Lots of fixes

Author: MattyTheHacker

cogs/check_su_platform_authorisation.py

@@ -1,10 +1,8 @@
 """Contains cog classes for SU platform access cookie authorisation check interactions."""
 
 import logging
-from enum import Enum
 from typing import TYPE_CHECKING, override
 
-import bs4
 import discord
 from discord.ext import tasks
 
@@ -13,10 +11,13 @@
 from utils.error_capture_decorators import (
     capture_guild_does_not_exist_error,
 )
-from utils.msl import fetch_url_content_with_session
+from utils.msl import (
+    get_su_platform_access_cookie_status,
+    get_su_platform_organisations,
+)
 
 if TYPE_CHECKING:
-    from collections.abc import Iterable, Sequence
+    from collections.abc import Sequence
     from collections.abc import Set as AbstractSet
     from logging import Logger
     from typing import Final
@@ -38,130 +39,7 @@
 )
 
 
-class SUPlatformAccessCookieStatus(Enum):
-    """Enum class defining the status of the SU Platform Access Cookie."""
-
-    INVALID = (
-        logging.WARNING,
-        (
-            "The SU platform access cookie is not associated with any MSL user, "
-            "meaning it is invalid or expired."
-        ),
-    )
-    VALID = (
-        logging.WARNING,
-        (
-            "The SU platform access cookie is associated with a valid MSL user, "
-            "but is not an admin to any MSL organisations."
-        ),
-    )
-    AUTHORISED = (
-        logging.INFO,
-        (
-            "The SU platform access cookie is associated with a valid MSL user and "
-            "has access to at least one MSL organisation."
-        ),
-    )
-
-
-class CheckSUPlatformAuthorisationBaseCog(TeXBotBaseCog):
-    """Cog class that defines the base functionality for cookie authorisation checks."""
-
-    async def get_su_platform_access_cookie_status(self) -> SUPlatformAccessCookieStatus:
-        """Retrieve the current validity status of the SU platform access cookie."""
-        response_object: bs4.BeautifulSoup = bs4.BeautifulSoup(
-            await fetch_url_content_with_session(SU_PLATFORM_PROFILE_URL), "html.parser"
-        )
-        page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")
-        if not page_title or "Login" in str(page_title):
-            logger.warning("Token is invalid or expired.")
-            return SUPlatformAccessCookieStatus.INVALID
-
-        organisation_admin_url: str = (
-            f"{SU_PLATFORM_ORGANISATION_URL}/{settings['ORGANISATION_ID']}"
-        )
-        response_html: str = await fetch_url_content_with_session(organisation_admin_url)
-
-        if "admin tools" in response_html.lower():
-            return SUPlatformAccessCookieStatus.AUTHORISED
-
-        if "You do not have any permissions for this organisation" in response_html.lower():
-            return SUPlatformAccessCookieStatus.VALID
-
-        logger.warning(
-            "Unexpected response when checking SU platform access cookie authorisation."
-        )
-        return SUPlatformAccessCookieStatus.INVALID
-
-    async def get_su_platform_organisations(self) -> "Iterable[str]":
-        """Retrieve the MSL organisations the current SU platform cookie has access to."""
-        response_object: bs4.BeautifulSoup = bs4.BeautifulSoup(
-            await fetch_url_content_with_session(SU_PLATFORM_PROFILE_URL), "html.parser"
-        )
-
-        page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")
-
-        if not page_title:
-            logger.warning(
-                "Profile page returned no content when checking "
-                "SU platform access cookie's authorisation."
-            )
-            return ()
-
-        if "Login" in str(page_title):
-            logger.warning(
-                "Authentication redirected to login page. "
-                "SU platform access cookie is invalid or expired."
-            )
-            return ()
-
-        profile_section_html: bs4.Tag | bs4.NavigableString | None = response_object.find(
-            "div", {"id": "profile_main"}
-        )
-
-        if profile_section_html is None:
-            logger.warning(
-                "Couldn't find the profile section of the user "
-                "when scraping the SU platform's website HTML."
-            )
-            logger.debug("Retrieved HTML: %s", response_object.text)
-            return ()
-
-        user_name: bs4.Tag | bs4.NavigableString | int | None = profile_section_html.find("h1")
-
-        if not isinstance(user_name, bs4.Tag):
-            logger.warning(
-                "Found user profile on the SU platform but couldn't find their name."
-            )
-            logger.debug("Retrieved HTML: %s", response_object.text)
-            return ()
-
-        parsed_html: bs4.Tag | bs4.NavigableString | None = response_object.find(
-            "ul", {"id": "ulOrgs"}
-        )
-
-        if parsed_html is None or isinstance(parsed_html, bs4.NavigableString):
-            NO_ADMIN_TABLE_MESSAGE: Final[str] = (
-                f"Failed to retrieve the admin table for user: {user_name.string}. "
-                "Please check you have used the correct SU platform access token!"
-            )
-            logger.warning(NO_ADMIN_TABLE_MESSAGE)
-            return ()
-
-        organisations: Iterable[str] = [
-            list_item.get_text(strip=True) for list_item in parsed_html.find_all("li")
-        ]
-
-        logger.debug(
-            "SU platform access cookie has admin authorisation to: %s as user %s",
-            organisations,
-            user_name.text,
-        )
-
-        return organisations
-
-
-class CheckSUPlatformAuthorisationCommandCog(CheckSUPlatformAuthorisationBaseCog):
+class CheckSUPlatformAuthorisationCommandCog(TeXBotBaseCog):
     """Cog class that defines the "/check-su-platform-authorisation" command."""
 
