Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refine upload endpoint auth flow, add custom error message #522

Merged
merged 1 commit into from
Apr 26, 2024
Merged

refine upload endpoint auth flow, add custom error message #522

merged 1 commit into from
Apr 26, 2024

Conversation

nora-codecov
Copy link
Contributor

Purpose/Motivation

fixes codecov/feedback#344

What does this PR do?

Got some feedback, made me realize that this flow was being handled incorrectly. According to Django's docs,

Typically the approach you should take is:

  • If authentication is not attempted, return None. Any other authentication schemes also in use will still be checked.
  • If authentication is attempted but fails, raise an AuthenticationFailed exception. An error response will be returned immediately, regardless of any permissions checks, and without checking any other authentication schemes.

I updated the flow to return None in a few places, instead of raising an error based on context that the function was assuming.

Instead, they will continue through the auth flow, so the error is handled by Django's built-in stuff. Then, I added a custom error message for when a user runs into this scenario, in repo_auth_custom_exception_handler.

@nora-codecov nora-codecov requested a review from a team as a code owner April 23, 2024 22:27
@codecov-notifications
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

✅ All tests successful. No failed tests found ☺️

📢 Thoughts on this report? Let us know!

@codecov-qa
Copy link

codecov-qa bot commented Apr 23, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.46%. Comparing base (52ac5d9) to head (ae95ab9).

✅ All tests successful. No failed tests found ☺️

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #522      +/-   ##
==========================================
+ Coverage   91.44%   91.46%   +0.01%     
==========================================
  Files         599      599              
  Lines       16193    16218      +25     
==========================================
+ Hits        14808    14833      +25     
  Misses       1385     1385
Flag Coverage Δ
unit 91.46% <100.00%> (+0.01%) ⬆️
unit-latest-uploader 91.46% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@codecov-public-qa Codecov Public QA
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.46%. Comparing base (52ac5d9) to head (ae95ab9).

✅ All tests successful. No failed tests found ☺️

Impacted file tree graph

@@            Coverage Diff             @@
##             main     #522      +/-   ##
==========================================
+ Coverage   91.44%   91.46%   +0.01%     
==========================================
  Files         599      599              
  Lines       16193    16218      +25     
==========================================
+ Hits        14808    14833      +25     
  Misses       1385     1385
Flag Coverage Δ
unit 91.46% <100.00%> (+0.01%) ⬆️
unit-latest-uploader 91.46% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
codecov_auth/authentication/repo_auth.py 98.47% <100.00%> (+0.07%) ⬆️
upload/views/bundle_analysis.py 98.46% <100.00%> (+0.04%) ⬆️
upload/views/commits.py 100.00% <100.00%> (ø)
upload/views/empty_upload.py 91.30% <100.00%> (+0.25%) ⬆️
upload/views/reports.py 100.00% <100.00%> (ø)
upload/views/test_results.py 98.38% <100.00%> (+0.05%) ⬆️
upload/views/upload_completion.py 100.00% <100.00%> (ø)
upload/views/uploads.py 99.03% <100.00%> (+0.01%) ⬆️

Impacted file tree graph

@codecov Codecov
Copy link

codecov bot commented Apr 23, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.77%. Comparing base (52ac5d9) to head (ae95ab9).

✅ All tests successful. No failed tests found ☺️

Additional details and impacted files 
@@          Coverage Diff          @@
##            main    #522   +/-   ##
=====================================
  Coverage   95.77   95.77           
=====================================
  Files        774     774           
  Lines      17049   17074   +25     
=====================================
+ Hits       16327   16352   +25     
  Misses       722     722
Flag Coverage Δ
unit 91.46% <100.00%> (+0.01%) ⬆️
unit-latest-uploader 91.46% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@nora-codecov nora-codecov added this pull request to the merge queue Apr 26, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Apr 26, 2024
@nora-codecov nora-codecov added this pull request to the merge queue Apr 26, 2024
Merged via the queue into main with commit 252b887 Apr 26, 2024
21 checks passed
@nora-codecov nora-codecov deleted the nora/refine-auth-exception-messaging branch April 26, 2024 21:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@giovanni-guidini giovanni-guidini giovanni-guidini approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OIDC token authentication is too aggressive
2 participants
@nora-codecov @giovanni-guidini