|
6 | 6 |
|
7 | 7 | from aiohttp import ClientSession |
8 | 8 | from fastapi import Depends, HTTPException, Request |
9 | | -from starlette import status |
| 9 | +from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN |
10 | 10 |
|
11 | 11 | from blueapi.config import OIDCConfig, OpaConfig, ServiceAccount |
12 | 12 | from blueapi.service.authentication import TiledAuth, unchecked_bearer_token |
@@ -73,7 +73,7 @@ async def require_submit_task(self, instrument_session: str, token: str): |
73 | 73 | "visit": int(match["visit"]), |
74 | 74 | }, |
75 | 75 | ): |
76 | | - raise HTTPException(status_code=status.HTTP_403_UNORTHORIZED) |
| 76 | + raise HTTPException(status_code=HTTP_403_FORBIDDEN) |
77 | 77 |
|
78 | 78 | async def is_admin(self, token: str) -> bool: |
79 | 79 | return await self._call_opa(self._conf.admin_check, {"token": token}) |
@@ -118,13 +118,13 @@ async def opa( |
118 | 118 |
|
119 | 119 | if opa := cast(OpaClient | None, getattr(request.app.state, "authz", None)): |
120 | 120 | if not token: |
121 | | - raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED) |
| 121 | + raise HTTPException(status_code=HTTP_401_UNAUTHORIZED) |
122 | 122 | return OpaUserClient(opa, token) |
123 | 123 | return None |
124 | 124 |
|
125 | 125 |
|
126 | 126 | async def submit_permission( |
127 | | - opa: Annotated[OpaUserClient, Depends(opa)], |
| 127 | + opa: Annotated[OpaUserClient | None, Depends(opa)], |
128 | 128 | task_request: TaskRequest, |
129 | 129 | ): |
130 | 130 | if opa: |
|
0 commit comments