From 1bd4e1a30eeb639b1d6390df5c41d0b8177442af Mon Sep 17 00:00:00 2001 From: aviadl Date: Tue, 16 Aug 2022 16:51:24 +0300 Subject: [PATCH] Replace basice auth with bearer related to: https://github.com/descope/common/pull/278 related to: https://github.com/descope/etc/issues/404 --- descope/auth.py | 8 +++----- tests/test_exchanger.py | 2 +- tests/test_magiclink.py | 6 +++--- tests/test_oauth.py | 2 +- tests/test_saml.py | 2 +- tests/test_totp.py | 2 +- tests/test_webauthn.py | 12 ++++++------ 7 files changed, 16 insertions(+), 18 deletions(-) diff --git a/descope/auth.py b/descope/auth.py index 78fb5ca67..3639735ec 100644 --- a/descope/auth.py +++ b/descope/auth.py @@ -1,4 +1,3 @@ -import base64 import json import os import re @@ -339,11 +338,10 @@ def _get_default_headers(self, pswd: str = None): headers = {} headers["Content-Type"] = "application/json" + bearer = self.project_id if pswd: - bytes = f"{self.project_id}:{pswd}".encode("ascii") - else: - bytes = f"{self.project_id}:".encode("ascii") - headers["Authorization"] = f"Basic {base64.b64encode(bytes).decode('ascii')}" + bearer = f"{self.project_id}:{pswd}" + headers["Authorization"] = f"Bearer {bearer}" return headers def _validate_and_load_tokens(self, session_token: str, refresh_token: str) -> dict: diff --git a/tests/test_exchanger.py b/tests/test_exchanger.py index c9eba35f6..58b3ae9df 100644 --- a/tests/test_exchanger.py +++ b/tests/test_exchanger.py @@ -51,7 +51,7 @@ def test_exchange_token(self): f"{DEFAULT_BASE_URL}{EndpointsV1.exchangeTokenPath}", headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, params={"code": "c1"}, allow_redirects=False, diff --git a/tests/test_magiclink.py b/tests/test_magiclink.py index 16121673b..de6be97e1 100644 --- a/tests/test_magiclink.py +++ b/tests/test_magiclink.py @@ -249,7 +249,7 @@ def test_sign_in_cross_device(self): f"{DEFAULT_BASE_URL}{EndpointsV1.signInAuthMagicLinkPath}/email", headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps( { @@ -280,7 +280,7 @@ def test_sign_up_cross_device(self): f"{DEFAULT_BASE_URL}{EndpointsV1.signUpAuthMagicLinkPath}/email", headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps( { @@ -312,7 +312,7 @@ def test_sign_up_or_in_cross_device(self): f"{DEFAULT_BASE_URL}{EndpointsV1.signUpOrInAuthMagicLinkPath}/email", headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps( { diff --git a/tests/test_oauth.py b/tests/test_oauth.py index 7efcb9473..251cc2fdd 100644 --- a/tests/test_oauth.py +++ b/tests/test_oauth.py @@ -70,7 +70,7 @@ def test_oauth_start(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, params={"provider": "facebook"}, allow_redirects=False, diff --git a/tests/test_saml.py b/tests/test_saml.py index 0784d2838..b3432e7be 100644 --- a/tests/test_saml.py +++ b/tests/test_saml.py @@ -52,7 +52,7 @@ def test_saml_start(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, params={"tenant": "tenant1", "redirectURL": "http://dummy.com"}, allow_redirects=None, diff --git a/tests/test_totp.py b/tests/test_totp.py index eb69c465d..f2ba8c430 100644 --- a/tests/test_totp.py +++ b/tests/test_totp.py @@ -120,7 +120,7 @@ def test_update_user(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6ZXlKaGJHY2lPaUpGVXpNNE5DSXNJbXRwWkNJNklqSkNkRFZYVEdOalRGVmxlVEZFY0RkMWRIQjBXbUl6Um5nNVN5SXNJblI1Y0NJNklrcFhWQ0o5LmV5SmhkWFJvYjNKcGVtVmtWR1Z1WVc1MGN5STZleUlpT201MWJHeDlMQ0pqYjI5cmFXVkViMjFoYVc0aU9pSWlMQ0pqYjI5cmFXVkZlSEJwY21GMGFXOXVJam94TmpZd05qYzVNakE0TENKamIyOXJhV1ZOWVhoQloyVWlPakkxT1RFNU9Ua3NJbU52YjJ0cFpVNWhiV1VpT2lKRVUxSWlMQ0pqYjI5cmFXVlFZWFJvSWpvaUx5SXNJbVY0Y0NJNk1qQTVNREE0TnpJd09Dd2lhV0YwSWpveE5qVTRNRGczTWpBNExDSnBjM01pT2lJeVFuUTFWMHhqWTB4VlpYa3hSSEEzZFhSd2RGcGlNMFo0T1VzaUxDSnpkV0lpT2lJeVF6VTFkbmw0ZHpCelVrdzJSbVJOTmpoeFVuTkRSR1JTVDFZaWZRLmNXUDV1cDRSNXhlSWwycW9HMk50ZkxIM1E1blJKVktkei1GRG9BWGN0T1FXOWczY2VaUWk2clpRLVRQQmFYTUt3NjhiaWpOM2JMSlRxeFdXNVdIenFSVWVvcGZ1elRjTVltQzB3UDJYR0prcmRGNkE4RDVRVzZhY1NHcWdsRmd1", + "Authorization": f"Bearer {self.dummy_project_id}:{valid_jwt_token}", }, data=json.dumps({"externalId": "dummy@dummy.com"}), verify=True, diff --git a/tests/test_webauthn.py b/tests/test_webauthn.py index a7994ef84..98996e843 100644 --- a/tests/test_webauthn.py +++ b/tests/test_webauthn.py @@ -94,7 +94,7 @@ def test_sign_up_start(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps( {"user": {"externalId": "id1"}, "origin": "https://example.com"} @@ -142,7 +142,7 @@ def test_sign_up_finish(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps({"transactionId": "t01", "response": "response01"}), verify=True, @@ -188,7 +188,7 @@ def test_sign_in_start(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps({"externalId": "id1", "origin": "https://example.com"}), verify=True, @@ -227,7 +227,7 @@ def test_sign_in_finish(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps({"transactionId": "t01", "response": "response01"}), verify=True, @@ -293,7 +293,7 @@ def test_add_device_start(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6YXNkYXNk", + "Authorization": f"Bearer {self.dummy_project_id}:asdasd", }, data=json.dumps( {"externalId": "dummy@dummy.com", "origin": "https://example.com"} @@ -335,7 +335,7 @@ def test_add_device_finish(self): expected_uri, headers={ "Content-Type": "application/json", - "Authorization": "Basic ZHVtbXk6", + "Authorization": f"Bearer {self.dummy_project_id}", }, data=json.dumps({"transactionId": "t01", "response": "response01"}), verify=True,