brighthive · gregmundy · Oct 1, 2020 · Sep 28, 2020 · Sep 28, 2020 · Sep 29, 2020
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,17 @@
+# vscode settings
+.vscode/
+
+# python artifacts
+**/*.py[abc]
+**/__pycache__
+
+# pytest artifacts
+**/.pytest_cache/
+**/.coverage
+
+# sphinx artifacts
+**/docs/build
+
+# general development artifacts
+**.DS_Store
+.env
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.7.4-slim
+FROM python:3.8.5-slim
 RUN apt-get update
 RUN apt-get install -y --no-install-recommends gcc
 RUN apt-get install python-dev --assume-yes
@@ -10,6 +10,6 @@ ADD Pipfile Pipfile
 ADD Pipfile.lock Pipfile.lock
 RUN pip install --upgrade pip
 RUN pip install pipenv && pipenv install --system && pipenv install --dev --system
-ADD cmd.sh cmd.sh
-RUN chmod +x cmd.sh
-ENTRYPOINT [ "/authserver/cmd.sh" ]
+ADD entrypoint.sh entrypoint.sh
+RUN chmod +x entrypoint.sh
+ENTRYPOINT [ "/authserver/entrypoint.sh" ]
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -126,13 +126,18 @@ pipeline {
         }
       }
   }
+  post {
+      always {
+          cleanWs()
+      }
+  }
 }
 
 
 def initialize() {
     // Docker Defs
     env.DOCKER_DB_IMAGE_NAME = 'postgres:11.1'
-    env.DOCKER_PYTHON_NAME = 'python:3.7.4-slim'
+    env.DOCKER_PYTHON_NAME = 'python:3.8.3-slim'
     // AWS ERC Parameters / Push Rules
     env.REGISTRY_NAME = 'brighthive/authserver'
     env.REGISTRY_URI = '396527728813.dkr.ecr.us-east-2.amazonaws.com'

diff --git a/Pipfile b/Pipfile
@@ -4,36 +4,35 @@ url = "https://pypi.org/simple"
 verify_ssl = true
 
 [dev-packages]
-pycodestyle = "==2.5.0"
-autopep8 = "==1.5"
-docker = "==4.2.0"
-pytest = "==5.3.5"
-pytest-cov = "==2.8.1"
-expects = "==0.9.0"
-sphinx = "==2.4.1"
-doc8 = "==0.8.0"
+pycodestyle = "*"
+autopep8 = "*"
+docker = "*"
+pytest = "*"
+pytest-cov = "*"
+expects = "*"
+sphinx = "*"
+doc8 = "*"
 pytest-flask = "*"
 pytest-mock = "*"
 
 [packages]
-flask = "==1.1.1"
-flask-restful = "==0.3.8"
-flask-migrate = "==2.5.2"
-flask-sqlalchemy = "==2.4.1"
-gunicorn = "==20.0.4"
-authlib = "==0.14.1"
-psycopg2-binary = "==2.8.4"
-marshmallow = "==2.19.5"
-flask-marshmallow = "==0.11.0"
-marshmallow-sqlalchemy = "==0.22.2"
-bcrypt = "==3.1.7"
-flask-cors = "==3.0.8"
-flask-wtf = "==0.14.3"
-gevent = "==1.4.0"
-flask-script = "==2.0.6"
-elastic-apm = "==5.6.0"
-blinker = "==1.4"
-psutil = "==5.7.0"
+flask = "*"
+flask-restful = "*"
+flask-migrate = "*"
+flask-sqlalchemy = "*"
+gunicorn = "*"
+authlib = "*"
+psycopg2-binary = "*"
+flask-marshmallow = "*"
+marshmallow-sqlalchemy = "*"
+bcrypt = "*"
+flask-cors = "*"
+flask-wtf = "*"
+gevent = "*"
+flask-script = "*"
+elastic-apm = "*"
+blinker = "*"
+psutil = "*"
 
