feat(auth): add token to API GUI

PrivateAIM · Mar 25, 2024 · 5e963f8 · 5e963f8
1 parent 19e4816
commit 5e963f8
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 15 deletions.
diff --git a/gateway/auth.py b/gateway/auth.py
@@ -2,7 +2,7 @@
 
 import requests
 from fastapi import Security, HTTPException
-from fastapi.security import OAuth2AuthorizationCodeBearer, OAuth2PasswordBearer
+from fastapi.security import OAuth2AuthorizationCodeBearer, OAuth2PasswordBearer, HTTPBearer
 from jose import jwt, JOSEError
 from starlette import status
 from starlette.datastructures import MutableHeaders
@@ -31,6 +31,11 @@
 
 idp_oauth2_scheme_pass = OAuth2PasswordBearer(tokenUrl=realm_idp_settings.token_url)
 
+httpbearer = HTTPBearer(
+    scheme_name="JWT",
+    description="Pass a valid JWT here for authentication. Can be obtained from /token endpoint."
+)
+
 
 # Debugging methods
 async def get_idp_public_key() -> str:

diff --git a/gateway/routers/hub.py b/gateway/routers/hub.py
@@ -7,15 +7,16 @@
 from starlette.requests import Request
 from starlette.responses import Response
 
-from gateway.auth import add_hub_jwt, verify_idp_token, idp_oauth2_scheme_pass
+from gateway.auth import add_hub_jwt, verify_idp_token, idp_oauth2_scheme_pass, httpbearer
 from gateway.conf import gateway_settings
 from gateway.core import route
 from gateway.models.hub import Project, AllProjects, ApprovalStatus, AnalysisOrProjectNode, ListAnalysisOrProjectNodes, \
     AnalysisNode
 from gateway.models.k8s import ImageDataResponse, ContainerResponse
 
 hub_router = APIRouter(
-    dependencies=[Security(verify_idp_token), Depends(add_hub_jwt), Security(idp_oauth2_scheme_pass)],
+    dependencies=[Security(verify_idp_token), Depends(add_hub_jwt), Security(idp_oauth2_scheme_pass),
+                  Security(httpbearer)],
     tags=["Hub"],
     responses={404: {"description": "Not found"}},
 )

diff --git a/gateway/routers/kong.py b/gateway/routers/kong.py
@@ -9,13 +9,13 @@
 from kong_admin_client.rest import ApiException
 from starlette import status
 
-from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass
+from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass, httpbearer
 from gateway.conf import gateway_settings
 from gateway.models.kong import ServiceRequest, HttpMethodCode, ProtocolCode, LinkDataStoreProject, \
     Disconnect, LinkProjectAnalysis
 
 kong_router = APIRouter(
-    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass)],
+    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass), Security(httpbearer)],
     tags=["Kong"],
     responses={404: {"description": "Not found"}},
 )

diff --git a/gateway/routers/podorc.py b/gateway/routers/podorc.py
@@ -7,12 +7,12 @@
 from starlette.requests import Request
 from starlette.responses import Response
 
-from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass
+from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass, httpbearer
 from gateway.conf import gateway_settings
 from gateway.core import route
 
 po_router = APIRouter(
-    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass)],
+    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass), Security(httpbearer)],
     tags=["PodOrc"],
     responses={404: {"description": "Not found"}},
 )

diff --git a/gateway/routers/results.py b/gateway/routers/results.py
@@ -6,13 +6,13 @@
 from starlette.requests import Request
 from starlette.responses import Response
 
-from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass
+from gateway.auth import verify_idp_token, idp_oauth2_scheme_pass, httpbearer
 from gateway.conf import gateway_settings
 from gateway.core import route
 from gateway.models.results import ResultsUploadResponse
 
 results_router = APIRouter(
-    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass)],
+    dependencies=[Security(verify_idp_token), Security(idp_oauth2_scheme_pass), Security(httpbearer)],
     tags=["Results"],
     responses={404: {"description": "Not found"}},
 )

diff --git a/gateway/server.py b/gateway/server.py
@@ -7,8 +7,7 @@
 
 import requests
 import uvicorn
-from fastapi import FastAPI, Depends, HTTPException
-from fastapi.security import OAuth2PasswordRequestForm
+from fastapi import FastAPI, HTTPException, Query
 from starlette import status
 from starlette.middleware.cors import CORSMiddleware
 
@@ -55,7 +54,12 @@ async def lifespan(app: FastAPI):
         # Auth fill client ID for the docs with the below value
         "clientId": realm_idp_settings.client_id,  # default client-id is Keycloak
     },
-    lifespan=lifespan
+    lifespan=lifespan,
+    license_info={
+        "name": "Apache 2.0",
+        "url": "https://www.apache.org/licenses/LICENSE-2.0.html",
+        "identifier": "Apache-2.0",
+    },
 )
 
 app.add_middleware(
@@ -96,11 +100,14 @@ def get_health() -> HealthCheck:
     status_code=status.HTTP_200_OK,
     response_model=Token,
 )
-def get_token(form_data: Annotated[OAuth2PasswordRequestForm, Depends()]) -> Token:
+def get_token(
+        username: Annotated[str, Query()],
+        password: Annotated[str, Query()],
+) -> Token:
     """Get a token from the IDP."""
     payload = {
-        "username": form_data.username,
-        "password": form_data.password,
+        "username": username,
+        "password": password,
         "client_id": realm_idp_settings.client_id,
         "client_secret": realm_idp_settings.client_secret,
         "grant_type": "password",