Feature/update aud (#1)

* adding resource parameter * feat: Update content type in VSCode settings Update the content type in the VSCode settings from "application/text" to "application/json" to ensure compatibility with the server API. --------- Co-authored-by: Your Name <[email protected]>
kdcllc · Jun 7, 2024 · 8e9f2df · 8e9f2df
1 parent a8b5324
commit 8e9f2df
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 13 deletions.
diff --git a/.gitignore b/.gitignore
@@ -159,4 +159,5 @@ cython_debug/
 #  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
+#.idea/
+.aider*
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -2,7 +2,7 @@
     "rest-client.environmentVariables": {
         "$shared": {
             "baseUrl": "http://localhost:6700",
-            "contentType": "application/text",
+            "contentType": "application/json",
             "X-Auth-Token": "169ddeb1-502a-42cf-a222-9dbb8ec2cbf6",
         }
     }

diff --git a/README.md b/README.md
@@ -51,7 +51,7 @@ To run the application locally, follow these steps:
 6. **Run the application:**
 
     ```bash
-    uvicorn main:app --reload
+    uvicorn main:app --reload --port 6700
     ```
 
 ## Deploy the Container

diff --git a/authenticator.py b/authenticator.py
@@ -85,7 +85,7 @@ def get_temp_dir(self,user_id: str):
 
         return temp_dir
 
-    def get_token(self, user_id: str):
+    def get_token(self, user_id: str, resource: str):
         with self.lock:
             #wait for the command to finish
             child = self.users_data[user_id]['child']
@@ -98,7 +98,7 @@ def get_token(self, user_id: str):
             env = self.set_env(user_id)
 
             # Execute the command
-            result = subprocess.run(['az', 'account', 'get-access-token'], capture_output=True, text=True, env=env)
+            result = subprocess.run(['az', 'account', 'get-access-token', '--resource', resource], capture_output=True, text=True, env=env)
 
             # Check if the command was successful
             if result.returncode != 0:
@@ -110,14 +110,14 @@ def get_token(self, user_id: str):
 
             return token
 
-    def authenticate(self, user_id: str):
+    def authenticate(self, user_id: str, resource: str):
 
         retry_count = 0
         max_retries = 3
 
         while not self.users_data[user_id]['token'] and retry_count < max_retries:
             try:
-                token = self.get_token(user_id)
+                token = self.get_token(user_id, resource)
                 logging.info("Authentication successful.")
                 with self.lock:
                     self.users_data[user_id]['token'] = token
@@ -132,4 +132,4 @@ def authenticate(self, user_id: str):
 
     def get_token_thread_safe(self, user_id: str):
         with self.lock:
-            return self.users_data.get(user_id, {}).get('token')
+            return self.users_data.get(user_id, {}).get('token')
diff --git a/main.py b/main.py
@@ -1,7 +1,7 @@
 import logging
 import os
 import threading
-from fastapi import FastAPI, HTTPException, Path, Query
+from fastapi import Body, FastAPI, HTTPException, Path
 from pydantic import BaseModel
 from typing import Optional
 
@@ -31,18 +31,21 @@ class DeviceCodeResponse(BaseModel):
     url: str
     device_code: str
 
+class TokenRequest(BaseModel):
+    resource: str
+
 @app.post("/device-code/{user_id}", response_model=DeviceCodeResponse)
 def get_device_code(user_id: str = Path(..., description="The unique ID of the user")):
     url, device_code = authenticator.get_device_code(user_id)
     return {"url": url, "device_code": device_code}
 
 @app.post("/token/{user_id}", response_model=TokenResponse)
-def get_token(user_id: str = Path(..., description="The unique ID of the user")):
+def get_token(token_request: TokenRequest = Body(...), user_id: str = Path(..., description="The unique ID of the user")):
     if user_id not in authenticator.users_data  or not authenticator.users_data[user_id].get('device_code'):
         raise HTTPException(status_code=400, detail="Device code not requested")
 
     # ensure the user has authenticated
-    auth_thread = threading.Thread(target=authenticator.authenticate, args=(user_id,))
+    auth_thread = threading.Thread(target=authenticator.authenticate, args=(user_id, token_request.resource))
     auth_thread.start()
     auth_thread.join()
 
@@ -51,4 +54,4 @@ def get_token(user_id: str = Path(..., description="The unique ID of the user"))
 
 @app.get("/health")
 def health_check():
-    return {"status": "UP"}
+    return {"status": "UP"}
diff --git a/rest/token.http b/rest/token.http
@@ -1,4 +1,10 @@
 
 POST {{baseUrl}}/token/user1
 Content-Type: {{contentType}}
-X-Auth-Token: {{X-Auth-Token}}
+X-Auth-Token: {{X-Auth-Token}}
+
+{
+    "resource": "https://graph.microsoft.com"
+}
+
+