Feature DAPS 1215 foxx UserGetAccessTokenRequest mapped collection support #1284
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 23 commits
January 24, 2025 15:41
…UserAccessTokenReply to support finding correct tokens
…& DatabaseAPI.hpp Use updated names and types. ClientWorker.cpp Update comments.
…oken match and missing match cases
…ir/list to test out changes.
…es on covered cases; add notes on code
…lientWorker.cpp Add refresh token try/catch to send through flow if refresh fails
…irect to error when needs_consent
…duced for handling logic for validating params when getting tokens and building GetAccessToken responses. user_router.js Replace logic with calls to new lib
…n. user_router.js Remove unnecessary comment.
…ken document required fields. user_token.test.js Add preliminary unit tests for static methods.
… naming to match convention.
… Add simple tests for get/token endpoint. user_token.js Fix naming for token document scopes field. user_token.test.js Changes for scope field bugfix.
…, add note about token type.
…API.cpp Remove TODOs. SDMS_Auth.proto Remove unused field.
…DatabaseAPI.cpp Add note on possibly missing field. user_token.test.js Update tests to check for new expected values.
t-ramz
added
Component: Database
Reviewer's Guide by SourceryThis pull request adds support for mapped collections when fetching user tokens using the Sequence diagram for user token retrieval with collection supportsequenceDiagram
participant Client
participant Router
participant UserToken
participant Database
participant GlobusAPI
Client->>Router: GET /token/get
Note over Router: Check collection params
Router->>UserToken: validateRequestParams()
UserToken-->>Router: collection_token status
alt has collection token
Router->>Database: Query token edges
Database-->>Router: token matches
alt token needs refresh
Router->>GlobusAPI: refreshAccessToken()
GlobusAPI-->>Router: new token
Router->>Database: userSetAccessToken()
end
end
Router->>UserToken: formatUserToken()
UserToken-->>Router: formatted response
Router-->>Client: token response
Entity relationship diagram for user tokens and collectionserDiagram
User ||--o{ GlobusToken : has
GlobusToken ||--o| Collection : associated_with
User {
string _id
string access
string refresh
number expiration
}
GlobusToken {
string access
string refresh
number expiration
number type
string dependent_scopes
}
Collection {
string _id
string collection_type
}
Class diagram for UserToken implementationclassDiagram
class UserToken {
+validateRequestParams(query_params: object) boolean
+formatUserToken(is_collection_token: boolean, token_document: object, needs_consent: boolean) userTokenResponse
}
class userTokenResponse {
+needs_consent: boolean
+access: string
+refresh: string
+expires_in: number
+token_type: AccessTokenType
+scopes: string
}
class AccessTokenType {
<<enumeration>>
GLOBUS_AUTH
GLOBUS_TRANSFER
GLOBUS_DEFAULT
ACCESS_SENTINEL
}
UserToken ..> userTokenResponse : creates
UserToken ..> AccessTokenType : uses
File-Level Changes
Assessment against linked issues
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hey @t-ramz - I've reviewed your changes - here's some feedback:
Overall Comments:
- Consider adding error logging in ClientWorker.cpp when token refresh fails, to help with debugging consent flow issues.
Here's what I looked at during the review
- 🟡 General issues: 1 issue found
- 🟢 Security: all looks good
- 🟡 Testing: 1 issue found
- 🟡 Complexity: 1 issue found
- 🟢 Documentation: all looks good
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
| const std::string collection_id, | ||
| const std::string collection_type, | ||
| bool &needs_consent, | ||
| int &token_type, // TODO: use underlying type? |
There was a problem hiding this comment.
suggestion: Use a proper enum type for token_type instead of int for better type safety
Suggested implementation:
bool &needs_consent,
enum class TokenType {
Bearer,
Basic,
Digest,
OAuth
} &token_type,
std::string &scopes, LogContext log_context);
This change will require:
- Updating all calls to userGetAccessToken() to use the new TokenType enum
- Updating the implementation of userGetAccessToken() to work with the enum
- If the token_type values need to match specific integer values (e.g., for protocol compatibility), you can explicitly set them in the enum like:
enum class TokenType { Bearer = 1, Basic = 2, // etc. };
There was a problem hiding this comment.
