This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-release.git
The following commit(s) were added to refs/heads/main by this push:
new cb10d8d Add an example secret API endpoint, and use JSON for errors
cb10d8d is described below
commit cb10d8d3dedd8f9f81f21f9498bd14810abcfe0d
Author: Sean B. Palmer <[email protected]>
AuthorDate: Thu Jul 3 14:38:31 2025 +0100
Add an example secret API endpoint, and use JSON for errors
---
atr/blueprints/api/__init__.py | 22 ++++++++++++++++++++++
atr/blueprints/api/api.py | 10 ++++++++++
atr/routes/root.py | 8 ++++++++
atr/server.py | 6 ++++++
4 files changed, 46 insertions(+)
diff --git a/atr/blueprints/api/__init__.py b/atr/blueprints/api/__init__.py
index c3228fa..b6a9bdf 100644
--- a/atr/blueprints/api/__init__.py
+++ b/atr/blueprints/api/__init__.py
@@ -15,6 +15,28 @@
# specific language governing permissions and limitations
# under the License.
+import asfquart.base as base
import quart
+import werkzeug.exceptions as exceptions
BLUEPRINT = quart.Blueprint("api_blueprint", __name__, url_prefix="/api")
+
+
[email protected](base.ASFQuartException)
+async def handle_asfquart_exception(err: base.ASFQuartException) ->
tuple[quart.Response, int]:
+ status = getattr(err, "errorcode", 500)
+ return _json_error(str(err), status)
+
+
[email protected](Exception)
+async def handle_generic_exception(err: Exception) -> tuple[quart.Response,
int]:
+ return _json_error(str(err), 500)
+
+
[email protected](exceptions.HTTPException)
+async def handle_http_exception(err: exceptions.HTTPException) ->
tuple[quart.Response, int]:
+ return _json_error(err.description or err.name, err.code)
+
+
+def _json_error(message: str, status_code: int | None) ->
tuple[quart.Response, int]:
+ return quart.jsonify({"error": message}), status_code or 500
diff --git a/atr/blueprints/api/api.py b/atr/blueprints/api/api.py
index 25ab037..373bcaa 100644
--- a/atr/blueprints/api/api.py
+++ b/atr/blueprints/api/api.py
@@ -28,6 +28,7 @@ import werkzeug.exceptions as exceptions
import atr.blueprints.api as api
import atr.db as db
import atr.db.models as models
+import atr.jwtoken as jwtoken
# FIXME: we need to return the dumped model instead of the actual pydantic
class
# as otherwise pyright will complain about the return type
@@ -210,6 +211,15 @@ async def releases_project_version_revisions(project: str,
version: str) -> tupl
return [rev.model_dump() for rev in revisions], 200
[email protected]("/secret")
[email protected]
+@quart_schema.security_scheme([{"BearerAuth": []}])
+@quart_schema.validate_response(dict[str, str], 200)
+async def secret() -> tuple[Mapping, int]:
+ """Return a secret."""
+ return {"secret": "*******"}, 200
+
+
@api.BLUEPRINT.route("/ssh-keys")
@quart_schema.validate_querystring(Pagination)
async def ssh_keys(query_args: Pagination) -> quart.Response:
diff --git a/atr/routes/root.py b/atr/routes/root.py
index 72817a6..4638de1 100644
--- a/atr/routes/root.py
+++ b/atr/routes/root.py
@@ -18,12 +18,14 @@
"""root.py"""
import asfquart.session
+import quart
import sqlalchemy.orm as orm
import sqlmodel
import werkzeug.wrappers.response as response
import atr.db as db
import atr.db.models as models
+import atr.jwtoken as jwtoken
import atr.routes as routes
import atr.template as template
import atr.user as user
@@ -111,6 +113,12 @@ async def todo(session: routes.CommitterSession) -> str:
return await template.render("todo.html")
[email protected]("/token")
+async def token(session: routes.CommitterSession) -> quart.Response:
+ token = jwtoken.issue(session.uid)
+ return quart.jsonify({"token": token})
+
+
@routes.committer("/tutorial")
async def tutorial(session: routes.CommitterSession) -> str:
"""Tutorial page."""
diff --git a/atr/server.py b/atr/server.py
index 6b8e485..c025a7f 100644
--- a/atr/server.py
+++ b/atr/server.py
@@ -105,6 +105,12 @@ def app_setup_api_docs(app: base.QuartApp) -> None:
openapi_provider_class=ApiOnlyOpenAPIProvider,
swagger_ui_path="/api/docs",
openapi_path="/api/openapi.json",
+ security_schemes={
+ "BearerAuth": quart_schema.HttpSecurityScheme(
+ scheme="bearer",
+ bearer_format="JWT",
+ )
+ },
)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