 [requires]
-python_version = "3.7"
+python_version = "3.8"
diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/authserver/api/__init__.py b/authserver/api/__init__.py
@@ -1,8 +1,8 @@
 from authserver.api.health import health_api_bp
-from authserver.api.data_trust import data_trust_bp
 from authserver.api.user import user_bp
 from authserver.api.organization import organization_bp
 from authserver.api.client import client_bp
 from authserver.api.oauth2 import oauth2_bp
 from authserver.api.role import role_bp
 from authserver.api.home import home_bp
+from authserver.api.scope import scope_bp
diff --git a/authserver/api/client.py b/authserver/api/client.py
@@ -13,8 +13,7 @@
 from flask_restful import Api, Resource, request
 from werkzeug.security import gen_salt
 
-from authserver.db import (DataTrust, DataTrustSchema, OAuth2Client,
-                           OAuth2ClientSchema, Role, User, UserSchema, db)
+from authserver.db import (OAuth2Client, OAuth2ClientSchema, Role, User, UserSchema, db)
 from authserver.utilities import ResponseBody, require_oauth
 
 
@@ -34,12 +33,12 @@ def __init__(self):
     def get(self, id: str = None):
         if not id:
             clients = OAuth2Client.query.all()
-            clients_obj = self.clients_schema.dump(clients).data
+            clients_obj = self.clients_schema.dump(clients)
             return self.response_handler.get_all_response(clients_obj)
         else:
             client = OAuth2Client.query.filter_by(id=id).first()
             if client:
-                client_obj = self.client_schema.dump(client).data
+                client_obj = self.client_schema.dump(client)
                 return self.response_handler.get_one_response(client_obj, request={'id': id})
             else:
                 return self.response_handler.not_found_response(id)
@@ -80,7 +79,7 @@ def post(self, id: str = None):
         if id is not None:
             return self.response_handler.method_not_allowed_response()
 
-        data, errors = self.client_schema.load(request_data)
+        errors = self.client_schema.validate(request_data)
         if errors:
             return self.response_handler.custom_response(code=422, messages=errors)
 
@@ -139,7 +138,7 @@ def delete(self, id: str = None):
         try:
             client = OAuth2Client.query.filter_by(id=id).first()
             if client:
-                client_obj = self.client_schema.dump(client).data
+                client_obj = self.client_schema.dump(client)
                 db.session.delete(client)
                 db.session.commit()
                 return self.response_handler.successful_delete_response('Client', id, client_obj)
@@ -163,7 +162,7 @@ def update(self, id: str, partial=True):
             return self.response_handler.not_found_response(id)
         if not request_data:
             return self.response_handler.empty_request_body_response()
-        data, errors = self.client_schema.load(request_data, partial=partial)
+        errors = self.client_schema.validate(request_data, partial=partial)
         if errors:
             return self.response_handler.custom_response(code=422, messages=errors)
 

diff --git a/authserver/api/home.py b/authserver/api/home.py
@@ -30,16 +30,15 @@ def login():
         username = form.username.data
         password = form.password.data
         user = User.query.filter_by(username=username).first()
+        error_msg = "You did not enter valid login credentials."
 
         try:
-            if not user.active:
-                errors = "You do not have an active user account."
-            elif not user.verify_password(password):
-                errors = "You did not enter a valid password."
+            if (not user.active) or (not user.verify_password(password)):
+                errors = error_msg
             else:
                 session['id'] = user.id
                 return redirect(return_to)
         except AttributeError:
-            errors = "You did not enter valid login credentials."
+            errors = error_msg
 
         return render_template('login.html', client_id=client_id, return_to=return_to, form=form, errors=errors)
diff --git a/authserver/api/oauth2.py b/authserver/api/oauth2.py
@@ -98,24 +98,25 @@ class ValidateOAuth2TokenResource(Resource):
     """
     This resource determines the validity of an OAuth2Token.
     """
+
     def __init__(self):
         self.response_handler = ResponseBody()
 
     def post(self):
         req_json = request.get_json(force=True)
         access_token = req_json["token"]
-        access_token_in_db = OAuth2Token.query.filter_by(access_token=access_token).first() 
+        access_token_in_db = OAuth2Token.query.filter_by(access_token=access_token).first()
 
         try:
             is_expired = access_token_in_db.is_access_token_expired()
         except AttributeError:
             # Token is not valid, if it does not exist.
-            is_valid=False 
+            is_valid = False
         else:
             # Token is not valid, if the token is expired (and vice versa).
             is_valid = not is_expired
-                
-        return self.response_handler.custom_response(status="OK", code=200, messages= {"valid": is_valid})
+
+        return self.response_handler.custom_response(status="OK", code=200, messages={"valid": is_valid})
 
