Skip to content

Commit 6460b3a

Browse files
lyleschemmerlinglyleschemmerling
committed
PR Feedback, additional validation on oauth routes affected by the tenant id checks, update the client libraries to pass in the tenant id in request objects to preserve backwards compat, additional testing, and some cleanup
1 parent 42ba6b5 commit 6460b3a

1 file changed

Lines changed: 92 additions & 12 deletions

File tree

src/main/python/fusionauth/fusionauth_client.py

Lines changed: 92 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -104,8 +104,15 @@ def approve_device_with_request(self, request):
104104
Attributes:
105105
request: The request object containing the device approval information and optional tenantId.
106106
"""
107+
body = {
108+
"client_id": request.client_id,
109+
"client_secret": request.client_secret,
110+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
111+
"token": request.token,
112+
"user_code": request.user_code,
113+
}
107114
return self.start().uri('/oauth2/device/approve') \
108-
.body_handler(JSONBodyHandler(request)) \
115+
.body_handler(FormDataBodyHandler(body)) \
109116
.post() \
110117
.go()
111118

@@ -285,8 +292,15 @@ def client_credentials_grant_with_request(self, request):
285292
Attributes:
286293
request: The client credentials grant request containing client authentication, scope and optional tenantId.
287294
"""
295+
body = {
296+
"client_id": request.client_id,
297+
"client_secret": request.client_secret,
298+
"grant_type": request.grant_type,
299+
"scope": request.scope,
300+
"tenantId": request.tenantId,
301+
}
288302
return self.start_anonymous().uri('/oauth2/token') \
289-
.body_handler(JSONBodyHandler(request)) \
303+
.body_handler(FormDataBodyHandler(body)) \
290304
.post() \
291305
.go()
292306

@@ -1357,8 +1371,14 @@ def device_authorize_with_request(self, request):
13571371
Attributes:
13581372
request: The device authorization request containing client authentication, scope, and optional device metadata.
13591373
"""
1374+
body = {
1375+
"client_id": request.client_id,
1376+
"client_secret": request.client_secret,
1377+
"scope": request.scope,
1378+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
1379+
}
13601380
return self.start_anonymous().uri('/oauth2/device_authorize') \
1361-
.body_handler(JSONBodyHandler(request)) \
1381+
.body_handler(FormDataBodyHandler(body)) \
13621382
.post() \
13631383
.go()
13641384

@@ -1464,8 +1484,17 @@ def exchange_o_auth_code_for_access_token_using_pkce_with_request(self, request)
14641484
Attributes:
14651485
request: The PKCE OAuth code access token exchange request.
14661486
"""
1487+
body = {
1488+
"client_id": request.client_id,
1489+
"client_secret": request.client_secret,
1490+
"code": request.code,
1491+
"code_verifier": request.code_verifier,
1492+
"grant_type": request.grant_type,
1493+
"redirect_uri": request.redirect_uri,
1494+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
1495+
}
14671496
return self.start_anonymous().uri('/oauth2/token') \
1468-
.body_handler(JSONBodyHandler(request)) \
1497+
.body_handler(FormDataBodyHandler(body)) \
14691498
.post() \
14701499
.go()
14711500

@@ -1477,8 +1506,16 @@ def exchange_o_auth_code_for_access_token_with_request(self, request):
14771506
Attributes:
14781507
request: The OAuth code access token exchange request.
14791508
"""
1509+
body = {
1510+
"client_id": request.client_id,
1511+
"client_secret": request.client_secret,
1512+
"code": request.code,
1513+
"grant_type": request.grant_type,
1514+
"redirect_uri": request.redirect_uri,
1515+
"tenantId": request.tenantId,
1516+
}
14801517
return self.start_anonymous().uri('/oauth2/token') \
1481-
.body_handler(JSONBodyHandler(request)) \
1518+
.body_handler(FormDataBodyHandler(body)) \
14821519
.post() \
14831520
.go()
14841521