     @discord.slash_command(

utils/msl/__init__.py

@@ -2,11 +2,14 @@
 
 from typing import TYPE_CHECKING
 
-from .authorisation import get_su_platform_access_cookie_status, get_su_platform_organisations
+from .authorisation import (
+    SUPlatformAccessCookieStatus,
+    get_su_platform_access_cookie_status,
+    get_su_platform_organisations,
+)
 from .memberships import (
     fetch_community_group_members_count,
     fetch_community_group_members_list,
-    fetch_url_content_with_session,
     is_id_a_community_group_member,
 )
 
@@ -15,8 +18,11 @@
 
 __all__: "Sequence[str]" = (
     "GLOBAL_SSL_CONTEXT",
+    "SUPlatformAccessCookieStatus",
     "fetch_community_group_members_count",
     "fetch_community_group_members_list",
     "fetch_url_content_with_session",
+    "get_su_platform_access_cookie_status",
+    "get_su_platform_organisations",
     "is_id_a_community_group_member",
 )

utils/msl/authorisation.py

@@ -1,16 +1,14 @@
 """Module for authorisation checks."""
 
 import logging
+from enum import Enum
 from typing import TYPE_CHECKING
 
-import aiohttp
 import bs4
 
-from cogs.check_su_platform_authorisation import SUPlatformAccessCookieStatus
 from config import settings
-from utils import GLOBAL_SSL_CONTEXT
 
-from .core import BASE_COOKIES, BASE_HEADERS
+from .core import su_platform_client
 
 if TYPE_CHECKING:
     from collections.abc import Iterable, Sequence
@@ -19,6 +17,7 @@
 
 
 __all__: "Sequence[str]" = (
+    "SUPlatformAccessCookieStatus",
     "get_su_platform_access_cookie_status",
     "get_su_platform_organisations",
 )
@@ -33,19 +32,36 @@
 )
 
 
-async def _fetch_url_content_with_session(url: str) -> str:
-    """Fetch the HTTP content at the given URL, using a shared aiohttp session."""
-    async with (
-        aiohttp.ClientSession(headers=BASE_HEADERS, cookies=BASE_COOKIES) as http_session,
-        http_session.get(url=url, ssl=GLOBAL_SSL_CONTEXT) as http_response,
-    ):
-        return await http_response.text()
+class SUPlatformAccessCookieStatus(Enum):
+    """Enum class defining the status of the SU Platform Access Cookie."""
+
+    INVALID = (
+        logging.WARNING,
+        (
+            "The SU platform access cookie is not associated with any MSL user, "
+            "meaning it is invalid or expired."
+        ),
+    )
+    VALID = (
+        logging.WARNING,
+        (
+            "The SU platform access cookie is associated with a valid MSL user, "
+            "but is not an admin to any MSL organisations."
+        ),
+    )
+    AUTHORISED = (
+        logging.INFO,
+        (
+            "The SU platform access cookie is associated with a valid MSL user and "
+            "has access to at least one MSL organisation."
+        ),
+    )
 
 
 async def get_su_platform_access_cookie_status() -> SUPlatformAccessCookieStatus:
     """Retrieve the current validity status of the SU platform access cookie."""
     response_object: bs4.BeautifulSoup = bs4.BeautifulSoup(
-        await _fetch_url_content_with_session(SU_PLATFORM_PROFILE_URL), "html.parser"
+        await su_platform_client.fetch_url_content(SU_PLATFORM_PROFILE_URL), "html.parser"
     )
     page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")
     if not page_title or "Login" in str(page_title):
@@ -55,7 +71,7 @@ async def get_su_platform_access_cookie_status() -> SUPlatformAccessCookieStatus
     organisation_admin_url: str = (
         f"{SU_PLATFORM_ORGANISATION_URL}/{settings['ORGANISATION_ID']}"
     )
-    response_html: str = await _fetch_url_content_with_session(organisation_admin_url)
+    response_html: str = await su_platform_client.fetch_url_content(organisation_admin_url)
 
