Skip to content

Commit fef4bcd

Browse files
davidgamezdavidgamez
committed
fix request context email verification
1 parent f308820 commit fef4bcd

File tree

2 files changed

+8
-47
lines changed

2 files changed

+8
-47
lines changed

api/src/middleware/request_context.py

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,10 @@ def _extract_from_headers(self, headers: dict, scope: Scope) -> None:
9494
def __repr__(self) -> str:
9595
# Omitting sensitive data like email and jwt assertion
9696
safe_properties = dict(
97-
user_id=self.user_id, client_user_agent=self.client_user_agent, client_host=self.client_host
97+
user_id=self.user_id,
98+
client_user_agent=self.client_user_agent,
99+
client_host=self.client_host,
100+
email=self.user_email,
98101
)
99102
return f"request-context={safe_properties})"
100103

@@ -108,8 +111,8 @@ def is_user_email_restricted() -> bool:
108111
Check if an email's domain is restricted (e.g., for WIP visibility).
109112
"""
110113
request_context = get_request_context()
111-
if not isinstance(request_context, RequestContext):
112-
return True # Default to restricted
113-
email = get_request_context().user_email
114+
if not request_context:
115+
return True
116+
email = request_context["user_email"]
114117
unrestricted_domains = ["mobilitydata.org"]
115118
return not email or not any(email.endswith(f"@{domain}") for domain in unrestricted_domains)

api/tests/unittest/middleware/test_request_context.py

Lines changed: 1 addition & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
from starlette.datastructures import Headers
55

6-
from middleware.request_context import RequestContext, get_request_context, _request_context, is_user_email_restricted
6+
from middleware.request_context import RequestContext, get_request_context, _request_context
77

88

99
class TestRequestContext(unittest.TestCase):
@@ -54,45 +54,3 @@ def test_get_request_context(self):
5454
request_context = RequestContext(MagicMock())
5555
_request_context.set(request_context)
5656
self.assertEqual(request_context, get_request_context())
57-
58-
def test_is_user_email_restricted(self):
59-
self.assertTrue(is_user_email_restricted())
60-
scope_instance = {
61-
"type": "http",
62-
"asgi": {"version": "3.0"},
63-
"http_version": "1.1",
64-
"method": "GET",
65-
"headers": [
66-
(b"host", b"localhost"),
67-
(b"x-forwarded-proto", b"https"),
68-
(b"x-forwarded-for", b"client, proxy1"),
69-
(b"server", b"server"),
70-
(b"user-agent", b"user-agent"),
71-
(b"x-goog-iap-jwt-assertion", b"jwt"),
72-
(b"x-cloud-trace-context", b"TRACE_ID/SPAN_ID;o=1"),
73-
(b"x-goog-authenticated-user-id", b"user_id"),
74-
(b"x-goog-authenticated-user-email", b"email"),
75-
],
76-
"path": "/",
77-
"raw_path": b"/",
78-
"query_string": b"",
79-
"client": ("127.0.0.1", 32767),
80-
"server": ("127.0.0.1", 80),
81-
}
82-
request_context = RequestContext(scope=scope_instance)
83-
_request_context.set(request_context)
84-
self.assertTrue(is_user_email_restricted())
85-
scope_instance["headers"] = [
86-
(b"host", b"localhost"),
87-
(b"x-forwarded-proto", b"https"),
88-
(b"x-forwarded-for", b"client, proxy1"),
89-
(b"server", b"server"),
90-
(b"user-agent", b"user-agent"),
91-
(b"x-goog-iap-jwt-assertion", b"jwt"),
92-
(b"x-cloud-trace-context", b"TRACE_ID/SPAN_ID;o=1"),
93-
(b"x-goog-authenticated-user-id", b"user_id"),
94-
(b"x-goog-authenticated-user-email", b"[email protected]"),
95-
]
96-
request_context = RequestContext(scope=scope_instance)
97-
_request_context.set(request_context)
98-
self.assertFalse(is_user_email_restricted())

0 commit comments

Comments
 (0)