Feature #14196

[API] issues v2 format auth tokens

Added by Peter Amstutz about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
10/02/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
1.0
Release:
Release relationship:
Auto

Subtasks

Task #14237: Review 14196-api-v2-tokensResolvedPeter Amstutz

Associated revisions

Revision 8d73164d
Added by Peter Amstutz about 1 year ago

Merge branch '14196-api-v2-tokens' refs #14196

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <>

History

#2 Updated by Tom Morris about 1 year ago

  • Story points set to 1.0

#3 Updated by Tom Morris about 1 year ago

  • Target version changed from To Be Groomed to Arvados Future Sprints

#4 Updated by Tom Morris about 1 year ago

  • Target version changed from Arvados Future Sprints to 2018-10-03 Sprint

#5 Updated by Lucas Di Pentima about 1 year ago

  • Assigned To set to Lucas Di Pentima

#6 Updated by Peter Amstutz about 1 year ago

  • Assigned To changed from Lucas Di Pentima to Peter Amstutz

#7 Updated by Peter Amstutz about 1 year ago

14196-api-v2-tokens @ 4503336797b79519f8c480af39fb72538191038a

Return v2 token in login process. Support v2 "reader" tokens. API server tests now use v2 tokens.

https://ci.curoverse.com/view/Developer/job/developer-run-tests/912/

#8 Updated by Peter Amstutz about 1 year ago

  • Status changed from New to In Progress

#9 Updated by Peter Amstutz about 1 year ago

14196-api-v2-tokens @ 269aba16336d6e9dcf80239465cfcfb9a841a4a9

Don't crash on expected elements in params[:reader_tokens]

https://ci.curoverse.com/view/Developer/job/developer-run-tests/915/

#10 Updated by Tom Clegg about 1 year ago

Did you check whether the JS code in multi-site search does the right thing with this? I didn't look too closely but it seems like tokenUUID() in session_db.js might need to extract the UUID from the token instead of doing an API call with an api_token=X filter...?

Other than that, LGTM, thanks

#11 Updated by Peter Amstutz about 1 year ago

  • Target version changed from 2018-10-03 Sprint to 2018-10-17 sprint

#12 Updated by Peter Amstutz about 1 year ago

Tom Clegg wrote:

Did you check whether the JS code in multi-site search does the right thing with this? I didn't look too closely but it seems like tokenUUID() in session_db.js might need to extract the UUID from the token instead of doing an API call with an api_token=X filter...?

Thanks, I hadn't thought of the token handling in multi-site search.

Which solution do you prefer?

  • Detect v2 tokens and parse for uuid, otherwise use the existing code path
  • Change it to use /arvados/v1/api_client_authorizations/current
  • Support v2 tokens only, get rid of the AJAX request

#13 Updated by Tom Clegg about 1 year ago

Peter Amstutz wrote:

  • Detect v2 tokens and parse for uuid, otherwise use the existing code path

This, please. (After this merges, people will still be using v1 tokens until they log out/in, so we shouldn't stop supporting them unless we force that to happen. And the API round trip is unnecessary with a v2 token so skipping it seems better than making it work.)

#14 Updated by Peter Amstutz about 1 year ago

14196-api-v2-tokens @ d3973d7df59bffccb012eaff0bf1c11a23fb5a06

  • Fixed session_db to handle v2 tokens
  • Updated workbench test suite uses v2 tokens

https://ci.curoverse.com/view/Developer/job/developer-run-tests/923/

#15 Updated by Tom Clegg about 1 year ago

Why is this?

-    response.headers['Access-Control-Max-Age'] = '86486400'
+    #response.headers['Access-Control-Max-Age'] = '86486400'
+    response.headers['Access-Control-Max-Age'] = '1'

Rest LGTM

#16 Updated by Peter Amstutz about 1 year ago

  • Status changed from In Progress to Resolved

#17 Updated by Tom Morris about 1 year ago

  • Release set to 14

Also available in: Atom PDF