add context to identity

Author: Deniallugo

aiohttp_security/abc.py

@@ -7,7 +7,7 @@
 class AbstractIdentityPolicy(metaclass=abc.ABCMeta):
 
     @abc.abstractmethod
-    async def identify(self, request):
+    async def identify(self, request, context=None):
         """Return the claimed identity of the user associated request or
         ``None`` if no identity can be found associated with the request."""
         pass
@@ -42,7 +42,7 @@ async def permits(self, identity, permission, context=None):
         pass
 
     @abc.abstractmethod
-    async def authorized_userid(self, identity):
+    async def authorized_userid(self, identity, context=None):
         """Retrieve authorized user id.
 
         Return the user_id of the user identified by the identity

aiohttp_security/api.py

@@ -49,15 +49,15 @@ async def forget(request, response):
     await identity_policy.forget(request, response)
 
 
-async def authorized_userid(request):
+async def authorized_userid(request, context=None):
     identity_policy = request.app.get(IDENTITY_KEY)
     autz_policy = request.app.get(AUTZ_KEY)
     if identity_policy is None or autz_policy is None:
         return None
-    identity = await identity_policy.identify(request)
+    identity = await identity_policy.identify(request, context)
     if identity is None:
         return None  # non-registered user has None user_id
-    user_id = await autz_policy.authorized_userid(identity)
+    user_id = await autz_policy.authorized_userid(identity, context)
     return user_id
 
 
@@ -92,7 +92,7 @@ async def permits(request, permission, context=None):
     return access
 
 
-async def is_anonymous(request):
+async def is_anonymous(request, context=None):
     """Check if user is anonymous.
 
     User is considered anonymous if there is not identity
@@ -101,16 +101,16 @@ async def is_anonymous(request):
     identity_policy = request.app.get(IDENTITY_KEY)
     if identity_policy is None:
         return True
-    identity = await identity_policy.identify(request)
+    identity = await identity_policy.identify(request, context)
     if identity is None:
         return True
     return False
 
 
-async def check_authorized(request):
+async def check_authorized(request, context=None):
     """Checker that raises HTTPUnauthorized for anonymous users.
     """
-    userid = await authorized_userid(request)
+    userid = await authorized_userid(request, context)
     if userid is None:
         raise web.HTTPUnauthorized()
     return userid
@@ -152,7 +152,7 @@ async def check_permission(request, permission, context=None):
     raises HTTPForbidden.
     """
 
-    await check_authorized(request)
+    await check_authorized(request, context)
     allowed = await permits(request, permission, context)
     if not allowed:
         raise web.HTTPForbidden()

aiohttp_security/cookies_identity.py

@@ -17,7 +17,7 @@ def __init__(self):
         self._cookie_name = 'AIOHTTP_SECURITY'
         self._max_age = 30 * 24 * 3600
 
-    async def identify(self, request):
+    async def identify(self, request, context=None):
         identity = request.cookies.get(self._cookie_name)
         return identity
 

aiohttp_security/jwt_identity.py

@@ -21,7 +21,7 @@ def __init__(self, secret, algorithm='HS256'):
         self.secret = secret
         self.algorithm = algorithm
 
-    async def identify(self, request):
+    async def identify(self, request, context=None):
         header_identity = request.headers.get(AUTH_HEADER_NAME)
 
         if header_identity is None:

aiohttp_security/session_identity.py

@@ -23,7 +23,7 @@ def __init__(self, session_key='AIOHTTP_SECURITY'):
             raise ImportError(
                 'SessionIdentityPolicy requires `aiohttp_session`')
 
-    async def identify(self, request):
+    async def identify(self, request, context=None):
         session = await get_session(request)
         return session.get(self._session_key)
 

tests/test_dict_autz.py

@@ -18,7 +18,7 @@ async def permits(self, identity, permission, context=None):
         else:
             return False
 
-    async def authorized_userid(self, identity):
+    async def authorized_userid(self, identity, context=None):
         if identity == 'UserID':
             return 'Andrew'
         else:

tests/test_jwt_identity.py

@@ -25,7 +25,7 @@ class Autz(AbstractAuthorizationPolicy):
     async def permits(self, identity, permission, context=None):
         pass
 
-    async def authorized_userid(self, identity):
+    async def authorized_userid(self, identity, context=None):
         pass