Story #16314

Support literal user/pass pairs in config file + make arvbox use it instead of SSO

Added by Peter Amstutz 10 months ago. Updated 5 months ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Tom Clegg
Category:
Login
Target version:
2020-09-09 Sprint
Start date:
08/18/2020
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
1.0
Release:
Arvados 2.1.0
Release relationship:
Auto

Description

Example config file excerpt:

  Login:
    # Authenticate test users only.
    Test:
      Enable: true
      Users:
        active:
          email: active-user@arvados.local
          password: xyzzy
        projectviewer:
          email: project-viewer@arvados.local
          password: xyzzy

In the process, can we fix the hardcoded localhost/port check for redirect to SSO server in 

lib/controller/handler_test.go line 197
lib/controller/rpc/conn_test.go line 61

Subtasks

Task #16323: Review 16314-testuserdbResolvedTom Clegg

Task #16747: Review 16314-arvbox-testuserdbResolvedTom Clegg

Related issues

Related to Arvados Epics - Story #15322: Replace and delete sso-providerResolved03/11/202008/26/2020

Associated revisions

Revision 2094173f
Added by Tom Clegg 5 months ago

Merge branch '16314-testuserdb'

refs #16314

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

Revision 1f798f8b (diff)
Added by Tom Clegg 5 months ago

Fix config key case.

refs #16314

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

Revision 5c4b585c
Added by Tom Clegg 5 months ago

Merge branch '16314-arvbox-testuserdb'

refs #16314

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

Revision 49a14f5b
Added by Tom Clegg 5 months ago

Merge branch '16314-test-user-db'

refs #16314

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

History

#1 Updated by Peter Amstutz 10 months ago

  • Category set to Login

#2 Updated by Peter Amstutz 10 months ago

  • Story points set to 1.0
  • Assigned To set to Peter Amstutz

#3 Updated by Peter Amstutz 9 months ago

  • Target version changed from 2020-04-22 to 2020-05-06 Sprint

#4 Updated by Peter Amstutz 9 months ago

  • Related to Story #15322: Replace and delete sso-provider added

#5 Updated by Peter Amstutz 9 months ago

  • Target version changed from 2020-05-06 Sprint to 2020-05-20 Sprint

#6 Updated by Peter Amstutz 9 months ago

  • Target version changed from 2020-05-20 Sprint to 2020-06-03 Sprint

#7 Updated by Peter Amstutz 8 months ago

  • Target version changed from 2020-06-03 Sprint to 2020-06-17 Sprint

#8 Updated by Peter Amstutz 7 months ago

  • Target version deleted (2020-06-17 Sprint)

#9 Updated by Tom Clegg 7 months ago

  • Subject changed from arvbox uses PAM login instead of SSO to Support literal user/pass pairs in config file + make arvbox use it instead of SSO

#10 Updated by Tom Clegg 7 months ago

  • Description updated (diff)

#11 Updated by Peter Amstutz 7 months ago

Maybe it should use hashed passwords at least?

#12 Updated by Tom Clegg 6 months ago

Since this is only intended for test environments, I don't think hashed passwords need to be a priority.

#13 Updated by Peter Amstutz 6 months ago

  • Release set to 25
  • Target version set to 2020-08-26 Sprint

#14 Updated by Peter Amstutz 6 months ago

  • Assigned To changed from Peter Amstutz to Tom Clegg

#15 Updated by Ward Vandewege 5 months ago

  • Description updated (diff)

#16 Updated by Ward Vandewege 5 months ago

  • Description updated (diff)

#17 Updated by Tom Clegg 5 months ago

  • Status changed from New to In Progress

#18 Updated by Tom Clegg 5 months ago

This branch just adds config/controller support (planning to update arvbox / run-tests.sh in a separate branch).

16314-testuserdb @ 20cea53c48260a0cec3d588c2af520b27433b8c1 -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2015/

#19 Updated by Lucas Di Pentima 5 months ago

  • File lib/controller/localdb/login.go
    • Line 38 et al: Having so many wantX condition checks is making hard to follow the case statements, could we just check that the number of true wantX vars is 1 and then clean up the case statements for better readability?
  • Tests failed -- adding the new config to export.go seem to be missing: https://ci.arvados.org/job/developer-run-tests-remainder/2103/console

#20 Updated by Tom Clegg 5 months ago

Updated switch statement -- still a bit repetitive, but better -- and added missing config export entries.

16314-testuserdb @ 658f6be33e100b4cefd3ca7c332fe13970d6a245 -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2016/

Also added a wb2 branch, 16314-test-user-db @ arvados-workbench2|f47e1caaa5781e6f6d8e022f92cae34adf49eaad to add support for that config (I didn't change the wb2 test config, but we should probably do that when the API side is merged).

#21 Updated by Lucas Di Pentima 5 months ago

Updates at 658f6be33e100b4cefd3ca7c332fe13970d6a245 LGTM.

Workbench2 branch requires the following fix:

diff --git a/src/common/config.ts b/src/common/config.ts
index 26f8dddb..825bf132 100644
--- a/src/common/config.ts
+++ b/src/common/config.ts
@@ -235,7 +235,7 @@ export const mockClusterConfigJSON = (config: Partial<ClusterConfigJSON>): Clust
             Enable: false,
         },
         Test: {
-            Enable: boolean;
+            Enable: false,
         }
     },
     Collections: {

I've manually tried arvbox and it works great!

#22 Updated by Tom Clegg 5 months ago

16314-arvbox-testuserdb @ b4091adb7ac1a85de6ae1f18895e9d8f9da5d441 -- https://ci.arvados.org/view/Developer/job/developer-run-tests/2033/

Changes arvbox to use the Test login mechanism (with default logins user/user and admin/admin) instead of SSO. Uses a basic login form served from controller.

#23 Updated by Lucas Di Pentima 5 months ago

  • File doc/install/arvbox.html.textile.liquid mentions SSO related things on lines 83, 137, 140
  • Workbench2 branch needs a fix at file src/common/config.ts line 238 → s/;/,/
  • Other than that, LGTM.

#24 Updated by Tom Clegg 5 months ago

  • Target version changed from 2020-08-26 Sprint to 2020-09-09 Sprint

#25 Updated by Tom Clegg 5 months ago

  • Status changed from In Progress to Resolved

Also available in: Atom PDF