Skip to content

Commit

Permalink
Merge pull request #98 from jjjermiah/20-authpy-username-and-password…
Browse files Browse the repository at this point in the history 
…-encryption

feat: Add encryption and decryption functions for credentials
  • Loading branch information
@jjjermiah
jjjermiah committed Feb 5, 2024
2 parents d063000 + bbbd1d2 commit e08caa0
Show file tree
Hide file tree
Showing 4 changed files with 88 additions and 8 deletions.
56 changes: 55 additions & 1 deletion poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ pydicom = "^2.4.3"
tqdm = "^4.66.1"
pyfiglet = "^1.0"
beautifulsoup4 = "^4.12.3"
cryptography = "^42.0.2"

[tool.poetry.group.dev.dependencies]
pytest = "^7.4.3"
Expand Down
35 changes: 30 additions & 5 deletions src/nbiatoolkit/auth.py
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,23 @@
import requests
import time
from typing import Union
from typing import Union, Tuple
from .utils import NBIA_ENDPOINTS
from cryptography.fernet import Fernet


def encrypt_credentials(key: bytes, username: str, password: str) -> Tuple[str, str]:
cipher_suite = Fernet(key=key)
encrypted_password = cipher_suite.encrypt(password.encode()).decode()
encrypted_username = cipher_suite.encrypt(username.encode()).decode()
# return the encrypted client_id and username
return encrypted_username, encrypted_password

def decrypt_credentials(key: bytes, encrypted_username: str, encrypted_password: str) -> tuple[str, str]:
cipher_suite = Fernet(key=key)
decrypted_username = cipher_suite.decrypt(encrypted_username.encode()).decode()
decrypted_password = cipher_suite.decrypt(encrypted_password.encode()).decode()
# return the decrypted client_id and username
return decrypted_username, decrypted_password

class OAuth2:
"""
Expand Down Expand Up @@ -89,9 +105,11 @@ def __init__(
base_url : str or NBIA_ENDPOINTS, optional. Default is NBIA_ENDPOINTS.BASE_URL
"""

self.client_id = client_id
self.username = username
self.password = password

self._fernet_key: bytes = Fernet.generate_key()
self.username, self.password = encrypt_credentials(key=self.fernet_key, username=username, password=password)

if isinstance(base_url, NBIA_ENDPOINTS):
self.base_url = base_url.value
Expand All @@ -104,6 +122,11 @@ def __init__(
self.refresh_token = "" # Fix: Assign an empty string instead of None
self.scope = None


@property
def fernet_key(self) -> bytes:
return self._fernet_key

@property
def access_token(self) -> str | None:
# Check if access token is not set or it's expired
Expand Down Expand Up @@ -155,9 +178,11 @@ def request_new_access_token(self):
# self.token_expiration_time = time.time() + expires_in

# # Prepare the request data


data: dict[str, str] = {
"username": self.username,
"password": self.password,
"username": decrypt_credentials(key=self.fernet_key, encrypted_username=self.username, encrypted_password=self.password)[0],
"password": decrypt_credentials(key=self.fernet_key, encrypted_username=self.username, encrypted_password=self.password)[1],
"client_id": self.client_id,
"grant_type": "password",
}
Expand Down
4 changes: 2 additions & 2 deletions tests/test_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ def oauth() -> OAuth2:

def test_oauth2(oauth: OAuth2) -> None:
assert oauth.client_id == "NBIA"
assert oauth.username == "nbia_guest"
assert oauth.password == ""
assert oauth.username != "nbia_guest"
assert oauth.password != ""
assert oauth.access_token is not None
assert oauth.api_headers is not None
assert oauth.expiry_time is not None
Expand Down

0 comments on commit e08caa0

Please sign in to comment.