Merge pull request #371 from uc-cdis/fix/upgrade-flask

Fix/upgrade flask
uc-cdis · Nov 14, 2023 · 575d497 · 575d497
2 parents 2fef5c0 + d628bec
commit 575d497
Show file tree

Hide file tree

Showing 4 changed files with 482 additions and 515 deletions.
diff --git a/docs/local_dev_environment.md b/docs/local_dev_environment.md
@@ -150,7 +150,8 @@ To install the implementation, assure you have poetry installed and simply run:
 poetry install
 ```
 
-To see how the automated tests (run in Travis CI) install Indexd, check out the `.travis.yml` file in the root directory of this repository.
+The automated tests are configured in `.github/workflows/ci.yaml`. The Indexd repo has a
+`tests/ci_commands_script.sh` script that the workflow calls.
 
 ## Installation with Docker
 
@@ -185,7 +186,7 @@ Follow [installation](#installation) guidance and make sure your virtual environ
 You can then update the python dependencies and test from the repository root directory:
 
 ```console
-python3 -m pytest -vv --cov=indexd --cov-report xml --junitxml="test-results.xml" tests
+poetry run pytest -vv --cov=indexd --cov-report xml tests
 ```
 
 > If you're in `wsl1`, you may encounter an error such as `ImportMismatchError` when running pytest.  If this is the case, you can rename the `./tests/__pycache__` folder to `./tests/__pycache__Backup` and re-run the tests.

diff --git a/indexd/auth/__init__.py b/indexd/auth/__init__.py
@@ -23,17 +23,19 @@ def check_auth(*args, **kwargs):
             if not request.authorization:
                 raise AuthError("Username / password required.")
             current_app.auth.auth(
-                request.authorization.username, request.authorization.password
+                request.authorization.parameters.get("username"),
+                request.authorization.parameters.get("password"),
             )
 
             return f(*args, **kwargs)
 
         return check_auth
     else:
         method, resources = p
-        if request.authorization:
+        if request.authorization and request.authorization.type == "basic":
             current_app.auth.auth(
-                request.authorization.username, request.authorization.password
+                request.authorization.parameters.get("username"),
+                request.authorization.parameters.get("password"),
             )
         else:
             if not isinstance(resources, list):