mirror of
https://github.com/quay/quay.git
synced 2026-01-27 18:42:52 +03:00
fca67e7729
* Add dev dependencies mypy and typing * Add makefile target `types-test`, not yet included in `test` target. * Generate stubs for imported modules to avoid mypy complaining about missing types. * Remove generated stubs as there are way too many and they cause tons of mess in the repo. Switched to ignoring untyped modules for now, to concentrate on Quay-only type checking. * mypy config changed to ignore missing imports * ignore property decorator as it is not supported by mypy * mypy annotations for many configuration variables * re-generate mypy_stubs directory as its necessary in some classes for base classes to prevent mypy errors * util/registry/queuefile referred to non existent definition of Empty class in multiprocessing.queues * ignore type checking for things like monkey patching and exported/re-imported objects that mypy does not allow. * Adjust mypy config to warn us about unreachable return paths and useless expressions. * Add the __annotations__ property to INTERNAL_ONLY_PROPERTIES so that it is not part of the config schema testing * Remove redundant dependencies `typing` and `typing-extensions` which are NOOP after Python 3.5 * Remove mypy-extensions which only provides a TypedDict implementation but has not been updated since 2019. * updated mypy to 0.910 which requires all types packages to be installed manually. * exclude local-dev from type checking until core team can suggest an outcome for __init__.py duplicate packages * re-add typing dependency which will be needed until Python 3.9 * ignore .mypy_cache * add mypy stub for features module to replace inline definitions * import annotations eager evaluation in billing.py as it was required to reference a class declared later in the module. * remove the type definition of V1ProtocolSteps/V2ProtocolSteps to make tox happy
60 lines
2.3 KiB
Python
60 lines
2.3 KiB
Python
from typing import Optional
|
|
from oauth.services.github import GithubOAuthService
|
|
from util.config.validators import BaseValidator, ConfigValidationException
|
|
|
|
|
|
class BaseGitHubValidator(BaseValidator):
|
|
name: Optional[str] = None
|
|
config_key: Optional[str] = None
|
|
|
|
@classmethod
|
|
def validate(cls, validator_context):
|
|
"""
|
|
Validates the OAuth credentials and API endpoint for a Github service.
|
|
"""
|
|
config = validator_context.config
|
|
client = validator_context.http_client
|
|
url_scheme_and_hostname = validator_context.url_scheme_and_hostname
|
|
|
|
github_config = config.get(cls.config_key)
|
|
if not github_config:
|
|
raise ConfigValidationException("Missing GitHub client id and client secret")
|
|
|
|
endpoint = github_config.get("GITHUB_ENDPOINT")
|
|
if not endpoint:
|
|
raise ConfigValidationException("Missing GitHub Endpoint")
|
|
|
|
if endpoint.find("http://") != 0 and endpoint.find("https://") != 0:
|
|
raise ConfigValidationException("Github Endpoint must start with http:// or https://")
|
|
|
|
if not github_config.get("CLIENT_ID"):
|
|
raise ConfigValidationException("Missing Client ID")
|
|
|
|
if not github_config.get("CLIENT_SECRET"):
|
|
raise ConfigValidationException("Missing Client Secret")
|
|
|
|
if github_config.get("ORG_RESTRICT") and not github_config.get("ALLOWED_ORGANIZATIONS"):
|
|
raise ConfigValidationException(
|
|
"Organization restriction must have at least one allowed " + "organization"
|
|
)
|
|
|
|
oauth = GithubOAuthService(config, cls.config_key)
|
|
result = oauth.validate_client_id_and_secret(client, url_scheme_and_hostname)
|
|
if not result:
|
|
raise ConfigValidationException("Invalid client id or client secret")
|
|
|
|
if github_config.get("ALLOWED_ORGANIZATIONS"):
|
|
for org_id in github_config.get("ALLOWED_ORGANIZATIONS"):
|
|
if not oauth.validate_organization(org_id, client):
|
|
raise ConfigValidationException("Invalid organization: %s" % org_id)
|
|
|
|
|
|
class GitHubLoginValidator(BaseGitHubValidator):
|
|
name = "github-login"
|
|
config_key = "GITHUB_LOGIN_CONFIG"
|
|
|
|
|
|
class GitHubTriggerValidator(BaseGitHubValidator):
|
|
name = "github-trigger"
|
|
config_key = "GITHUB_TRIGGER_CONFIG"
|