From b311dfca468977c4734d0db5e4f167ebc76e2cf4 Mon Sep 17 00:00:00 2001 From: Grant Gainey Date: Mon, 26 Aug 2024 09:56:46 -0400 Subject: [PATCH] Fix failure-edge-cases in outh2-client-workflow. (cherry picked from commit c4f8665402d64ca9b5e6e4991664a310f0f51063) --- CHANGES/pulp-glue/+fix_auth_regression.bugfix | 1 + pulp-glue/pulp_glue/common/openapi.py | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 CHANGES/pulp-glue/+fix_auth_regression.bugfix diff --git a/CHANGES/pulp-glue/+fix_auth_regression.bugfix b/CHANGES/pulp-glue/+fix_auth_regression.bugfix new file mode 100644 index 000000000..3ed6f50f1 --- /dev/null +++ b/CHANGES/pulp-glue/+fix_auth_regression.bugfix @@ -0,0 +1 @@ +Addressed some edge-case failures in the oauth2-client workflow. diff --git a/pulp-glue/pulp_glue/common/openapi.py b/pulp-glue/pulp_glue/common/openapi.py index 935390775..b6ca6ba63 100644 --- a/pulp-glue/pulp_glue/common/openapi.py +++ b/pulp-glue/pulp_glue/common/openapi.py @@ -102,16 +102,20 @@ def __call__( authorized_schemes.append(security_schemes[name]) authorized_schemes_types.add(security_schemes[name]["type"]) + # Check for oauth2 scheme first if "oauth2" in authorized_schemes_types: for flow in authorized_schemes: if flow["type"] == "oauth2": oauth2_flow = OpenAPISecurityScheme(flow) + # We "know" we'll have an outh2-flow here if oauth2_flow.flow_type == "client_credentials": result = self.oauth2_client_credentials_auth(oauth2_flow) - if result: - return result - elif "http" in authorized_schemes_types: + if result: + return result + + # if we get here, either no-oauth2, OR we couldn't find creds + if "http" in authorized_schemes_types: result = self.basic_auth() if result: return result