Adds private app authentication API for bibxml. Fixes #3480. Commit r…

…eady for merge. - Legacy-Id: 19711
ietf-tools · Nov 25, 2021 · 43513ed · 43513ed
1 parent 8c69753
commit 43513ed
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 6 deletions.
diff --git a/ietf/api/tests.py b/ietf/api/tests.py
@@ -354,8 +354,8 @@ def test_api_version(self):
         self.assertEqual(data['version'], ietf.__version__+ietf.__patch__)
         self.assertIn(data['date'], ietf.__date__)
 
-    def test_api_appauth_authortools(self):
-        url = urlreverse('ietf.api.views.author_tools')
+    def test_api_appauth(self):
+        url = urlreverse('ietf.api.views.app_auth')
         person = PersonFactory()
         apikey = PersonalApiKey.objects.create(endpoint=url, person=person)
 

diff --git a/ietf/api/urls.py b/ietf/api/urls.py
@@ -40,8 +40,8 @@
     url(r'^submit/?$', submit_views.api_submit),
     # Datatracker version
     url(r'^version/?$', api_views.version),
-    # Authtools API key
-    url(r'^appauth/authortools', api_views.author_tools),
+    # Application authentication API key
+    url(r'^appauth/[authortools|bibxml]', api_views.app_auth),
 ]
 
 # Additional (standard) Tastypie endpoints

diff --git a/ietf/api/views.py b/ietf/api/views.py
@@ -218,7 +218,7 @@ def version(request):
 
 @require_api_key
 @csrf_exempt
-def author_tools(request):
+def app_auth(request):
     return HttpResponse(
             json.dumps({'success': True}),
             content_type='application/json')
diff --git a/ietf/ietfauth/tests.py b/ietf/ietfauth/tests.py
@@ -655,7 +655,7 @@ def test_apikey_errors(self):
             self.assertContains(r, 'Invalid apikey', status_code=403)
 
             # invalid apikey (invalidated api key)
-            unauthorized_url = urlreverse('ietf.api.views.author_tools')
+            unauthorized_url = urlreverse('ietf.api.views.app_auth')
             invalidated_apikey = PersonalApiKey.objects.create(
                         endpoint=unauthorized_url, person=person, valid=False)
             r = self.client.post(unauthorized_url, {'apikey': invalidated_apikey.hash()})

diff --git a/ietf/person/models.py b/ietf/person/models.py
@@ -357,6 +357,7 @@ def salt():
     ("/api/notify/meeting/registration", "/api/notify/meeting/registration", "Robot"), 
     ("/api/notify/meeting/bluesheet", "/api/notify/meeting/bluesheet", "Recording Manager"), 
     ("/api/appauth/authortools", "/api/appauth/authortools", None),
+    ("/api/appauth/bibxml", "/api/appauth/bibxml", None),
 ]
 PERSON_API_KEY_ENDPOINTS = sorted(list(set([ (v, n) for (v, n, r) in PERSON_API_KEY_VALUES ])))