diff --git a/.gitignore b/.gitignore index 7a4c993..78595df 100644 --- a/.gitignore +++ b/.gitignore @@ -169,3 +169,6 @@ bb2_venv/ # BB2 ignores .bluebutton-config.json .bluebutton-config.yaml + +# Snyk Security Extension - AI Rules (auto-generated) +.github/instructions/snyk_rules.instructions.md diff --git a/bluebutton-sample-config.json b/bluebutton-sample-config.json index e00dc79..929cf07 100644 --- a/bluebutton-sample-config.json +++ b/bluebutton-sample-config.json @@ -3,5 +3,5 @@ "client_id": "", "client_secret": "", "callback_url": "https://www.fake.com/your/callback/here", - "version": 2 + "version": 3 } diff --git a/cms_bluebutton/auth.py b/cms_bluebutton/auth.py index ac29df2..bf2cb19 100755 --- a/cms_bluebutton/auth.py +++ b/cms_bluebutton/auth.py @@ -5,6 +5,7 @@ import string import datetime import urllib +from cms_bluebutton.tests.fixtures import token_response from requests_toolbelt.multipart.encoder import MultipartEncoder from .constants import SDK_HEADERS @@ -95,7 +96,7 @@ def generate_pkce_data() -> dict: code_challenge = base64.urlsafe_b64encode( hashlib.sha256(verifier.encode("ASCII")).digest() ) - return {"code_challenge": code_challenge.decode("utf-8"), "verifier": verifier} + return {"code_challenge": code_challenge.decode("utf-8"), "code_challenge_method": "S256", "verifier": verifier} def generate_random_state(num) -> str: @@ -116,7 +117,6 @@ def get_access_token_from_code(bb, auth_data, callback_code) -> dict: "grant_type": "authorization_code", "redirect_uri": bb.callback_url, "code_verifier": auth_data["verifier"], - "code_challenge": auth_data["code_challenge"], } token_response = _do_post(data, bb, None) @@ -146,10 +146,11 @@ def _do_post(data, bb, auth): mp_encoder = MultipartEncoder(data) headers = SDK_HEADERS headers["content-type"] = mp_encoder.content_type + return requests.post( url=bb.auth_token_url, data=mp_encoder, - headers=headers + headers=headers, ) if not auth else requests.post( url=bb.auth_token_url, data=mp_encoder, diff --git a/cms_bluebutton/cms_bluebutton.py b/cms_bluebutton/cms_bluebutton.py index b6c9bf5..714e70f 100644 --- a/cms_bluebutton/cms_bluebutton.py +++ b/cms_bluebutton/cms_bluebutton.py @@ -20,7 +20,6 @@ ROOT_DIR = os.path.abspath(os.curdir) + "/" DEFAULT_CONFIG_FILE_LOCATION = ROOT_DIR + "./.bluebutton-config.json" - class BlueButton: def __init__(self, config=DEFAULT_CONFIG_FILE_LOCATION):