Skip to content

Commit 9b1d259

Browse files
authored
fix: get fief config from env var (#1069)
* tmp * fix: get fief config from env var
1 parent 136c106 commit 9b1d259

3 files changed

Lines changed: 27 additions & 18 deletions

File tree

carbonserver/carbonserver/api/services/auth_providers/oidc_auth_provider.py

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
It can work with any OIDC-compliant provider (Fief, Keycloak, Auth0, etc.).
66
"""
77

8+
import logging
89
from typing import Any, Dict, Optional, Tuple
910

1011
from authlib.integrations.starlette_client import OAuth
@@ -16,6 +17,7 @@
1617

1718
DEFAULT_SIGNATURE_CACHE_TTL = 3600 # seconds
1819
OAUTH_SCOPES = ["openid", "email", "profile"]
20+
LOGGER = logging.getLogger(__name__)
1921

2022
fief = FiefAsync(
2123
settings.fief_url, settings.fief_client_id, settings.fief_client_secret
@@ -53,15 +55,23 @@ def get_client_credentials(self) -> Tuple[str, str]:
5355

5456
async def _decode_token(self, token: str) -> Dict[str, Any]:
5557
try:
58+
LOGGER.debug(f"Jwks_data: {token}")
59+
LOGGER.debug(f"Base url: {fief.base_url}")
60+
LOGGER.debug(f"Client id: {fief.client_id}")
61+
LOGGER.debug(f"User info: {await fief.userinfo(token)}")
5662
access_token_info = await fief.validate_access_token(token)
5763
return access_token_info
58-
except Exception:
64+
except Exception as e:
65+
LOGGER.error(f"Error validating access token: {e}")
5966
...
6067

6168
jwks_data = await self.client.fetch_jwk_set()
69+
LOGGER.debug(f"Jwks_data: {jwks_data}")
6270
keyset = JsonWebKey.import_key_set(jwks_data)
6371
claims = jose_jwt.decode(token, keyset)
6472
claims.validate()
73+
LOGGER.debug(f"Decoded claims: {claims}")
74+
LOGGER.debug(f"Claims validate: {claims.validate()}")
6575
return dict(claims)
6676

6777
async def validate_access_token(self, token: str) -> bool:

carbonserver/carbonserver/api/services/auth_service.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
import logging
12
from dataclasses import dataclass
23
from typing import Optional
34

@@ -14,6 +15,7 @@
1415
from carbonserver.container import ServerContainer
1516

1617
OAUTH_SCOPES = ["openid", "email", "profile"]
18+
LOGGER = logging.getLogger(__name__)
1719

1820

1921
@dataclass
@@ -60,6 +62,9 @@ async def __call__(
6062
)
6163
elif bearer_token is not None:
6264
if settings.environment != "develop" and auth_provider is not None:
65+
LOGGER.debug(
66+
f"Validating token with auth provider. Token: {bearer_token}"
67+
)
6368
try:
6469
await auth_provider.validate_access_token(bearer_token.credentials)
6570
except Exception:

carbonserver/carbonserver/config.py

Lines changed: 11 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -16,32 +16,26 @@ class Settings(BaseSettings):
1616
oidc_client_secret: str = ""
1717
oidc_issuer_url: str = "https://auth.codecarbon.io/codecarbon-dev"
1818
oidc_well_known_url: str = ""
19-
20-
# Deprecated: Old Fief-specific settings (use OIDC settings instead)
21-
@property
22-
def fief_client_id(self) -> str:
23-
return self.oidc_client_id
24-
25-
@property
26-
def fief_client_secret(self) -> str:
27-
return self.oidc_client_secret
28-
29-
@property
30-
def fief_url(self) -> str:
31-
return self.oidc_issuer_url
32-
3319
frontend_url: str = Field("", env="FRONTEND_URL")
3420
environment: str = Field("production")
3521
jwt_key: str = Field("", env="JWT_KEY")
3622
api_port: int = Field(8080, env="API_PORT")
3723
server_host: str = Field("0.0.0.0", env="SERVER_HOST")
3824

25+
# Fief settings (deprecated)
26+
fief_client_id: str = ""
27+
fief_client_secret: str = ""
28+
fief_url: str = ""
29+
3930
class Config:
4031
# Define alternative environment variable names for backward compatibility
4132
fields = {
42-
"oidc_client_id": {"env": ["OIDC_CLIENT_ID", "FIEF_CLIENT_ID"]},
43-
"oidc_client_secret": {"env": ["OIDC_CLIENT_SECRET", "FIEF_CLIENT_SECRET"]},
44-
"oidc_issuer_url": {"env": ["OIDC_ISSUER_URL", "FIEF_URL"]},
33+
"oidc_client_id": {"env": ["OIDC_CLIENT_ID"]},
34+
"oidc_client_secret": {"env": ["OIDC_CLIENT_SECRET"]},
35+
"oidc_issuer_url": {"env": ["OIDC_ISSUER_URL"]},
36+
"fief_client_id": {"env": ["FIEF_CLIENT_ID"]},
37+
"fief_client_secret": {"env": ["FIEF_CLIENT_SECRET"]},
38+
"fief_url": {"env": ["FIEF_URL"]},
4539
"oidc_well_known_url": {
4640
"env": [
4741
"OIDC_WELL_KNOWN_URL",

0 commit comments

Comments
 (0)