Feature/add authx sample #15
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR introduces the authX sample to demonstrate authentication and role‐based authorization using JWTs with API Management. It also adds utility functions and tests to support signing key generation and updates several modules to integrate the new sample.
- Added a new JWT-based authentication sample (authX) with accompanying Bicep templates and Jupyter notebook.
- Introduced a generate_signing_key utility function and tests.
- Updated APIM requests handling and new JWT token classes.
Reviewed Changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/python/test_utils.py | Added a test case for the new generate_signing_key function. |
| tests/python/test_apimrequests.py | Added tests for header property mutations in APIM requests. |
| shared/python/utils.py | Integrated generate_signing_key function and added traceback printing in error handling. |
| shared/python/apimtypes.py | Introduced a NamedValue data class and added testing role IDs. |
| shared/python/apimrequests.py | Modified header storage and updated the singlePost method signature. |
| shared/python/apimjwt.py | Added JwtPayload and SymmetricJwtToken classes for JWT creation and signing. |
| shared/bicep/modules/apim/v1/*.bicep | Added/updated Bicep modules for named values and API resources. |
| samples/authX/* | Added the new authX sample, including policies, Bicep templates, and a Jupyter notebook. |
| README.md | Updated documentation to include the new AuthX sample. |
|
|
||
| def __init__(self, name: str, value: str, isSecret: bool = False): | ||
| self.name = name | ||
| self.value = value | ||
| self.isSecret = isSecret | ||
|
|
||
|
|
There was a problem hiding this comment.
[nitpick] The NamedValue class is decorated with @DataClass but also defines an explicit init without additional logic. Consider removing the explicit init to leverage dataclass auto-generation and improve maintainability.
| def __init__(self, name: str, value: str, isSecret: bool = False): | |
| self.name = name | |
| self.value = value | |
| self.isSecret = isSecret | |
| pass |
|
|
||
| DEFAULT_LIFETIME_SECONDS = 3600 * 24 # Default lifetime of 24 hours | ||
|
|
||
| def __init__(self, subject: str, name: str, issued_at: int | None = None, expires: int | None = None, roles: dict[str] | None = None) -> None: |
There was a problem hiding this comment.
The type annotation for the 'roles' parameter is declared as dict[str] | None, but the code and tests pass a list of role IDs. Update the type annotation to list[str] | None for consistency.
Resolves #9