     if "admin tools" in response_html.lower():
         return SUPlatformAccessCookieStatus.AUTHORISED
@@ -72,7 +88,7 @@ async def get_su_platform_access_cookie_status() -> SUPlatformAccessCookieStatus
 async def get_su_platform_organisations() -> "Iterable[str]":
     """Retrieve the MSL organisations the current SU platform cookie has access to."""
     response_object: bs4.BeautifulSoup = bs4.BeautifulSoup(
-        await _fetch_url_content_with_session(SU_PLATFORM_PROFILE_URL), "html.parser"
+        await su_platform_client.fetch_url_content(SU_PLATFORM_PROFILE_URL), "html.parser"
     )
 
     page_title: bs4.Tag | bs4.NavigableString | None = response_object.find("title")

utils/msl/core.py

@@ -4,7 +4,6 @@
 from typing import TYPE_CHECKING
 
 import aiohttp
-from bs4 import BeautifulSoup
 
 from config import settings
 from utils import GLOBAL_SSL_CONTEXT
@@ -20,46 +19,37 @@
 
 logger: "Final[Logger]" = logging.getLogger("TeX-Bot")
 
-
-BASE_HEADERS: "Final[Mapping[str, str]]" = {
-    "Cache-Control": "no-cache",
-    "Pragma": "no-cache",
-    "Expires": "0",
-}
-
-BASE_COOKIES: "Final[Mapping[str, str]]" = {
-    ".ASPXAUTH": settings["SU_PLATFORM_ACCESS_COOKIE"],
-}
-
 ORGANISATION_ID: "Final[str]" = settings["ORGANISATION_ID"]
 
 ORGANISATION_ADMIN_URL: "Final[str]" = (
     f"https://www.guildofstudents.com/organisation/admin/{ORGANISATION_ID}/"
 )
 
 
-async def get_msl_context(url: str) -> tuple[dict[str, str], dict[str, str]]:
-    """Get the required context headers, data and cookies to make a request to MSL."""
-    http_session: aiohttp.ClientSession = aiohttp.ClientSession(
-        headers=BASE_HEADERS,
-        cookies=BASE_COOKIES,
-    )
-    data_fields: dict[str, str] = {}
-    cookies: dict[str, str] = {}
-    async with http_session, http_session.get(url=url, ssl=GLOBAL_SSL_CONTEXT) as field_data:
-        data_response = BeautifulSoup(
-            markup=await field_data.text(),
-            features="html.parser",
-        )
-
-        for field in data_response.find_all(name="input"):
-            if field.get("name") and field.get("value"):
-                data_fields[field.get("name")] = field.get("value")
-
-        for cookie in field_data.cookies:
-            cookie_morsel: Morsel[str] | None = field_data.cookies.get(cookie)
-            if cookie_morsel is not None:
-                cookies[cookie] = cookie_morsel.value
-        cookies[".ASPXAUTH"] = settings["MEMBERS_LIST_AUTH_SESSION_COOKIE"]
-
-    return data_fields, cookies
+class SUPlatformClient:
+    """A client for making authenticated requests to the SU platform."""
+
+    def __init__(self) -> None:
+        self.headers: Mapping[str, str] = settings["SU_PLATFORM_WEB_HEADERS"]
+        self.cookies: Mapping[str, str] = settings["SU_PLATFORM_ACCESS_COOKIE"]
+
+    async def fetch_url_content(self, url: str) -> str:
+        async with (
+            aiohttp.ClientSession(headers=self.headers, cookies=self.cookies) as http_session,
+            http_session.get(url=url, ssl=GLOBAL_SSL_CONTEXT) as http_response,
+        ):
+            returned_asp_cookie: Morsel[str] | None = http_response.cookies.get(
+                ".AspNet.SharedCookie"
+            )
+            if not returned_asp_cookie:
+                return await http_response.text()
+
+            if returned_asp_cookie.value != self.cookies[".AspNet.SharedCookie"]:
+                logger.info("New SU platform access cookie given by server; updating local.")
+                self.cookies = {
+                    ".AspNet.SharedCookie": returned_asp_cookie.value,
+                }
+            return await http_response.text()
+
+
+su_platform_client: "Final[SUPlatformClient]" = SUPlatformClient()