added role to security token check

461a987e · Manuel · cf0da34f · 461a987e · 461a987e
Commit 461a987e authored Jul 30, 2020 by Manuel
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 5 deletions

token_service.py ...tage-discovery-microservice/app/services/token_service.py +2 -0

security_util.py src/modules/security/security_util.py +7 -5

No files found.
--- a/src/data-hub/role-stage-discovery-microservice/app/services/token_service.py
+++ b/src/data-hub/role-stage-discovery-microservice/app/services/token_service.py
+from security import security_utils as security
+
 def verifyTokenRegular(token, required_scopes):
    # TODO call restGateway to verify the token
    return {}

--- a/src/modules/security/security_util.py
+++ b/src/modules/security/security_util.py
@@ -11,13 +11,15 @@ class TokenStash:
    to the user-microservice
    '''
    trusted_tokens = {}
+    roles = {}

    @staticmethod
-    def add(token: str, username: str):
+    def add(token: str, username: str, role: str):
        '''
        adds a verified token to the stash
        '''
        TokenStash.trusted_tokens[token] = username
+        TokenStash.roles[token] = role

    @staticmethod
    def is_token_cached(token: str) -> str:
@@ -25,8 +27,8 @@ class TokenStash:
        returns the associated username to a token, None otherwise
        '''

-        if token in TokenStash.trusted_tokens:
-            return TokenStash.trusted_tokens[token]
+        if token in TokenStash.trusted_tokens and token in TokenStash.roles:
+            return {"sub": TokenStash.trusted_tokens[token], "role": TokenStash.roles[token]}

        return None

@@ -62,5 +64,5 @@ def decodeToken(token: str) -> Dict:
        raise ValueError(
            f"Validation of token failed (missing field in verification response)!")

-    TokenStash.add(token, data["username"])
-    return {"sub": data["username"]}
+    TokenStash.add(token, data["username"], data["role"])
+    return {"sub": data["username"], "role": data["role"]}