I had trouble converting from the numeric type I get as a return from JSON deserialization to the AccessTokenType that is represented here as an int. I chose to go the path of simply representing this as an int for now, which is the direct type that AccessTokenType (which is unfortunately not an enum class) compiles to in order to make the single comparison I absolutely need.
| @@ -697,6 +698,10 @@ router | |||
| router | |||
| .get("/token/get", function (req, res) { | |||
There was a problem hiding this comment.
issue (complexity): Consider using a direct AQL query to simplify edge filtering logic and improve performance.
The edge filtering logic can be simplified by replacing the manual filtering with a direct AQL query. This would reduce nesting and improve readability while maintaining the same functionality:
let token_document = user;
let needs_consent = false;
if (collection_token) {
// Direct query instead of filtering edges
const query = aql`
FOR token IN globus_token
FILTER token._from == ${user._id}
AND token._to == ${globus_collection._id}
LIMIT 1
RETURN token
`;
const token_matches = g_db._query(query).toArray();
if (token_matches.length === 1) {
token_document = token_matches[0];
needs_consent = false;
} else {
token_document = {};
needs_consent = true;
}
}This approach:
- Eliminates edge filtering and multiple nested conditions
- Performs filtering at the database level for better performance
- Maintains the same functionality with clearer intent
- Reduces cognitive complexity by flattening the logic
added 5 commits
February 4, 2025 12:54
…5-foxx-UserGetAccessRequest-mapped-collection
t-ramz
commented
Feb 5, 2025
| let needs_consent = false; | ||
| if (collection_token) { | ||
| const globus_collection = g_db.globus_coll.exists({ _key: collection_id }); | ||
| // TODO: should this be a query? |
There was a problem hiding this comment.
Another alternative is to use
const token_matches = g_db.globus_token.byExample({
_from: user._id
_to: globus_collection?._id,
}).toArray();The change would require a pre-check of globus_collection's existence, otherwise Arango will throw an error.
But this may be both more readable and more performant.
t-ramz
commented
Feb 5, 2025
| let needs_consent = false; | ||
| if (collection_token) { | ||
| const globus_collection = g_db.globus_coll.exists({ _key: collection_id }); | ||
| // TODO: should this be a query? |
There was a problem hiding this comment.
Another possibility is the query:
const token_matches = g_db._query(
"FOR token_match " +
"IN globus_token " +
"FILTER token_match._from == @user_id " +
" AND token_match._to == @collection_id " +
"RETURN token_match",
{
user_id: user._id,
collection_id: globus_collection._id,
}
).toArray();This would require no other changes to logic. I'm not sure how much more performant or readable it is, however.
There was a problem hiding this comment.
I’m a fan of using built-in methods to accomplish tasks. Raw queries nowadays are only necessary if we can’t accomplish what we need natively with our dependencies or it’s blocking other queries (some kind of table lock etc)
There was a problem hiding this comment.
Agreed. Do you think that the byExample method or outEdges method and then filter on the resulting array is more readable?
There was a problem hiding this comment.
I like byExample. Seems straightforward for what we need
const user = g_db.u.byExample({ _id: req.queryParams.subject }).toArray();
``There was a problem hiding this comment.
I also like that, and I found other uses of byExample in the Foxx API, so I think it fits in better as well. Will make that change 🫡
There was a problem hiding this comment.
This has been implemented, along with an additional test to look for the missing collection case!
There was a problem hiding this comment.
On further thought, should this return a needs_consent message when the collection does not exist?
There was a problem hiding this comment.
Yeah, that was the old behavior. Brought that back.
t-ramz
commented
Feb 5, 2025
| } else { | ||
| try { | ||
| m_globus_api.refreshAccessToken(ref_tok, acc_tok, expires_in); | ||
| m_db_client.userSetAccessToken( |
There was a problem hiding this comment.
This attempts to cover condition 2, "If token is in database for mapped collection, check expiration, if invalid use refresh token to create new access token, save in database, return needs_consent bool false"
t-ramz
commented
Feb 5, 2025
| if (expires_in < 300) { | ||
| if (needs_consent) { | ||
| // short circuit to reply | ||
| } else if (expires_in < 300) { |
There was a problem hiding this comment.
