In19._Gu7YX6euPvq9pfDFHzgH4qPNMbJH1XGXGCVRnXiP24"
}
response = secured_app.get("/conversations",
headers=jwt_header)
Expand All @@ -237,11 +237,11 @@ def test_get_tracker_with_jwt(secured_app):
# token generated with secret "core" and algorithm HS256
# on https://jwt.io/

# {"username": "testadmin", "role": "admin"}
# {"user": {"user": "testadmin", "role": "admin"}}
jwt_header = {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ"
"1c2VybmFtZSI6InRlc3RhZG1pbiIsInJvbGUiOiJhZG1pbi"
"J9.3gp-0pEEUJpU_NoR76lVYMrW86Aedx_QULKUcw3ODbo"
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
"eyJ1c2VyIjp7InVzZXIiOiJ0ZXN0YWRtaW4iLCJyb2xlIjoiYWRt"
"aW4ifX0.VUOiT2DL3LWoesfKm7wWv5Yp8mSnc5v2OXFSq6Tiis0"
}
response = secured_app.get("/conversations/testadmin/tracker",
headers=jwt_header)
Expand All @@ -251,11 +251,11 @@ def test_get_tracker_with_jwt(secured_app):
headers=jwt_header)
assert response.status_code == 200

# {"username": "testuser", "role": "user"}
# {"user": {"user": "testuser", "role": "user"}}
jwt_header = {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ"
"1c2VybmFtZSI6InRlc3R1c2VyIiwicm9sZSI6InVzZXIifQ"
".X4wN0sLRW0Urd9E-ProsCK_IQHjuNZ5SJwm4RXiX6fQ"
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
"eyJ1c2VyIjp7InVzZXIiOiJ0ZXN0dXNlciIsInJvbGUiOiJ1c2Vy"
"In19._Gu7YX6euPvq9pfDFHzgH4qPNMbJH1XGXGCVRnXiP24"
}
response = secured_app.get("/conversations/testadmin/tracker",
headers=jwt_header)
Expand Down

0 comments on commit 0e7241c

Please sign in to comment.