Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] add authorization header to httpstep #170

Merged
merged 35 commits into from
Feb 26, 2025
Merged

[FEATURE] add authorization header to httpstep #170

merged 35 commits into from
Feb 26, 2025

Conversation

dannymeijer
Copy link
Member

@dannymeijer dannymeijer commented Feb 26, 2025
edited
Loading

Description

This pull request includes changes to the HttpStep class and adds comprehensive unit tests. The changes to the HttpStep class include:

  • Addition of decode_sensitive_headers method to decode SecretStr values in headers.
  • Modification of get_headers method to dump headers into JSON without SecretStr masking.
  • Addition of methods (get, post, put, delete) to handle different HTTP methods.
  • Addition of the auth_header field to handle authorization headers, replacing the previous implementation.

The unit tests cover:

  • Successful and failed HTTP requests for GET, POST, PUT, and DELETE methods.
  • Handling of authorization headers, including Bearer tokens and Digest authentication.
  • Retry logic for handling HTTP errors with configurable retry counts.
  • Backoff strategies for retrying requests with exponential backoff.

Related Issue

#162

Motivation and Context

This pull request addresses potential data leaks regarding authorization headers. The changes ensure that sensitive information is handled securely and that the HttpStep class can handle various HTTP methods. The comprehensive unit tests help prevent regressions and ensure that the class behaves as expected under different conditions.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

dannymeijer and others added 30 commits January 31, 2025 20:36
@dannymeijer
[FEATURE] Introduce SecretStr class for enhanced secret handling in K…
ebcc32a 
…oheesio
@dannymeijer
[REFactor] Update import statement for SecretStr in test_okta.py
48b8712
@dannymeijer
[BUGFIX] Improve error handling in SecretStr concatenation and string…
31b3dcd 
… conversion
@dannymeijer
[REFactor] Update variable names in several tests to improve legibility
734b5c7
@dannymeijer
[REFactor] Update test documentation for SecretStr concatenation to c…
f2c66ae 
…larify exception handling
@dannymeijer
[REFactor] Enhance type handling in SecretStr concatenation methods a…
590186f 
…nd improve test coverage. Restore to 'normal' python string behavior.
@dannymeijer
[REFactor] Update concatenation methods in SecretStr for improved cla…
0583b8c 
…rity
@dannymeijer
[REFactor] Improve formatting behavior in SecretStr to differentiate …
a704953 
…safe and unsafe contexts + leave handling of __format__ to the super class in unsafe scenario
@dannymeijer
[REFactor] Update formatting behavior in SecretStr to delegate unsafe…
22b59cd 
… context handling to Pydantic
@dannymeijer
[FEATURE] Introduce SecretMixin for enhanced concatenation and multip…
9a752e8 
…lication support in SecretStr and SecretBytes
@dannymeijer
[REFactor] Rename SecretMixin to _SecretMixin (make it private)
8407f89
@dannymeijer
[WIP] Add support for authorization headers in HttpStep with SecretSt…
10dddd1 
…r for enhanced security
@dannymeijer
[TEST] Add tests for logging behavior in nested super calls and exten…
6c42e6d 
…d parameterization
@dannymeijer
[BUGFIX] Improve method call detection and logging in StepMetaClass; …
e8ff064 
…avoid duplications
@dannymeijer
[REFactor] Simplify method call detection in StepMetaClass and enhanc…
1c0934e 
…e logging in nested inheritance tests + improved test
@dannymeijer
[REFactor] Improve readability of method call detection in StepMetaClass
585672c
@dannymeijer
[REFactor] Rename 'options' to 'params' in JDBC readers and Snowflake…
2034c74 
…BaseModel for consistency; update related tests
@dannymeijer
[CONFIG] Update pytest options for verbose output and add Spark Conne…
23b8434 
…ct dependencies in pyproject.toml
@dannymeijer
[REFactor] Update import statement for requests_mock in test_http.py …
1025628 
…for clarity
@dannymeijer
[REFactor] Update test assertions for JDBC reader and replace Mocker …
80d3122 
…with requests_mock in HTTP tests for clarity
@dannymeijer
[FEATURE] Enhance SecretStr formatting to handle secure contexts and …
f578670 
…edge cases
@dannymeijer
[DOCS] Update docstring to clarify method resolution order in StepMet…
777fac6 
…aClass
@dannymeijer
[TEST] Add tests for multiline interpolation in secure and non-secure…
e01b8c4 
… contexts for SecretStr
@dannymeijer
[CHANGE] Update Python version requirement from 3.11 to 3.12 in pypro…
8e431ee 
…ject.toml
@dannymeijer
working code (needs prettifying)
5128b28
@dannymeijer
[FEATURE] Improve f-string formatting handling in SecretStr for Pytho…
8759ff1 
…n 3.12+
@dannymeijer
[CHANGE] Add type ignore comment for caller_context in SecretStr to a…
b2fef8e 
…ddress Python 3.12 f-string behavior
@dannymeijer
Merge branch 'main' into feature-162-address-secretstr-concerns
eb3ae17
@dannymeijer
Merge branch 'main' into feature-162-address-secretstr-concerns
d4fa472
@dannymeijer
Merge branch 'feature-162-address-secretstr-concerns' into 162-featur…
ffdb611 
…e-add-authorization_header-to-httpstep
@dannymeijer dannymeijer added this to the 0.10 milestone Feb 26, 2025
@dannymeijer dannymeijer self-assigned this Feb 26, 2025
@dannymeijer dannymeijer linked an issue Feb 26, 2025 that may be closed by this pull request
[FEATURE] Add authorization_header to HttpStep to support other token types besides just bearer #162
Closed
@dannymeijer dannymeijer added bug Something isn't working enhancement New feature or request labels Feb 26, 2025
zarembat
zarembat suggested changes Feb 26, 2025
View reviewed changes
zarembat
zarembat approved these changes Feb 26, 2025
View reviewed changes
Copy link
Contributor

@zarembat zarembat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Neat 😊

pariksheet
pariksheet approved these changes Feb 26, 2025
View reviewed changes
Copy link
Contributor

@pariksheet pariksheet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dannymeijer dannymeijer marked this pull request as ready for review February 26, 2025 15:07
@dannymeijer dannymeijer requested a review from a team as a code owner February 26, 2025 15:07
@dannymeijer dannymeijer changed the title [WORK IN PROGRESS] 162 feature add authorization header to httpstep [FEATURE] add authorization header to httpstep Feb 26, 2025
@dannymeijer dannymeijer merged commit 744fab6 into main Feb 26, 2025
15 checks passed
@dannymeijer dannymeijer deleted the 162-feature-add-authorization_header-to-httpstep branch February 26, 2025 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pariksheet pariksheet pariksheet approved these changes

@zarembat zarembat zarembat approved these changes

Assignees

@dannymeijer dannymeijer

Labels
bug Something isn't working enhancement New feature or request
Projects
Koheesio
Status: Done
Milestone
0.10
Development

Successfully merging this pull request may close these issues.

[FEATURE] Add authorization_header to HttpStep to support other token types besides just bearer
3 participants
@dannymeijer @pariksheet @zarembat