This attempts to cover condition 1, "If token is in database for mapped collection, check expiration if valid return token, needs_consent bool is false"
t-ramz
commented
Feb 5, 2025
| } catch (TraceException &e) { // NOTE: assumes refresh failed (invalid or | ||
| // failure). new token fetched will upsert | ||
| // and overwrite old values on database | ||
| needs_consent = true; |
There was a problem hiding this comment.
This attempts to cover condition 3, "If token is in database for mapped collection, check expiration, if invalid refresh token fails, return needs_consent true"
t-ramz
commented
Feb 5, 2025
| } else { | ||
| // Cases covered: no matches, no tokens, no collection - all require same consent flow | ||
| token_document = {}; | ||
| needs_consent = true; |
There was a problem hiding this comment.
This attempts to cover condition 4, "If token is not in database, return needs_consent: true"
t-ramz
commented
Feb 5, 2025
| } | ||
| // TODO: account for AccessTokenType; currently only GLOBUS_DEFAULT and GLOBUS_TRANSFER are supported | ||
| token_document = token_matches[0]; | ||
| needs_consent = false; |
There was a problem hiding this comment.
This attempts to cover condition 1, "If token is in database for mapped collection, check expiration if valid return token, needs_consent bool is false"
JoshuaSBrown
reviewed
Feb 7, 2025
Comment on lines
+127
to
+128
| optional string collection_id = 1; | ||
| optional string collection_type = 2; // TODO: use enum |
There was a problem hiding this comment.
Yes, do you have that in an issue?
GUEST
MAPPED
PERSONAL
We might need to explore what the options should be for this.
There was a problem hiding this comment.
Not in this pr though.
AronPerez
reviewed
Feb 7, 2025
| result_token.access = token_document.access; | ||
| result_token.refresh = token_document.refresh; | ||
| if (token_document.expiration) { | ||
| const expires_in = token_document.expiration - Math.floor(Date.now() / 1000); |
There was a problem hiding this comment.
What does Math.floor(Date.now() / 1000) corrospond to
There was a problem hiding this comment.
This was a copy/paste from https://github.com/ORNL/DataFed/blob/devel/core/database/foxx/api/user_router.js#L720
This is normalizing the data stored on the database from the expiry date/time to a time until expiry.
| let needs_consent = false; | ||
| if (collection_token) { | ||
| const globus_collection = g_db.globus_coll.exists({ _key: collection_id }); | ||
| // TODO: should this be a query? |
There was a problem hiding this comment.
I like byExample. Seems straightforward for what we need
const user = g_db.u.byExample({ _id: req.queryParams.subject }).toArray();
``
JoshuaSBrown
reviewed
Feb 7, 2025
common/proto/common/SDMS_Auth.proto
Outdated
| required uint32 expires_in = 2; // Access token expiration in seconds | ||
| required string access = 1; // Globus access token | ||
| required uint32 expires_in = 2; // Access token expiration in seconds | ||
| required bool needs_consent = 3; // Indicate requirement of consent flow |
There was a problem hiding this comment.
If you make this required you will break the API, can we get away with keeping this optional? And assume if it was not specified then it does not need consent.
When I say break the API, I mean that it won't be backwards compatible with how it is implemented currently.
There was a problem hiding this comment.
In proto3 they have actually moved to using optional by default and avoided required for this reason.
There was a problem hiding this comment.
Good point. With that in mind, all code that can point to a mapped collection will need to validate both the field's existence and the field's value
There was a problem hiding this comment.
I made it optional, do you have an idea on how we can enforce some diligence on checks?
There was a problem hiding this comment.
When the message comes into the core service, whether from the web server or the python client, it will go through the DatabaseAPI class. That would be a good place.
