Support for breaking changes in Flask/Werkzeug 2.3 (Fixes #160)

miguelgrinberg · Apr 27, 2023 · 7654839 · 7654839
1 parent 15498a3
commit 7654839
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 16 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -22,7 +22,8 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python: ['3.7', '3.8', '3.9', '3.10', '3.11', 'pypy-3.8']
+        python: ['3.8', '3.9', '3.10', '3.11', 'pypy-3.8']
+        flask: ['flask<2.3', 'flask>=2.3']
       fail-fast: false
     runs-on: ${{ matrix.os }}
     steps:
@@ -33,6 +34,8 @@ jobs:
       - run: python -m pip install --upgrade pip wheel
       - run: pip install tox tox-gh-actions
       - run: tox
+        env:
+          FLASK_VERSION: ${{ matrix.flask }}
   coverage:
     name: coverage
     runs-on: ubuntu-latest

diff --git a/src/flask_httpauth.py b/src/flask_httpauth.py
@@ -76,22 +76,24 @@ def get_auth(self):
         auth = None
         if self.header is None or self.header == 'Authorization':
             auth = request.authorization
-            if auth is None and 'Authorization' in request.headers:
-                # Flask/Werkzeug do not recognize any authentication types
-                # other than Basic or Digest, so here we parse the header by
-                # hand
+            if auth is None and \
+                    'Authorization' in request.headers:  # pragma: no cover
+                # Flask/Werkzeug versions before 2.3 do not recognize any
+                # authentication types other than Basic or Digest, so here we
+                # parse the header by hand
                 try:
                     auth_type, token = request.headers['Authorization'].split(
                         None, 1)
-                    auth = Authorization(auth_type, {'token': token})
+                    auth = Authorization(auth_type)
+                    auth.token = token
                 except (ValueError, KeyError):
                     # The Authorization header is either empty or has no token
                     pass
         elif self.header in request.headers:
             # using a custom header, so the entire value of the header is
             # assumed to be a token
-            auth = Authorization(self.scheme,
-                                 {'token': request.headers[self.header]})
+            auth = Authorization(self.scheme)
+            auth.token = request.headers[self.header]
 
         # if the auth type does not match, we act as if there is no auth
         # this is better than failing directly, as it allows the callback
@@ -391,10 +393,7 @@ def verify_token(self, f):
         return f
 
     def authenticate(self, auth, stored_password):
-        if auth:
-            token = auth['token']
-        else:
-            token = ""
+        token = getattr(auth, 'token', '')
         if self.verify_token_callback:
             return self.ensure_sync(self.verify_token_callback)(token)
 

diff --git a/tests/test_multi.py b/tests/test_multi.py
@@ -30,7 +30,7 @@ def verify_token(token):
 
         @token_auth.get_user_roles
         def get_token_role(auth):
-            if auth['token'] == 'this-is-the-token!':
+            if auth.token == 'this-is-the-token!':
                 return 'foo'
             return
 
@@ -44,7 +44,7 @@ def verify_custom_token(token):
 
         @custom_token_auth.get_user_roles
         def get_custom_token_role(auth):
-            if auth['token'] == 'this-is-the-custom-token!':
+            if auth.token == 'this-is-the-custom-token!':
                 return 'foo'
             return
 

diff --git a/tests/test_multi_async.py b/tests/test_multi_async.py
@@ -33,7 +33,7 @@ async def verify_token(token):
 
         @token_auth.get_user_roles
         async def get_token_role(auth):
-            if auth['token'] == 'this-is-the-token!':
+            if auth.token == 'this-is-the-token!':
                 return 'foo'
             return
 
@@ -47,7 +47,7 @@ async def verify_custom_token(token):
 
         @custom_token_auth.get_user_roles
         async def get_custom_token_role(auth):
-            if auth['token'] == 'this-is-the-custom-token!':
+            if auth.token == 'this-is-the-custom-token!':
                 return 'foo'
             return
 

diff --git a/tox.ini b/tox.ini
@@ -14,6 +14,7 @@ python =
 [testenv]
 commands=
     pip install -e .
+    pip install {env:FLASK_VERSION:flask>=2.3}
     pytest -p no:logging --cov=src --cov-branch --cov-report=term-missing --cov-report=xml
 deps=
     asgiref