Project

General

Profile

Actions

Feature #14196

closed

[API] issues v2 format auth tokens

Added by Peter Amstutz over 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Story points:
1.0
Release:
Release relationship:
Auto

Subtasks 1 (0 open1 closed)

Task #14237: Review 14196-api-v2-tokensResolvedPeter Amstutz10/02/2018Actions
Actions #2

Updated by Tom Morris over 6 years ago

  • Story points set to 1.0
Actions #3

Updated by Tom Morris over 6 years ago

  • Target version changed from To Be Groomed to Arvados Future Sprints
Actions #4

Updated by Tom Morris over 6 years ago

  • Target version changed from Arvados Future Sprints to 2018-10-03 Sprint
Actions #5

Updated by Lucas Di Pentima over 6 years ago

  • Assigned To set to Lucas Di Pentima
Actions #6

Updated by Peter Amstutz about 6 years ago

  • Assigned To changed from Lucas Di Pentima to Peter Amstutz
Actions #7

Updated by Peter Amstutz about 6 years ago

14196-api-v2-tokens @ 4503336797b79519f8c480af39fb72538191038a

Return v2 token in login process. Support v2 "reader" tokens. API server tests now use v2 tokens.

https://ci.curoverse.com/view/Developer/job/developer-run-tests/912/

Actions #8

Updated by Peter Amstutz about 6 years ago

  • Status changed from New to In Progress
Actions #9

Updated by Peter Amstutz about 6 years ago

14196-api-v2-tokens @ 269aba16336d6e9dcf80239465cfcfb9a841a4a9

Don't crash on expected elements in params[:reader_tokens]

https://ci.curoverse.com/view/Developer/job/developer-run-tests/915/

Actions #10

Updated by Tom Clegg about 6 years ago

Did you check whether the JS code in multi-site search does the right thing with this? I didn't look too closely but it seems like tokenUUID() in session_db.js might need to extract the UUID from the token instead of doing an API call with an api_token=X filter...?

Other than that, LGTM, thanks

Actions #11

Updated by Peter Amstutz about 6 years ago

  • Target version changed from 2018-10-03 Sprint to 2018-10-17 sprint
Actions #12

Updated by Peter Amstutz about 6 years ago

Tom Clegg wrote:

Did you check whether the JS code in multi-site search does the right thing with this? I didn't look too closely but it seems like tokenUUID() in session_db.js might need to extract the UUID from the token instead of doing an API call with an api_token=X filter...?

Thanks, I hadn't thought of the token handling in multi-site search.

Which solution do you prefer?

  • Detect v2 tokens and parse for uuid, otherwise use the existing code path
  • Change it to use /arvados/v1/api_client_authorizations/current
  • Support v2 tokens only, get rid of the AJAX request
Actions #13

Updated by Tom Clegg about 6 years ago

Peter Amstutz wrote:

  • Detect v2 tokens and parse for uuid, otherwise use the existing code path

This, please. (After this merges, people will still be using v1 tokens until they log out/in, so we shouldn't stop supporting them unless we force that to happen. And the API round trip is unnecessary with a v2 token so skipping it seems better than making it work.)

Actions #14

Updated by Peter Amstutz about 6 years ago

14196-api-v2-tokens @ d3973d7df59bffccb012eaff0bf1c11a23fb5a06

  • Fixed session_db to handle v2 tokens
  • Updated workbench test suite uses v2 tokens

https://ci.curoverse.com/view/Developer/job/developer-run-tests/923/

Actions #15

Updated by Tom Clegg about 6 years ago

Why is this?

-    response.headers['Access-Control-Max-Age'] = '86486400'
+    #response.headers['Access-Control-Max-Age'] = '86486400'
+    response.headers['Access-Control-Max-Age'] = '1'

Rest LGTM

Actions #16

Updated by Peter Amstutz about 6 years ago

  • Status changed from In Progress to Resolved
Actions #17

Updated by Tom Morris about 6 years ago

  • Release set to 14
Actions

Also available in: Atom PDF