JoshuaSBrown
reviewed
Feb 7, 2025
| @@ -22,6 +22,7 @@ if( ENABLE_FOXX_TESTS ) | |||
| add_test(NAME foxx_support COMMAND "${CMAKE_CURRENT_SOURCE_DIR}/tests/test_foxx.sh" -t "unit_support") | |||
| add_test(NAME foxx_user_router COMMAND "${CMAKE_CURRENT_SOURCE_DIR}/tests/test_foxx.sh" -t "unit_user_router") | |||
| add_test(NAME foxx_authz_router COMMAND "${CMAKE_CURRENT_SOURCE_DIR}/tests/test_foxx.sh" -t "unit_authz_router") | |||
| add_test(NAME foxx_unit_user_token COMMAND "${CMAKE_CURRENT_SOURCE_DIR}/tests/test_foxx.sh" -t "unit_user_token") | |||
added 4 commits
February 7, 2025 12:11
…ng Globus collection. Add globus_coll fixture.
… collection tokens are present. user_router.test.js Update test from error to needs_consent.
AronPerez
approved these changes
Feb 11, 2025
nedvedba
pushed a commit
that referenced
this pull request
Mar 6, 2025
…pport (#1284) * Begin prototyping required code for mapped collection token retrieval. * SDMS_Auth.proto Add optional fields to UserGetAccessTokenRequest and UserAccessTokenReply to support finding correct tokens * user_router.js Add baseline query params and checks. DatabaseAPI.cpp & DatabaseAPI.hpp Use updated names and types. ClientWorker.cpp Update comments. * user_router.js Add logic for finding token based on collection; add token match and missing match cases * Return necessary data from Database to refresh tokens. Mock data on dir/list to test out changes. * user_router.js Add check for existence of Globus collection * user_router.js Remove existence check, move to filter method; Add notes on covered cases; add notes on code * datafed-ws.js Temporary handling of need consent response. * user_router.js Add queryParam validation for new params via joilib. ClientWorker.cpp Add refresh token try/catch to send through flow if refresh fails * datafed-ws.js Use correct converted casing for protobuf messages; redirect to error when needs_consent * datafed-ws.js No redirect, show error directly in list. * datafed-ws.js Early return to prevent further requests * support.js Update AccessTokenType enum. user_token.js New class introduced for handling logic for validating params when getting tokens and building GetAccessToken responses. user_router.js Replace logic with calls to new lib * user_token.js Add jsdoc definition for return type and format function. user_router.js Remove unnecessary comment. * user_token.js More jsdoc definition; Add validation for collection token document required fields. user_token.test.js Add preliminary unit tests for static methods. * CMakeLists.txt Add new unit tests to build. user_token.test.js Modify naming to match convention. * CMakeLists.txt Fix variable get. user_token.js Fix export. * user_fixture.js Add new user for get/token tests. user_router.test.js Add simple tests for get/token endpoint. user_token.js Fix naming for token document scopes field. user_token.test.js Changes for scope field bugfix. * user_router.js Formatting; Throw error if more than one token matches, add note about token type. * ClientWorker.cpp Address some TODOs and extraneous comments. DatabaseAPI.cpp Remove TODOs. SDMS_Auth.proto Remove unused field. * user_token.js Update formatUserToken to always return object values. DatabaseAPI.cpp Add note on possibly missing field. user_token.test.js Update tests to check for new expected values. * user_router.js Clean up some comments for clarity. datafed-ws.js Formatting. * ClientWorker.cpp Rewrite comment regarding mapped token refresh. * user_token.js Formatting. * CHANGELOG.md update for feature * user_router.js Re-introduce accidentally removed `globus_collection` object. * CMakeLists.txt Remove comment about necessity * Update token lookup logic to use `byExample`, add test case for missing Globus collection. Add globus_coll fixture. * SDMS_Auth.proto Change UserAccessTokenReply needs_consent to optional field. * user_router.js Update token/get to default to start consent flow when collection tokens are present. user_router.test.js Update test from error to needs_consent. * Formatting changes. --------- Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov>
JoshuaSBrown
added a commit
that referenced
this pull request
Mar 11, 2025
