Implement proper authorization controls for sensitive operations that can modify system configuration or create new entries. Administrative functions like service calls that create config entries should be restricted to admin-level access at minimum, or better yet, exposed as scoped integration APIs rather than general-purpose services. Additionally, ensure...
Implement proper authorization controls for sensitive operations that can modify system configuration or create new entries. Administrative functions like service calls that create config entries should be restricted to admin-level access at minimum, or better yet, exposed as scoped integration APIs rather than general-purpose services. Additionally, ensure that authentication flows are thoroughly tested to verify that reauth mechanisms trigger correctly when authorization fails.
Example of problematic code:
# Unrestricted service that can create config entries
hass.services.async_register(
DOMAIN,
"register_irk",
service_register_irk,
vol.Schema({vol.Required("irk"): cv.string}),
supports_response=SupportsResponse.NONE,
)
Better approach:
# Restrict to admin access or expose as integration API
hass.services.async_register(
DOMAIN,
"register_irk",
service_register_irk,
vol.Schema({vol.Required("irk"): cv.string}),
supports_response=SupportsResponse.NONE,
required_features=[FEATURE_ADMIN_ACCESS] # Restrict access
)
Always test that reauth flows trigger properly:
async def test_token_refresh_reauth():
aioclient_mock.post(TOKEN_URL, status=HTTPStatus.UNAUTHORIZED)
assert not await setup_integration()
assert mock_config_entry.state is ConfigEntryState.SETUP_ERROR
# Verify reauth flow has started
assert len(hass.config_entries.flow.async_progress()) == 1
Enter the URL of a public GitHub repository