search

tokusumi / fastapi-cloudauth

Simple integration between FastAPI and cloud authentication services (AWS Cognito, Auth0, Firebase Authentication).
MIT License
336 stars 34 forks source link

Auth0 scopes possibly not working correctly #13

Open dorinclisu opened 3 years ago

dorinclisu commented 3 years ago

I tried replicating the tests and they all pass in theory, but I noticed the permissions fail to set (403 response).

collecting ... 
-------------------------------------------------------------------------------- live log collection --------------------------------------------------------------------------------
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /dbconnections/signup HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443

DEBUG urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /api/v2/users/auth0%7C5fe724da128f9f00699d0c67/permissions HTTP/1.1" 403 None

DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "POST /oauth/token HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None
DEBUG    urllib3.connectionpool:connectionpool.py:971 Starting new HTTPS connection (1): awsvideo.eu.auth0.com:443
DEBUG    urllib3.connectionpool:connectionpool.py:452 https://awsvideo.eu.auth0.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None
collected 14 items                                                                                                                                                                  

tests/test_auth0.py::test_valid_token 
----------------------------------------------------------------------------------- live log call -----------------------------------------------------------------------------------
DEBUG    asyncio:selector_events.py:59 Using selector: KqueueSelector
PASSED                                                                                                                                                                        [  7%]
tests/test_auth0.py::test_no_token PASSED                                                                                                                                     [ 14%]
tests/test_auth0.py::test_incompatible_kid_token PASSED                                                                                                                       [ 21%]
tests/test_auth0.py::test_no_kid_token PASSED                                                                                                                                 [ 28%]
tests/test_auth0.py::test_not_verified_token PASSED                                                                                                                           [ 35%]
tests/test_auth0.py::test_valid_scope PASSED                                                                                                                                  [ 42%]
tests/test_auth0.py::test_invalid_scope PASSED                                                                                                                                [ 50%]
tests/test_auth0.py::test_get_current_user PASSED                                                                                                                             [ 57%]
tests/test_auth0.py::test_not_verified_user_no_error PASSED                                                                                                                   [ 64%]
tests/test_auth0.py::test_insufficient_current_user_info PASSED                                                                                                               [ 71%]
tests/test_auth0.py::test_insufficient_current_user_info_no_error PASSED                                                                                                      [ 78%]
tests/test_base.py::test_raise_error_invalid_set_scope PASSED                                                                                                                 [ 85%]
tests/test_base.py::test_return_instance_with_scope PASSED                                                                                                                    [ 92%]
tests/test_base.py::test_forget_def_user_info PASSED                                                                                                                          [100%]

================================================================================ 14 passed in 4.44s =================================================================================
Screenshot 2020-12-26 at 14 15 43
jtarang commented 3 years ago

@dorinclisu Thanks for making this. Comments linking this issue with another issue. https://github.com/tokusumi/fastapi-cloudauth/issues/14#issuecomment-751428527

tokusumi commented 3 years ago

Thank you for your feedback @dorinclisu and sorry for terrible late response 🙇 🙇 🙇

this is caused bug in test code. v0.3.0 was released in Pypi, including fix this. contribution guide could help to reproduce testing if you have interests even now.