* Merge hotfixes into devel (#1326) * [DAPS-DEPS] Update cpp-py-formatter to 0.3.0 * [DAPS-DEPS] Update cpp-py-formatter to 0.3.1 * [DAPS-DEPS] Update ver, add push * updated versions for release * Update project.rst * Update format-check.yml * Pull in version numbers appropriately * Avoid build cache * Aggressive prune * Trigger rebuild * generate_repo_config.sh Accept env variable for datafed server from repo service instead of hard coding * Allow core config thread options to be read in from env * Add changelog comment * Adjust deployment version number * Fix Version month * Update CHANGELOG.md Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> --------- Co-authored-by: Aaron Perez <perezam@ornl.gov> Co-authored-by: Blake Nedved <nedvedba@ornl.gov> Co-authored-by: Joshua S Brown <joshbro42867@yahoo.com> Co-authored-by: JoshuaSBrown <brownjs@ornl.gov> Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> Co-authored-by: nedvedba <145805866+nedvedba@users.noreply.github.com> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> * Feature DAPS 1215 foxx UserGetAccessTokenRequest mapped collection support (#1284) * Begin prototyping required code for mapped collection token retrieval. * SDMS_Auth.proto Add optional fields to UserGetAccessTokenRequest and UserAccessTokenReply to support finding correct tokens * user_router.js Add baseline query params and checks. DatabaseAPI.cpp & DatabaseAPI.hpp Use updated names and types. ClientWorker.cpp Update comments. * user_router.js Add logic for finding token based on collection; add token match and missing match cases * Return necessary data from Database to refresh tokens. Mock data on dir/list to test out changes. * user_router.js Add check for existence of Globus collection * user_router.js Remove existence check, move to filter method; Add notes on covered cases; add notes on code * datafed-ws.js Temporary handling of need consent response. * user_router.js Add queryParam validation for new params via joilib. ClientWorker.cpp Add refresh token try/catch to send through flow if refresh fails * datafed-ws.js Use correct converted casing for protobuf messages; redirect to error when needs_consent * datafed-ws.js No redirect, show error directly in list. * datafed-ws.js Early return to prevent further requests * support.js Update AccessTokenType enum. user_token.js New class introduced for handling logic for validating params when getting tokens and building GetAccessToken responses. user_router.js Replace logic with calls to new lib * user_token.js Add jsdoc definition for return type and format function. user_router.js Remove unnecessary comment. * user_token.js More jsdoc definition; Add validation for collection token document required fields. user_token.test.js Add preliminary unit tests for static methods. * CMakeLists.txt Add new unit tests to build. user_token.test.js Modify naming to match convention. * CMakeLists.txt Fix variable get. user_token.js Fix export. * user_fixture.js Add new user for get/token tests. user_router.test.js Add simple tests for get/token endpoint. user_token.js Fix naming for token document scopes field. user_token.test.js Changes for scope field bugfix. * user_router.js Formatting; Throw error if more than one token matches, add note about token type. * ClientWorker.cpp Address some TODOs and extraneous comments. DatabaseAPI.cpp Remove TODOs. SDMS_Auth.proto Remove unused field. * user_token.js Update formatUserToken to always return object values. DatabaseAPI.cpp Add note on possibly missing field. user_token.test.js Update tests to check for new expected values. * user_router.js Clean up some comments for clarity. datafed-ws.js Formatting. * ClientWorker.cpp Rewrite comment regarding mapped token refresh. * user_token.js Formatting. * CHANGELOG.md update for feature * user_router.js Re-introduce accidentally removed `globus_collection` object. * CMakeLists.txt Remove comment about necessity * Update token lookup logic to use `byExample`, add test case for missing Globus collection. Add globus_coll fixture. * SDMS_Auth.proto Change UserAccessTokenReply needs_consent to optional field. * user_router.js Update token/get to default to start consent flow when collection tokens are present. user_router.test.js Update test from error to needs_consent. * Formatting changes. --------- Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> * [DLT-1110] Implement Consent Required Action (3/4 & 4/4) (#1242) * [DLT-1110] Refactor browse into component and use CSS * [DAPS-1110] Update * [DAPS-1110] Update web server * [DAPS-1110] add refactors * [DAPS-1110] Prettier * [DAPS-1110] Refactor tests * [DAPS-1110] Remove .. in ep ls, remove logs * [DAPS-1110] Add sinon, remove dead code * [DAPS-1110] Address transfer start button bug * [DAPS-1110] eslint, update api.test.js to reflect usage * [DAPS-1110] format * [DAPS-1110] Correct bug * JSON parse error