You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Following #15581 and #15590: we now have three types that a request.identity can be:
User when the identity is a user backed by a login session
UserTokenContext when the identity is a user backed by an API token (i.e. macaroon)
PublisherTokenContext when the identity is an OIDCPublisher backed by an API token
Of these, User and UserTokenContext are confusable and prone to error. We should probably collapse them into a single UserContext type of the following shape:
@dataclassclassUserContext:
user: User""" The associated user. """macaroon: Macaroon|None""" The Macaroon associated to the API token used to authenticate, if token authentication was used. """def__principals__(self) ->list[str]:
returnself.user.__principals__()
...with that, we'll be able to remove UserTokenContext and simplify request.identity back down to just two types.
The text was updated successfully, but these errors were encountered:
Following #15581 and #15590: we now have three types that a
request.identity
can be:User
when the identity is a user backed by a login sessionUserTokenContext
when the identity is a user backed by an API token (i.e. macaroon)PublisherTokenContext
when the identity is anOIDCPublisher
backed by an API tokenOf these,
User
andUserTokenContext
are confusable and prone to error. We should probably collapse them into a singleUserContext
type of the following shape:...with that, we'll be able to remove
UserTokenContext
and simplifyrequest.identity
back down to just two types.The text was updated successfully, but these errors were encountered: