From 0e6ad7ab875321bb6c4cd323db0b07c5d102716b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A5kon=20V=2E=20Treider?= Date: Thu, 2 Nov 2023 20:51:52 +0100 Subject: [PATCH] fix transformations backup auth flow (#1464) --- CHANGELOG.md | 7 ++++++- cognite/client/_version.py | 2 +- .../client/data_classes/transformations/common.py | 12 ++++++++---- pyproject.toml | 2 +- tests/tests_unit/test_transformations/test_common.py | 4 ++-- 5 files changed, 18 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 736fd46fe3..7e91a2185d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,7 +17,12 @@ Changes are grouped as follows - `Fixed` for any bug fixes. - `Security` in case of vulnerabilities. -## [6.39.0] - 2023-11-1 +## [6.39.1] - 2023-11-01 +## Fixed +- When creating transformations using backup auth. flow (aka a session could not be created for any reason), + the scopes for the credentials would not be passed correctly (bug introduced in 6.25.1). + +## [6.39.0] - 2023-11-01 ## Added - Support for `concurrencyPolicy` property in Workflows `TransformationsWorker`. diff --git a/cognite/client/_version.py b/cognite/client/_version.py index 849eee8aa6..3d9a409d49 100644 --- a/cognite/client/_version.py +++ b/cognite/client/_version.py @@ -1,4 +1,4 @@ from __future__ import annotations -__version__ = "6.39.0" +__version__ = "6.39.1" __api_subversion__ = "V20220125" diff --git a/cognite/client/data_classes/transformations/common.py b/cognite/client/data_classes/transformations/common.py index a68326bc09..a6be84b639 100644 --- a/cognite/client/data_classes/transformations/common.py +++ b/cognite/client/data_classes/transformations/common.py @@ -306,18 +306,22 @@ def __init__( self.token_uri = token_uri self.audience = audience self.cdf_project_name = cdf_project_name + self.scopes = self._verify_scopes(scopes) - # For backwards compatibility, we accept scopes as a comma-separated string. + @staticmethod + def _verify_scopes(scopes: str | list[str]) -> str: if isinstance(scopes, str): - scopes = scopes.split(",") - self.scopes = scopes + return scopes + elif isinstance(scopes, list): + return ",".join(scopes) + raise TypeError(f"scopes must be provided as a comma-separated string or list, not {type(scopes)}") def as_credential_provider(self) -> OAuthClientCredentials: return OAuthClientCredentials( token_url=self.token_uri, client_id=self.client_id, client_secret=self.client_secret, - scopes=self.scopes, + scopes=self.scopes.split(","), audience=self.audience, ) diff --git a/pyproject.toml b/pyproject.toml index 42592ae6f3..9122b33f7f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,7 +1,7 @@ [tool.poetry] name = "cognite-sdk" -version = "6.39.0" +version = "6.39.1" description = "Cognite Python SDK" readme = "README.md" documentation = "https://cognite-sdk-python.readthedocs-hosted.com" diff --git a/tests/tests_unit/test_transformations/test_common.py b/tests/tests_unit/test_transformations/test_common.py index 444062f6ab..97e0d40873 100644 --- a/tests/tests_unit/test_transformations/test_common.py +++ b/tests/tests_unit/test_transformations/test_common.py @@ -13,7 +13,7 @@ def oidc_credentials(): @pytest.mark.parametrize("scopes", ("comma,separated,scopes", ["comma", "separated", "scopes"])) def test_oidc_credentials(scopes): oidc_credentials = OidcCredentials(client_id="id", client_secret="secret", scopes=scopes, token_uri="url") - assert oidc_credentials.scopes == ["comma", "separated", "scopes"] + assert oidc_credentials.scopes == "comma,separated,scopes" def test_oidc_credentials_as_credential_provider(oidc_credentials): @@ -21,7 +21,7 @@ def test_oidc_credentials_as_credential_provider(oidc_credentials): assert isinstance(client_creds, OAuthClientCredentials) assert client_creds.token_url == oidc_credentials.token_uri - assert client_creds.scopes == oidc_credentials.scopes + assert client_creds.scopes == [oidc_credentials.scopes] assert client_creds.token_custom_args["audience"] is oidc_credentials.audience is None