BOM-1264: add third-party-auth scope and usage #23135
Conversation
robrap
changed the title
robrap
force-pushed
the
robrap/BOM-1264-DOT-third-party-auth
branch
from
35e242d to
86c0fd1
Compare
Rather than manually setting the permission class we previously explicitly raised a PermissionDenied exception. The way DRF permissoning logic works, if we use the WWW-Authenticate header in the highest priority auth class, it will return a 401 instead of a 403.
Ensure that the filters we add to the application access model make it into the JWT correctly.
|
|
||
| @ddt.data( | ||
| (True, 200), | ||
| (False, 401) |
|
jenkins run python |
|
Your PR has finished running tests. There were no failures. |
|
EdX Release Notice: This PR has been deployed to the staging environment in preparation for a release to production. |
|
EdX Release Notice: This PR may have caused e2e tests to fail on Stage. If you're a member of the edX org, please visit #e2e-troubleshooting on Slack to help diagnose the cause of these failures. Otherwise, it is the reviewer's responsibility. E2E tests have failed. https://gocd.tools.edx.org/go/tab/pipeline/history/deploy_to_stage |
1 similar comment
|
EdX Release Notice: This PR may have caused e2e tests to fail on Stage. If you're a member of the edX org, please visit #e2e-troubleshooting on Slack to help diagnose the cause of these failures. Otherwise, it is the reviewer's responsibility. E2E tests have failed. https://gocd.tools.edx.org/go/tab/pipeline/history/deploy_to_stage |
|
EdX Release Notice: This PR has been deployed to the production environment. |
See two new ADRs in this PR to understand the purpose of this PR:
11. More General Scope Filter Support
12. Scope and filter for Third-Party Auth
BOM-1264