fix (#1328) * DatabaseAPI.cpp Pull in json dependency, use json object to serialize request payload * Replace json serialization in more locations where parseSearchRequest is being called. * Add comments around locations that will need json serialization * Convert missed body append to serialization format * typo * Refactoring DatabaseAPI.cpp to incorporate json serialization * More serialization work * Pull in changes from 1214 for dataPut * Bring in changes from 1214 for dataGet * DatabaseAPI.cpp Fix error with missing curly brace. Some formatting that is likely wrong. Serialize up to original point. Need to validate. * Add missing scope resolution * More typos * More typos. Scoping * Remove non-existant vars * declare body * Formatting * Formatting and verification of updates * Replace most places * Formatting * Remove redeclaration * DatabaseAPI.cpp Remove some comments. * DatabaseAPI.cpp Add missing push_back * Adding braces * Prevent Double Escaping string, by using nlohmann json parse to read in value. * remove escapeJSON calls, redundant with nlohmann json dump * Allow parsing for metric data to be run in parallel for now, output messages when old serialization is used. * Ensure ASCII setting. * Upgrade debug to warning. --------- Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> Co-authored-by: Austin Hampton <amh107@latech.edu> Co-authored-by: Joshua S Brown <joshbro42867@yahoo.com> * Feature - Mapped Collection Token Support (#1334) * Begin prototyping required code for mapped collection token retrieval. * SDMS_Auth.proto Add optional fields to UserGetAccessTokenRequest and UserAccessTokenReply to support finding correct tokens * user_router.js Add baseline query params and checks. DatabaseAPI.cpp & DatabaseAPI.hpp Use updated names and types. ClientWorker.cpp Update comments. * user_router.js Add logic for finding token based on collection; add token match and missing match cases * Return necessary data from Database to refresh tokens. Mock data on dir/list to test out changes. * user_router.js Add check for existence of Globus collection * user_router.js Remove existence check, move to filter method; Add notes on covered cases; add notes on code * datafed-ws.js Temporary handling of need consent response. * user_router.js Add queryParam validation for new params via joilib. ClientWorker.cpp Add refresh token try/catch to send through flow if refresh fails * datafed-ws.js Use correct converted casing for protobuf messages; redirect to error when needs_consent * datafed-ws.js No redirect, show error directly in list. * datafed-ws.js Early return to prevent further requests * support.js Update AccessTokenType enum. user_token.js New class introduced for handling logic for validating params when getting tokens and building GetAccessToken responses. user_router.js Replace logic with calls to new lib * user_token.js Add jsdoc definition for return type and format function. user_router.js Remove unnecessary comment. * user_token.js More jsdoc definition; Add validation for collection token document required fields. user_token.test.js Add preliminary unit tests for static methods. * CMakeLists.txt Add new unit tests to build. user_token.test.js Modify naming to match convention. * CMakeLists.txt Fix variable get. user_token.js Fix export. * user_fixture.js Add new user for get/token tests. user_router.test.js Add simple tests for get/token endpoint. user_token.js Fix naming for token document scopes field. user_token.test.js Changes for scope field bugfix. * user_router.js Formatting; Throw error if more than one token matches, add note about token type. * ClientWorker.cpp Address some TODOs and extraneous comments. DatabaseAPI.cpp Remove TODOs. SDMS_Auth.proto Remove unused field. * user_token.js Update formatUserToken to always return object values. DatabaseAPI.cpp Add note on possibly missing field. user_token.test.js Update tests to check for new expected values. * user_router.js Clean up some comments for clarity. datafed-ws.js Formatting. * ClientWorker.cpp Rewrite comment regarding mapped token refresh. * user_token.js Formatting. * CHANGELOG.md update for feature * user_router.js Re-introduce accidentally removed `globus_collection` object. * CMakeLists.txt Remove comment about necessity * Add collection_type and collection_id to dat/put task state * support.js Update getAccessToken method to work based on collection information, JSDoc. tasks.js Include context required in call to getAccessToken, add comment on refresh. TaskWorker.cpp Identify where changes will be reflected. * Update token lookup logic to use `byExample`, add test case for missing Globus collection. Add globus_coll fixture. * SDMS_Auth.proto Change UserAccessTokenReply needs_consent to optional field. * user_router.js Update token/get to default to start consent flow when collection tokens are present. user_router.test.js Update test from error to needs_consent. * Formatting changes. * SDMS_Auth.proto Add new fields to DataGetRequest * Begin refactor of token decision logic. * Address bugs in fetching and mapping data, make unit tests pass. * globus_token.js Match other models for get * tasks.js Pull in new logic for determining tokens, replace tokens; Needs to be verified. user_token.js Add new format function for compatibility with transfer doc replacement. * DatabaseAPI.cpp Sane serialization of json body for taskInitDataPut. TaskWorker.cpp Comments around work items. * DatabaseAPI.cpp Sane serialization of json body for taskInitDataGet. * ClientWorker.cpp Stub out required changes for consent flow when creating tasks * ClientWorker.cpp More thorough consent flow for procDataPutRequest, stub on needs_consent * tasks.js Throw error when initializing data put * tasks.js Format error throwing. ClientWorker.cpp comment out potentially unnecessary code. * user_token.js Add exists method to abstract check. tasks.js User exists method when checking token. * user_token.js JSDoc typing * tasks.js Add more required fields to taskRunDataPut for refresh in TaskWorker. * tasks.js Add collection_id to params in taskRunDataPut for refresh in TaskWorker. TaskWorker.cpp Refresh conditionals * DatabaseAPI.cpp Update merged devel changes to address some leftover code. * DatabaseAPI.cpp Add collection specification to get request. * DatabaseAPI.cpp whitespace. ClientWorker.cpp Clean up unused code. user_router.js Switch to checking token existence through standard API. * user_token.js Add comment about type return. data_router.js Do validations at router level for user collection token relationship. tasks.js Remove validation from logic level; make dataGet mirror dataPut; Updates to naming and params structure. * ClientWorker.cpp Revert to minimize diff. TaskWorker.cpp Remove unnecessary TODO; move set client for refresh in transfer tasks. * models/ JSDocs, formatting, make token fetches follow defined model. user_token.js JSDocs and typing. * user_token.js Cover case where collection does not exist. * Small changes for UI detection of collection type * fix epview call for UI changes, add list view change to react appropriately to needing consent according to current code * extract ep view logic to function for either path to utilize * small changes and notes for UI updates * UI search based on path, not ID. camelCasing * TaskWorker.cpp small fix to only enforce requirement of additional refresh fields when token is transfer token. * add params for dat/get on UI * task.js Fix bug where client is incorrectly referenced. * Add user model tests. Extract DataFedOAuthToken.js from user_token.js for reusability. * Add globus collection model tests. * Add globus token tests. Add fixtures to support globus token testing. Make all model properties static for iteration purposes. Utilize constructors for typing. * Add user token tests. Make non-existent user throw an error when building user tokens. * Change error to be not found * Formatting changes * Remove unused changes in support.js getAccessToken * Changelog update, update comments, remove log. --------- Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> * Add small fix for storeCollectionId (#1341) * Add small fix for storeCollectionId * move todo comment --------- Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> --------- Co-authored-by: Anthony <64566330+t-ramz@users.noreply.github.com> Co-authored-by: Aaron Perez <perezam@ornl.gov> Co-authored-by: Joshua S Brown <joshbro42867@yahoo.com> Co-authored-by: JoshuaSBrown <brownjs@ornl.gov> Co-authored-by: Anthony Ramirez <ramirezat@ornl.gov> Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com> Co-authored-by: Aaron Perez <aperez0295@gmail.com> Co-authored-by: Austin Hampton <amh107@latech.edu>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #1215
PR Description
Add support for mapped collections when using
UserGetAccessTokenRequestmessage to fetch user tokens.Additionally, stub support for HA collections via comments and query parameters.
Tasks
Summary by Sourcery
Add support for mapped collections to the UserGetAccessTokenRequest message.
New Features:
Tests: