Skip to content

Commit

Permalink
Merge pull request #845 from rokwire/release/1.12.1
Browse files Browse the repository at this point in the history
Release/1.12.1
  • Loading branch information
sandeep-ps authored Dec 8, 2021
2 parents f38cff4 + 0618593 commit 9236116
Show file tree
Hide file tree
Showing 15 changed files with 51 additions and 30 deletions.
17 changes: 16 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,20 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

## [1.12.1] - 2021-12-08
### Changed
- Contributions Catalog login callback endpoint to /catalog/auth/callback. [#803](https://github.com/rokwire/rokwire-building-blocks-api/issues/803)

### Fixed
- Catalog redirects to error page when the contribution request is not published. [#774](https://github.com/rokwire/rokwire-building-blocks-api/issues/774)
- Successful POST of contribution redirect to contribution details page. [#777](https://github.com/rokwire/rokwire-building-blocks-api/issues/777)
- Added additional env variable for audience for ROKWIRE_AUTH_HOST tokens. [#842](https://github.com/rokwire/rokwire-building-blocks-api/issues/842)

### Security
- String comparisons to constant time comparisons in auth middleware library. [#825](https://github.com/rokwire/rokwire-building-blocks-api/issues/825)

## [1.12.0] - 2021-11-19
### Added
- Add edit contribution capability in catalog. [#737](https://github.com/rokwire/rokwire-building-blocks-api/issues/737)
Expand Down Expand Up @@ -411,7 +425,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Removed
- References to AWS keys and variables in the Events Building Block.

[Unreleased]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.12.0...HEAD
[Unreleased]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.12.1...HEAD
[1.12.1]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.12.0...1.12.1
[1.12.0]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.11.3...1.12.0
[1.11.3]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.11.2...1.11.3
[1.11.2]: https://github.com/rokwire/rokwire-building-blocks-api/compare/1.11.1...1.11.2
Expand Down
1 change: 1 addition & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ Patches for **Rokwire Building Blocks** in this repository will only be applied

| Version | Supported |
| ------- | ------------------ |
| 1.12.1 | :white_check_mark: |
| 1.12.0 | :white_check_mark: |
| 1.11.3 | :white_check_mark: |
| 1.11.2 | :white_check_mark: |
Expand Down
2 changes: 1 addition & 1 deletion appconfigservice/appconfig.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.0
info:
title: Rokwire App Config Building Block API
description: App Config Building Block API Documentation
version: 1.12.0
version: 1.12.1
servers:
- url: https://api.rokwire.illinois.edu
description: Production server
Expand Down
2 changes: 1 addition & 1 deletion authservice/auth.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.2
info:
title: Rokwire Auth Building Block API
description: Authentication Building Block API Documentation
version: 1.12.0
version: 1.12.1
paths:
/authentication/phone-initiate:
post:
Expand Down
2 changes: 1 addition & 1 deletion contributions/catalog/catalog_rest_service.py
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ def login():


# Step 2: User authorization, this happens on the provider.
@app.route("/contributions/catalog/auth/callback", methods=["GET"])
@app.route("/catalog/auth/callback", methods=["GET"])
def callback():
""" Step 3: Retrieving an access token.
"""
Expand Down
24 changes: 12 additions & 12 deletions contributions/catalog/controllers/contribute.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@
import json
import logging
import traceback

import requests

from flask import (
Blueprint, render_template, request, session, redirect, url_for
)
Expand Down Expand Up @@ -323,21 +323,19 @@ def create():
contribution = to_contribution(result)
# add contributionAdmins to the json_contribution
contribution = jsonutil.add_contribution_admins(contribution)
contribution["status"] = "Submitted"
json_contribution = json.dumps(contribution, indent=4)
response, s = post_contribution(json_contribution)
response, s, post_json = post_contribution(json_contribution)

if response:
if "name" in session:
return render_template('contribute/submitted.html', user=session["name"], token=session['oauth_token']['access_token'])
else:
return render_template('contribute/submitted.html')
return redirect(url_for('contribute.contribution_details', contribution_id=s))
elif not response:
logging.error(s)
s = "Contribution submission failed. Please try again after some time!"
msg = "Contribution submission failed. Please try again after some time!"
if "name" in session:
return render_template('contribute/error.html', user=session["name"], token=session['oauth_token']['access_token'], error_msg=s)
return render_template('contribute/error.html', user=session["name"], token=session['oauth_token']['access_token'], error_msg=msg)
else:
return render_template('contribute/error.html', error_msg=s)
return render_template('contribute/error.html', error_msg=msg)

# get capability list to create required capability list
header = requestutil.get_header_using_session(session)
Expand Down Expand Up @@ -380,13 +378,15 @@ def post_contribution(json_data):
return False, str("post method fails with error: ") + str(result.status_code) \
+ ": " + str(err_msg)
else:
# parse contribution id from response
result_str = result.content.decode("utf-8").replace("\n", "")
contribution_id = json.loads(result_str)["id"]
logging.info("posted ok.".format(json_data))
return True, str("post success!")
return True, contribution_id, json.loads(json_data.replace("\n",""))

except Exception:
traceback.print_exc()
var = traceback.format_exc()
return False, var
return False, var, None

# PUT a json_data in a http request
def put_contribution(json_data, contribution_id):
Expand Down
2 changes: 1 addition & 1 deletion contributions/catalog/models/contribution_utilities.py
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ def to_contact(d):
for k, v in d.items():
if "contact_" in k:
name = k.split("contact_")[-1]
print(name, v)
# print(name, v)
cont[name] = v[0]
return res

Expand Down
2 changes: 1 addition & 1 deletion contributions/catalog/models/talent_utilities.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def to_talent(d):
talent['id'] = tal_id

for k, v in d.items():
print(k, v)
# print(k, v)
if "minUserPrivacyLevel" in k:
if len(v[i]) > 0:
talent_list[i]["minUserPrivacyLevel"] = int(v[i])
Expand Down
7 changes: 5 additions & 2 deletions contributions/catalog/webapps/templates/contribute/error.html
Original file line number Diff line number Diff line change
Expand Up @@ -128,9 +128,12 @@
<div class="main">
<h1></h1>
<h1>Contribution Catalog / Packager</h1>
<hr>

{{ error_msg }}
<h3>{{ error_msg }}</h3>

{% if error_detail %}
<BR>{{ error_detail }}
{% endif %}

<!-- END GRID -->
</div>
Expand Down
2 changes: 1 addition & 1 deletion contributions/contribution.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.0
info:
title: Rokwire Contributions Building Block API
description: Contributions Building Block API Documentation
version: 1.12.0
version: 1.12.1
servers:
- url: https://api.rokwire.illinois.edu
description: Production server
Expand Down
2 changes: 1 addition & 1 deletion eventservice/events.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.0
info:
title: Rokwire Events Building Block API
description: Events Building Block API Documentation
version: 1.12.0
version: 1.12.1
servers:
- url: https://api.rokwire.illinois.edu
description: Production server
Expand Down
9 changes: 5 additions & 4 deletions lib/auth-middleware/auth_middleware/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
# limitations under the License.

import base64
import hmac
import json
import logging
import os
Expand Down Expand Up @@ -156,7 +157,7 @@ def verify_secret(request):
# Otherwise, an error is raised.
keys = os.getenv('ROKWIRE_API_KEY').strip().split(',')
for test_key in keys:
if key == test_key.strip(): # just in case there are embedded blanks
if hmac.compare_digest(key, test_key.strip()): # just in case there are embedded blanks
return True
# failed matching means unauthorized in this context.
raise OAuthProblem('Invalid API Key')
Expand All @@ -181,7 +182,7 @@ def verify_core_token(group_name=None):
if issuer == ROKWIRE_AUTH_HOST:
keyset = get_keyset(ROKWIRE_AUTH_HOST + ROKWIRE_AUTH_KEY_PATH)
target_client_ids = re.split(
',', (os.getenv('ROKWIRE_API_CLIENT_ID', '')).replace(" ", ""))
',', (os.getenv('ROKWIRE_AUTH_AUD', '')).replace(" ", ""))
id_info = decode_id_token(id_token, keyset, target_client_ids, kid)
g.user_token_data = id_info
g.user_token = id_token
Expand All @@ -201,7 +202,7 @@ def verify_apikey(key, required_scopes=None):
# Otherwise, an error is raised.
keys = os.getenv('ROKWIRE_API_KEY').strip().split(',')
for test_key in keys:
if key == test_key.strip(): # just in case there are embedded blanks
if hmac.compare_digest(key, test_key.strip()): # just in case there are embedded blanks
return {'token_valid': True}
else:
raise OAuthProblem('Invalid API Key')
Expand Down Expand Up @@ -266,7 +267,7 @@ def verify_core_userauth(id_token, group_name=None, internal_token_only=False):
valid_issuer = True
keyset = get_keyset(ROKWIRE_AUTH_HOST + ROKWIRE_AUTH_KEY_PATH)
target_client_ids = re.split(
',', (os.getenv('ROKWIRE_API_CLIENT_ID', '')).replace(" ", ""))
',', (os.getenv('ROKWIRE_AUTH_AUD', '')).replace(" ", ""))

elif issuer == ROKWIRE_ISSUER:
valid_issuer = True
Expand Down
5 changes: 3 additions & 2 deletions lib/auth-middleware/readme.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,6 @@ ROKWIRE_AUTH_HOST is the issuer of the token generated by the core building bloc
For example, `ROKWIRE_AUTH_HOST`=https://api-dev.rokwire.illinois.edu/core
ROKWIRE_AUTH_KEY_PATH is the endpoint for fetching the auth public key
For example, `ROKWIRE_AUTH_KEY_PATH`=/tps/auth-keys
ROKWIRE_API_CLIENT_ID is the audience of the rokwire id token
For example, `ROKWIRE_API_CLIENT_ID`=rokwire
ROKWIRE_API_CLIENT_ID is the audience of the issuer ROKWIRE_ISSUER
ROKWIRE_AUTH_AUD is the audience of the issuer ROKWIRE_AUTH_HOST
For example, `ROKWIRE_AUTH_AUD`=rokwire
2 changes: 1 addition & 1 deletion loggingservice/logging.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.0
info:
title: Rokwire Logging Building Block API
description: Logging Building Block API Documentation
version: 1.12.0
version: 1.12.1
servers:
- url: https://api.rokwire.illinois.edu
description: Production server
Expand Down
2 changes: 1 addition & 1 deletion profileservice/profile.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ openapi: 3.0.0
info:
title: Rokwire Profile Building Block API
description: Profile Building Block API Documentation
version: 1.12.0
version: 1.12.1
servers:
- url: https://api.rokwire.illinois.edu
description: Production server
Expand Down

0 comments on commit 9236116

Please sign in to comment.