From a3c80749e3c00ebbffbf91b414178373b8860fb2 Mon Sep 17 00:00:00 2001 From: box-sdk-build Date: Fri, 30 May 2025 01:10:13 -0700 Subject: [PATCH 1/2] chore: Update .codegen.json with commit hash of codegen and openapi spec --- .codegen.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.codegen.json b/.codegen.json index 0dced1f2..9c6a592d 100644 --- a/.codegen.json +++ b/.codegen.json @@ -1 +1 @@ -{ "engineHash": "fe574b1", "specHash": "a8825be", "version": "1.14.0" } +{ "engineHash": "56d8b65", "specHash": "a8825be", "version": "1.14.0" } From f344fefea52533f5d06a7b40e2a47d88e8c7e015 Mon Sep 17 00:00:00 2001 From: box-sdk-build Date: Fri, 30 May 2025 01:11:31 -0700 Subject: [PATCH 2/2] fix: Fix downscope token to use retrieveToken method for token retrieval (box/box-codegen#731) --- .codegen.json | 2 +- box_sdk_gen/box/ccg_auth.py | 4 +- box_sdk_gen/box/developer_token_auth.py | 4 +- box_sdk_gen/box/jwt_auth.py | 4 +- box_sdk_gen/box/oauth.py | 4 +- test/auth.py | 62 +++++++++++++++++++++++++ test/events.py | 4 +- 7 files changed, 78 insertions(+), 6 deletions(-) diff --git a/.codegen.json b/.codegen.json index 9c6a592d..5b2eb349 100644 --- a/.codegen.json +++ b/.codegen.json @@ -1 +1 @@ -{ "engineHash": "56d8b65", "specHash": "a8825be", "version": "1.14.0" } +{ "engineHash": "20cb559", "specHash": "a8825be", "version": "1.14.0" } diff --git a/box_sdk_gen/box/ccg_auth.py b/box_sdk_gen/box/ccg_auth.py index eaeecd1f..f4dbd05a 100644 --- a/box_sdk_gen/box/ccg_auth.py +++ b/box_sdk_gen/box/ccg_auth.py @@ -191,7 +191,9 @@ def downscope_token( :param network_session: An object to keep network session state, defaults to None :type network_session: Optional[NetworkSession], optional """ - token: Optional[AccessToken] = self.token_storage.get() + token: Optional[AccessToken] = self.retrieve_token( + network_session=network_session + ) if token == None: raise BoxSDKError( message='No access token is available. Make an API call to retrieve a token before calling this method.' diff --git a/box_sdk_gen/box/developer_token_auth.py b/box_sdk_gen/box/developer_token_auth.py index 49f07142..8c803c8a 100644 --- a/box_sdk_gen/box/developer_token_auth.py +++ b/box_sdk_gen/box/developer_token_auth.py @@ -118,7 +118,9 @@ def downscope_token( :param network_session: An object to keep network session state, defaults to None :type network_session: Optional[NetworkSession], optional """ - token: Optional[AccessToken] = self.token_storage.get() + token: Optional[AccessToken] = self.retrieve_token( + network_session=network_session + ) if token == None or token.access_token == None: raise BoxSDKError(message='No access token is available.') auth_manager: AuthorizationManager = AuthorizationManager( diff --git a/box_sdk_gen/box/jwt_auth.py b/box_sdk_gen/box/jwt_auth.py index 331a0960..b2720de8 100644 --- a/box_sdk_gen/box/jwt_auth.py +++ b/box_sdk_gen/box/jwt_auth.py @@ -415,7 +415,9 @@ def downscope_token( :param network_session: An object to keep network session state, defaults to None :type network_session: Optional[NetworkSession], optional """ - token: Optional[AccessToken] = self.token_storage.get() + token: Optional[AccessToken] = self.retrieve_token( + network_session=network_session + ) if token == None: raise BoxSDKError( message='No access token is available. Make an API call to retrieve a token before calling this method.' diff --git a/box_sdk_gen/box/oauth.py b/box_sdk_gen/box/oauth.py index a0853f0d..1c62ead0 100644 --- a/box_sdk_gen/box/oauth.py +++ b/box_sdk_gen/box/oauth.py @@ -229,7 +229,9 @@ def downscope_token( :param network_session: An object to keep network session state, defaults to None :type network_session: Optional[NetworkSession], optional """ - token: Optional[AccessToken] = self.token_storage.get() + token: Optional[AccessToken] = self.retrieve_token( + network_session=network_session + ) if token == None or