@@ -1516,8 +1553,17 @@ def exchange_refresh_token_for_access_token_with_request(self, request):
15161553
Attributes:
15171554
request: The refresh token access token exchange request.
15181555
"""
1556+
body = {
1557+
"client_id": request.client_id,
1558+
"client_secret": request.client_secret,
1559+
"grant_type": request.grant_type,
1560+
"refresh_token": request.refresh_token,
1561+
"scope": request.scope,
1562+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
1563+
"user_code": request.user_code,
1564+
}
15191565
return self.start_anonymous().uri('/oauth2/token') \
1520-
.body_handler(JSONBodyHandler(request)) \
1566+
.body_handler(FormDataBodyHandler(body)) \
15211567
.post() \
15221568
.go()
15231569

@@ -1569,8 +1615,18 @@ def exchange_user_credentials_for_access_token_with_request(self, request):
15691615
Attributes:
15701616
request: The user credentials access token exchange request.
15711617
"""
1618+
body = {
1619+
"client_id": request.client_id,
1620+
"client_secret": request.client_secret,
1621+
"grant_type": request.grant_type,
1622+
"password": request.password,
1623+
"scope": request.scope,
1624+
"tenantId": request.tenantId,
1625+
"user_code": request.user_code,
1626+
"username": request.username,
1627+
}
15721628
return self.start_anonymous().uri('/oauth2/token') \
1573-
.body_handler(JSONBodyHandler(request)) \
1629+
.body_handler(FormDataBodyHandler(body)) \
15741630
.post() \
15751631
.go()
15761632

@@ -1770,8 +1826,13 @@ def introspect_access_token_with_request(self, request):
17701826
Attributes:
17711827
request: The access token introspection request.
17721828
"""
1829+
body = {
1830+
"client_id": request.client_id,
1831+
"tenantId": request.tenantId,
1832+
"token": request.token,
1833+
}
17731834
return self.start_anonymous().uri('/oauth2/introspect') \
1774-
.body_handler(JSONBodyHandler(request)) \
1835+
.body_handler(FormDataBodyHandler(body)) \
17751836
.post() \
17761837
.go()
17771838

@@ -1797,8 +1858,12 @@ def introspect_client_credentials_access_token_with_request(self, request):
17971858
Attributes:
17981859
request: The client credentials access token.
17991860
"""
1861+
body = {
1862+
"tenantId": request.tenantId,
1863+
"token": request.token,
1864+
}
18001865
return self.start_anonymous().uri('/oauth2/introspect') \
1801-
.body_handler(JSONBodyHandler(request)) \
1866+
.body_handler(FormDataBodyHandler(body)) \
18021867
.post() \
18031868
.go()
18041869

@@ -3663,8 +3728,12 @@ def retrieve_user_code_using_api_key_with_request(self, request):
36633728
Attributes:
36643729
request: The user code retrieval request including optional tenantId.
36653730
"""
3731+
body = {
3732+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
3733+
"user_code": request.user_code,
3734+
}
36663735
return self.start_anonymous().uri('/oauth2/device/user-code') \
3667-
.body_handler(JSONBodyHandler(request)) \
3736+
.body_handler(FormDataBodyHandler(body)) \
36683737
.post() \
36693738
.go()
36703739

@@ -3677,8 +3746,14 @@ def retrieve_user_code_with_request(self, request):
36773746
Attributes:
36783747
request: The user code retrieval request.
36793748
"""
3749+
body = {
3750+
"client_id": request.client_id,
3751+
"client_secret": request.client_secret,
3752+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
3753+
"user_code": request.user_code,
3754+
}
36803755
return self.start_anonymous().uri('/oauth2/device/user-code') \
3681-
.body_handler(JSONBodyHandler(request)) \
3756+
.body_handler(FormDataBodyHandler(body)) \
36823757
.post() \
36833758
.go()
36843759

@@ -5027,8 +5102,13 @@ def validate_device_with_request(self, request):
50275102
Attributes:
50285103
request: The device validation request.
50295104
"""
5105+
body = {
5106+
"client_id": request.client_id,
5107+
"tenantId": str(request.tenantId) if request.tenantId is not None else None,
5108+
"user_code": request.user_code,
5109+
}
50305110
return self.start_anonymous().uri('/oauth2/device/validate') \
5031-
.body_handler(JSONBodyHandler(request)) \
5111+
.body_handler(FormDataBodyHandler(body)) \
50325112
.post() \
50335113
.go()
50345114

0 commit comments

Comments
 (0)