 
 class CreateOAuth2TokenResource(Resource):

diff --git a/authserver/api/organization.py b/authserver/api/organization.py
@@ -18,35 +18,37 @@ def __init__(self):
         self.organization_schema = OrganizationSchema()
         self.organizations_schema = OrganizationSchema(many=True)
         self.response_handler = ResponseBody()
-    
+
     @require_oauth()
     def get(self, id: str = None):
         if not id:
             organizations = Organization.query.all()
-            organizations_obj = self.organizations_schema.dump(organizations).data
+            organizations_obj = self.organizations_schema.dump(organizations)
             return self.response_handler.get_all_response(organizations_obj)
         else:
             organization = Organization.query.filter_by(id=id).first()
             if organization:
-                organization_obj = self.organization_schema.dump(organization).data
+                organization_obj = self.organization_schema.dump(organization)
                 return self.response_handler.get_one_response(organization_obj, request={'id': id})
             else:
                 return self.response_handler.not_found_response(id)
 
     @require_oauth()
-    def post(self):
+    def post(self, id: str = None):
+        if id is not None:
+            return self.response_handler.method_not_allowed_response()
         try:
             request_data = request.get_json(force=True)
         except Exception as e:
             return self.response_handler.empty_request_body_response()
-        
+
         if not request_data:
             return self.response_handler.empty_request_body_response()
-        
-        data, errors = self.organization_schema.load(request_data)
+
+        errors = self.organization_schema.validate(request_data)
         if errors:
             return self.response_handler.custom_response(code=422, messages=errors)
-        
+
         try:
             organization = Organization(name=request_data['name'])
             db.session.add(organization)
@@ -64,15 +66,15 @@ def delete(self, id: str = None):
         try:
             organization = Organization.query.filter_by(id=id).first()
             if organization:
-                organization_obj = self.organization_schema.dump(organization).data
+                organization_obj = self.organization_schema.dump(organization)
                 db.session.delete(organization)
                 db.session.commit()
                 return self.response_handler.successful_delete_response('Organization', id, organization_obj)
             else:
                 return self.response_handler.not_found_response(id)
         except Exception:
             return self.response_handler.not_found_response(id)
-    
+
     @require_oauth()
     def put(self, id: str = None):
         if id is None:
@@ -84,7 +86,7 @@ def put(self, id: str = None):
     def patch(self, id: str = None):
         if id is None:
             return self.response_handler.method_not_allowed_response()
-            
+
         return self._update(request, id)
 
     def _update(self, request, id: str, partial=True):
@@ -97,25 +99,25 @@ def _update(self, request, id: str, partial=True):
             request_data = request.get_json(force=True)
         except Exception as e:
             return self.response_handler.empty_request_body_response()
-        
+
         if not request_data:
             return self.response_handler.empty_request_body_response()
 
         organization = Organization.query.filter_by(id=id).first()
         if not organization:
             return self.response_handler.not_found_response(id)
 
-        data, errors = self.organization_schema.load(request_data, partial=partial)
+        errors = self.organization_schema.validate(request_data, partial=partial)
         if errors:
             return self.response_handler.custom_response(code=422, messages=errors)
 
-        for k, v in data.items():
+        for k, v in request_data.items():
             if hasattr(organization, k):
                 setattr(organization, k, v)
         try:
             organization.date_last_updated = datetime.utcnow()
             db.session.commit()
-            return self.response_handler.successful_update_response('Organization', id, data)
+            return self.response_handler.successful_update_response('Organization', id, request_data)
         except Exception as e:
             db.session.rollback()
             exception_name = type(e).__name__
@@ -124,4 +126,4 @@ def _update(self, request, id: str, partial=True):
 
 organization_bp = Blueprint('organization_ep', __name__)
 organization_api = Api(organization_bp)
-organization_api.add_resource(OrganizationResource, '/organizations', '/organizations/<string:id>')
+organization_api.add_resource(OrganizationResource, '/organizations', '/organizations/<string:id>')