token.access_token == None: raise BoxSDKError(message='No access token is available.') auth_manager: AuthorizationManager = AuthorizationManager( diff --git a/test/auth.py b/test/auth.py index 446685cb..8bb0b6c3 100644 --- a/test/auth.py +++ b/test/auth.py @@ -99,6 +99,25 @@ def test_jwt_auth_downscope(): parent_client.files.delete_file_by_id(file.id) +def test_jwt_downscope_token_succeeds_if_no_token_available(): + jwt_config: JWTConfig = JWTConfig.from_config_json_string( + decode_base_64(get_env_var('JWT_CONFIG_BASE_64')) + ) + auth: BoxJWTAuth = BoxJWTAuth(config=jwt_config) + downscoped_token: AccessToken = auth.downscope_token(['root_readonly']) + assert not downscoped_token.access_token == None + downscoped_client: BoxClient = BoxClient( + auth=BoxDeveloperTokenAuth(token=downscoped_token.access_token) + ) + with pytest.raises(Exception): + downscoped_client.uploads.upload_file( + UploadFileAttributes( + name=get_uuid(), parent=UploadFileAttributesParentField(id='0') + ), + generate_byte_stream(1024 * 1024), + ) + + def test_jwt_auth_revoke(): jwt_config: JWTConfig = JWTConfig.from_config_json_string( decode_base_64(get_env_var('JWT_CONFIG_BASE_64')) @@ -128,6 +147,16 @@ def test_oauth_auth_authorizeUrl(): ) +def test_oauth_downscope_token_succeeds_if_no_token_available(): + config: OAuthConfig = OAuthConfig( + client_id=get_env_var('CLIENT_ID'), client_secret=get_env_var('CLIENT_SECRET') + ) + auth: BoxOAuth = BoxOAuth(config=config) + resource_path: str = ''.join(['https://api.box.com/2.0/files/12345']) + with pytest.raises(Exception): + auth.downscope_token(['item_rename', 'item_preview'], resource=resource_path) + + def test_ccg_auth(): user_id: str = get_env_var('USER_ID') enterprise_id: str = get_env_var('ENTERPRISE_ID') @@ -175,6 +204,27 @@ def test_ccg_auth_downscope(): parent_client.folders.delete_folder_by_id(folder.id) +def test_ccg_downscope_token_succeeds_if_no_token_available(): + ccg_config: CCGConfig = CCGConfig( + client_id=get_env_var('CLIENT_ID'), + client_secret=get_env_var('CLIENT_SECRET'), + user_id=get_env_var('USER_ID'), + ) + auth: BoxCCGAuth = BoxCCGAuth(config=ccg_config) + downscoped_token: AccessToken = auth.downscope_token(['root_readonly']) + assert not downscoped_token.access_token == None + downscoped_client: BoxClient = BoxClient( + auth=BoxDeveloperTokenAuth(token=downscoped_token.access_token) + ) + with pytest.raises(Exception): + downscoped_client.uploads.upload_file( + UploadFileAttributes( + name=get_uuid(), parent=UploadFileAttributesParentField(id='0') + ), + generate_byte_stream(1024 * 1024), + ) + + def test_ccg_auth_revoke(): ccg_config: CCGConfig = CCGConfig( client_id=get_env_var('CLIENT_ID'), @@ -192,6 +242,18 @@ def test_ccg_auth_revoke(): ) +def test_developer_downscope_token_succeeds_if_no_token_available(): + developer_token_config: DeveloperTokenConfig = DeveloperTokenConfig( + client_id=get_env_var('CLIENT_ID'), client_secret=get_env_var('CLIENT_SECRET') + ) + auth: BoxDeveloperTokenAuth = BoxDeveloperTokenAuth( + token='', config=developer_token_config + ) + resource_path: str = ''.join(['https://api.box.com/2.0/folders/12345']) + with pytest.raises(Exception): + auth.downscope_token(['item_rename', 'item_preview'], resource=resource_path) + + def get_access_token() -> AccessToken: user_id: str = get_env_var('USER_ID') enterprise_id: str = get_env_var('ENTERPRISE_ID') diff --git a/test/events.py b/test/events.py index eb090b80..9dd4a1a3 100644 --- a/test/events.py +++ b/test/events.py @@ -73,7 +73,9 @@ def testEventSourceFileOrFolder(): assert len(events.entries) > 0 first_event: Event = events.entries[0] source: File = first_event.source - assert to_string(source.type) == 'file' or to_string(source.type) == 'folder' + assert ( + to_string(source.type) == 'file' or to_string(source.type) == 'folder' + ) or to_string(source.type) == 'collaboration' assert not source.id == ''