phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-07-29 07:14:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Address review comments: make _get_github_user_info pure function and tighten exception handling

Browse source
This commit is contained in:
ehhuang 2025-07-08 00:54:35 -07:00
parent 9ece598705
commit 871021adc4
1 changed files with 30 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

60
llama_stack/distribution/server/auth_providers.py
View file

@ -327,43 +327,25 @@ class GitHubTokenAuthProvider(AuthProvider):
This validates tokens issued by GitHub (personal access tokens or OAuth tokens). This validates tokens issued by GitHub (personal access tokens or OAuth tokens).
""" """
try: try:
user_info = await self._get_github_user_info(token) user_info = await _get_github_user_info(token, self.config.github_api_base_url)
principal = user_info["user"]["login"]
github_data = {
"login": user_info["user"]["login"],
"id": str(user_info["user"]["id"]),
"organizations": user_info.get("organizations", []),
}
access_attributes = get_attributes_from_claims(github_data, self.config.claims_mapping)
return User(
principal=principal,
attributes=access_attributes,
)
except Exception as e: except Exception as e:
logger.warning(f"GitHub token validation failed: {e}") logger.warning(f"GitHub token validation failed: {e}")
raise ValueError("Invalid GitHub token") from e raise ValueError("Invalid GitHub token") from e
async def _get_github_user_info(self, access_token: str) -> dict: principal = user_info["user"]["login"]
"""Fetch user info and organizations from GitHub API."""
headers = { github_data = {
"Authorization": f"Bearer {access_token}", "login": user_info["user"]["login"],
"Accept": "application/vnd.github.v3+json", "id": str(user_info["user"]["id"]),
"User-Agent": "llama-stack", "organizations": user_info.get("organizations", []),
} }
async with httpx.AsyncClient() as client: access_attributes = get_attributes_from_claims(github_data, self.config.claims_mapping)
user_response = await client.get(f"{self.config.github_api_base_url}/user", headers=headers, timeout=10.0)
user_response.raise_for_status()
user_data = user_response.json()
return { return User(
"user": user_data, principal=principal,
} attributes=access_attributes,
)
async def close(self): async def close(self):
"""Clean up any resources.""" """Clean up any resources."""
@ -374,6 +356,24 @@ class GitHubTokenAuthProvider(AuthProvider):
return "Authentication required. Please provide a valid GitHub access token (https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) in the Authorization header (Bearer <token>)" return "Authentication required. Please provide a valid GitHub access token (https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) in the Authorization header (Bearer <token>)"
async def _get_github_user_info(access_token: str, github_api_base_url: str) -> dict:
"""Fetch user info and organizations from GitHub API."""
headers = {
"Authorization": f"Bearer {access_token}",
"Accept": "application/vnd.github.v3+json",
"User-Agent": "llama-stack",
}
async with httpx.AsyncClient() as client:
user_response = await client.get(f"{github_api_base_url}/user", headers=headers, timeout=10.0)
user_response.raise_for_status()
user_data = user_response.json()
return {
"user": user_data,
}
def create_auth_provider(config: AuthenticationConfig) -> AuthProvider: def create_auth_provider(config: AuthenticationConfig) -> AuthProvider:
"""Factory function to create the appropriate auth provider.""" """Factory function to create the appropriate auth provider."""
provider_config = config.provider_config provider_config = config.provider_config