diff --git a/README.rst b/README.rst index 8940221d..11b0d380 100644 --- a/README.rst +++ b/README.rst @@ -183,6 +183,13 @@ DB Models Changelog ========= +v. 0.5.1 +-------- + +* Update `/oauth/verify` API response format (`#68 `_) +* Fix bug where collections would read the wrong active/inactive state from bibdb.libris.kb.se + + v. 0.5.0 -------- diff --git a/package-lock.json b/package-lock.json index 0291e5da..1c56d202 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "xl_auth", - "version": "0.5.0", + "version": "0.5.1", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 5693772c..e0871554 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "xl_auth", - "version": "0.5.0", + "version": "0.5.1", "author": "National Library of Sweden", "license": "Apache-2.0", "description": "OAuth2 authorization for LibrisXL, replacing BibDB counterpart", diff --git a/tests/end2end/test_oauth.py b/tests/end2end/test_oauth.py index cf1a6a5e..dc7f49ce 100644 --- a/tests/end2end/test_oauth.py +++ b/tests/end2end/test_oauth.py @@ -105,3 +105,15 @@ def test_get_access_token(grant, testapp): assert res.json_body['access_token'] == token.access_token assert res.json_body['refresh_token'] == token.refresh_token assert res.json_body['version'] == __version__ + + +def test_verify_response(token, testapp): + """Get user details and token expiry.""" + res = testapp.get(url_for('oauth.verify'), + headers={'Authorization': str('Bearer ' + token.access_token)}) + + assert res.json_body['expires_at'] == token.expires_at.isoformat() + assert res.json_body['user']['full_name'] == token.user.full_name + assert res.json_body['user']['email'] == token.user.email + + assert len(res.json_body['user']['permissions']) == len(token.user.permissions) diff --git a/xl_auth/commands.py b/xl_auth/commands.py index eea7e92b..65ff27a9 100644 --- a/xl_auth/commands.py +++ b/xl_auth/commands.py @@ -246,7 +246,7 @@ def _get_collection_details_from_bibdb(code): 'friendly_name': friendly_name, 'code': bibdb_api_data['sigel'], 'category': category, - 'active': not bool(bibdb_api_data['sigel_new']), + 'active': bibdb_api_data['alive'], 'replaces': bibdb_api_data['sigel_old'], 'replaced_by': bibdb_api_data['sigel_new'] } @@ -445,7 +445,12 @@ def _get_manually_deleted_permissions(): continue collection = Collection.query.filter_by(code=details['code']).first() - if not collection: + if collection: + if collection.active != details['active']: + collection.active = details['active'] + collection.save() + print('corrected collection %r: active=%s' % (collection.code, collection.active)) + else: collection = Collection.create(**details) collection.save() diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py index 0a45c693..e6784412 100644 --- a/xl_auth/oauth/views.py +++ b/xl_auth/oauth/views.py @@ -4,7 +4,6 @@ from __future__ import absolute_import, division, print_function, unicode_literals from datetime import datetime, timedelta -from time import time from flask import Blueprint, current_app, jsonify, render_template, request from flask_login import current_user, login_required @@ -110,20 +109,14 @@ def verify(): assert isinstance(user, User) return jsonify( - exp=(time() + 3600) * 1000, - expires_at=oauth.expires_at.isoformat(), - qsh='mumbojumbo', + expires_at=oauth.access_token.expires_at.isoformat(), user={ - 'username': user.email, + 'full_name': user.full_name, 'email': user.email, - 'authorization': [{'sigel': permission.collection.code, - 'code': permission.collection.code, - 'cataloger': permission.cataloger, - 'registrant': permission.registrant, - 'cataloging_admin': permission.cataloging_admin, - 'kat': permission.cataloging_admin, - 'xlreg': permission.cataloging_admin} - for permission in user.permissions] + 'permissions': [{'code': permission.collection.code, + 'cataloger': permission.cataloger, + 'registrant': permission.registrant} + for permission in user.permissions] } )