Remove store user as auth result (#60468)

2021-11-28 05:14:52 -08:00 · 2021-11-28 05:14:52 -08:00 · c6ec84d0cf
commit c6ec84d0cf
parent 1aadda4b0f
2 changed files with 40 additions and 32 deletions
--- a/homeassistant/components/auth/init.py
+++ b/homeassistant/components/auth/init.py
@ -124,11 +124,7 @@ from aiohttp import web
 import voluptuous as vol

 from homeassistant.auth import InvalidAuthError
-from homeassistant.auth.models import (
-    TOKEN_TYPE_LONG_LIVED_ACCESS_TOKEN,
-    Credentials,
-    User,
-)
+from homeassistant.auth.models import TOKEN_TYPE_LONG_LIVED_ACCESS_TOKEN, Credentials
 from homeassistant.components import websocket_api
 from homeassistant.components.http.auth import async_sign_path
 from homeassistant.components.http.ban import log_invalid_auth
@ -179,15 +175,12 @@ SCHEMA_WS_SIGN_PATH = websocket_api.BASE_COMMAND_MESSAGE_SCHEMA.extend(
 )

 RESULT_TYPE_CREDENTIALS = "credentials"
-RESULT_TYPE_USER = "user"


@bind_hass
-def create_auth_code(
-    hass, client_id: str, credential_or_user: Credentials | User
-) -> str:
+def create_auth_code(hass, client_id: str, credential: Credentials) -> str:
    """Create an authorization code to fetch tokens."""
-    return hass.data[DOMAIN](client_id, credential_or_user)
+    return hass.data[DOMAIN](client_id, credential)


 async def async_setup(hass, config):
@ -296,7 +289,7 @@ class TokenView(HomeAssistantView):
                status_code=HTTPStatus.BAD_REQUEST,
            )

-        credential = self._retrieve_auth(client_id, RESULT_TYPE_CREDENTIALS, code)
+        credential = self._retrieve_auth(client_id, code)

        if credential is None or not isinstance(credential, Credentials):
            return self.json(
@ -399,9 +392,7 @@ class LinkUserView(HomeAssistantView):
        hass = request.app["hass"]
        user = request["hass_user"]

-        credentials = self._retrieve_credentials(
-            data["client_id"], RESULT_TYPE_CREDENTIALS, data["code"]
-        )
+        credentials = self._retrieve_credentials(data["client_id"], data["code"])

        if credentials is None:
            return self.json_message("Invalid code", status_code=HTTPStatus.BAD_REQUEST)
@ -426,30 +417,25 @@ def _create_auth_code_store():
    @callback
    def store_result(client_id, result):
        """Store flow result and return a code to retrieve it."""
-        if isinstance(result, User):
-            result_type = RESULT_TYPE_USER
-        elif isinstance(result, Credentials):
-            result_type = RESULT_TYPE_CREDENTIALS
-        else:
-            raise ValueError("result has to be either User or Credentials")
+        if not isinstance(result, Credentials):
+            raise ValueError("result has to be a Credentials instance")

        code = uuid.uuid4().hex
-        temp_results[(client_id, result_type, code)] = (
+        temp_results[(client_id, code)] = (
            dt_util.utcnow(),
-            result_type,
            result,
        )
        return code

    @callback
-    def retrieve_result(client_id, result_type, code):
+    def retrieve_result(client_id, code):
        """Retrieve flow result."""
-        key = (client_id, result_type, code)
+        key = (client_id, code)

        if key not in temp_results:
            return None

-        created, _, result = temp_results.pop(key)
+        created, result = temp_results.pop(key)

        # OAuth 4.2.1
        # The authorization code MUST expire shortly after it is issued to