Remove context keyword from security handlers (#1690)

Follow-up on #1671 Since the request context is available globally, we can remove this complexity from the security handlers ("There should be one-- and preferably only one --obvious way to do it.") In addition it seems like there weren't any tests for the context in security handler functions, and I don't think there's a lot of value in a test for checking the context in security functions specifically.
spec-first · Apr 22, 2023 · 97e8a8e · 97e8a8e
1 parent 1beb053
commit 97e8a8e
Showing 1 changed file with 4 additions and 17 deletions.
diff --git a/connexion/security.py b/connexion/security.py
@@ -67,7 +67,6 @@
 class AbstractSecurityHandler:
 
     required_scopes_kw = "required_scopes"
-    context_kw = "context_"
     client = None
     security_definition_key: str
     """The key which contains the value for the function name to resolve."""
@@ -107,15 +106,10 @@ def _get_function(
         return default
 
     def _generic_check(self, func, exception_msg):
-        (
-            need_to_add_context,
-            need_to_add_required_scopes,
-        ) = self._need_to_add_context_or_scopes(func)
+        need_to_add_required_scopes = self._need_to_add_scopes(func)
 
         async def wrapper(request, *args, required_scopes=None):
             kwargs = {}
-            if need_to_add_context:
-                kwargs[self.context_kw] = request.context
             if need_to_add_required_scopes:
                 kwargs[self.required_scopes_kw] = required_scopes
             token_info = func(*args, **kwargs)
@@ -146,11 +140,10 @@ def get_auth_header_value(request):
             raise OAuthProblem(detail="Invalid authorization header")
         return auth_type.lower(), value
 
-    def _need_to_add_context_or_scopes(self, func):
+    def _need_to_add_scopes(self, func):
         arguments, has_kwargs = inspect_function_arguments(func)
-        need_context = self.context_kw in arguments
         need_required_scopes = has_kwargs or self.required_scopes_kw in arguments
-        return need_context, need_required_scopes
+        return need_required_scopes
 
     def _resolve_func(self, security_scheme):
         """
@@ -411,9 +404,6 @@ def check_oauth_func(self, token_info_func, scope_validate_func):
         get_token_info = self._generic_check(
             token_info_func, "Provided token is not valid"
         )
-        need_to_add_context, _ = self._need_to_add_context_or_scopes(
-            scope_validate_func
-        )
 
         async def wrapper(request, token, required_scopes):
             token_info = await get_token_info(
@@ -423,10 +413,7 @@ async def wrapper(request, token, required_scopes):
             # Fallback to 'scopes' for backward compatibility
             token_scopes = token_info.get("scope", token_info.get("scopes", ""))
 
-            kwargs = {}
-            if need_to_add_context:
-                kwargs[self.context_kw] = request.context
-            validation = scope_validate_func(required_scopes, token_scopes, **kwargs)
+            validation = scope_validate_func(required_scopes, token_scopes)
             while asyncio.iscoroutine(validation):
                 validation = await validation
             if not validation: