fix(auth): properly handle async Flask routes in decorators

bento-platform · Aug 29, 2024 · dac7e56 · dac7e56
1 parent 6690ae7
commit dac7e56
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 52 deletions.
diff --git a/bento_lib/auth/middleware/flask.py b/bento_lib/auth/middleware/flask.py
@@ -1,6 +1,6 @@
 import json
 
-from flask import Flask, Request, Response, request, g
+from flask import Flask, Request, Response, current_app, g, request
 from functools import wraps
 
 from bento_lib.auth.exceptions import BentoAuthException
@@ -91,14 +91,14 @@ def wrapper(*args, **kwargs):
                         self.check_authz_evaluate(request, permissions, resource, require_token, set_authz_flag)
                     except BentoAuthException as e:
                         return self._make_auth_error(e)
-                return func(*args, **kwargs)
+                return current_app.ensure_sync(func)(*args, **kwargs)
             return wrapper
         return decorator
 
     def deco_public_endpoint(self, func):
         @wraps(func)
         def wrapper(*args, **kwargs):
-            res = func(*args, **kwargs)
+            res = current_app.ensure_sync(func)(*args, **kwargs)
             if self.enabled:
                 self.mark_authz_done(request)
             return res

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "bento-lib"
-version = "12.1.0"
+version = "12.1.1"
 description = "A set of common utilities and helpers for Bento platform services."
 authors = [
     "David Lougheed <[email protected]>",

diff --git a/tests/test_platform_flask.py b/tests/test_platform_flask.py
@@ -1,5 +1,6 @@
 import bento_lib.responses.flask_errors as fe
 
+import asyncio
 import logging
 import pytest
 import responses
@@ -80,12 +81,14 @@ def auth_post_exempted():
 
     @test_app_auth.route("/post-public", methods=["POST"])
     @auth_middleware.deco_public_endpoint
-    def auth_post_public():
+    async def auth_post_public():  # ensure Flask public decorator works for async code too
+        await asyncio.sleep(0.1)
         return jsonify(request.json)
 
     @test_app_auth.route("/post-private", methods=["POST"])
     @auth_middleware.deco_require_permissions_on_resource(frozenset({P_INGEST_DATA}))
-    def auth_post_private():
+    async def auth_post_private():  # ensure Flask private decorator works for async code too
+        await asyncio.sleep(0.1)
         return jsonify(request.json)
 
     @test_app_auth.route("/post-private-no-flag", methods=["POST"])