feat(openHEXA): add openHEXA client #49
Conversation
cheikhgwane
force-pushed
the
feat/hexa-client
branch
3 times, most recently
from
27ffa0c
to
4ef934c
Compare
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
4ef934c
to
025e420
Compare
openhexa/toolbox/hexa/api.py
Outdated
| elif with_token: | ||
| self.session.headers.update({"Authorization": f"Bearer {with_token}"}) | ||
| try: | ||
| self.query("""query{me {user {id}}}""") |
There was a problem hiding this comment.
This won't work if MFA is enabled and you login , need to remove this line or add an if else block for MFA, or tell user to disable MFA
There was a problem hiding this comment.
Yes, you're right.
There was a problem hiding this comment.
Are you sure it's not the opposite ? IMO it's the auth with username/password that would require the 2FA and not the token auth.
There was a problem hiding this comment.
@qgerome Indeed the login when 2FA is enabled the login with username/password will not work and with token we cannot query the User ("""query{me {user {id}}}""") because of :
request.user.is_verified()(no attribute is_verified). I propose to update the condition
if has_configured_two_factor(request.user) and getattr(request, "bypass_two_factor", False):..WDYT?
There was a problem hiding this comment.
Yes, I have arrived to same code blocks as Cheick when i was looking into why it wasn't working for Jipe and Martin at some point.
There was a problem hiding this comment.
I would not skip 2fa on backend side, as it removes the point of having one. To use the toolbox in the pipeline with the token the user with 2FA enabled, I would suggest to avoid executing the "query me" to check if he is authenticated
It fits better with what we offer
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
025e420
to
ea8e3fd
Compare
cheikhgwane
force-pushed
the
feat/hexa-client
branch
2 times, most recently
from
6456c1b
to
be6422e
Compare
| pip install openhexa.toolbox | ||
| ``` | ||
|
|
||
| ## [Example](#) |
There was a problem hiding this comment.
Since the client is quite lightweight, I think it would be beneficial to include additional GraphQL query examples.
I'd propose adding the following:
1. Getting the details of a given connection
2. Browsing datasets and downloading a file
What do you think, @qgerome?
There was a problem hiding this comment.
Yes, i will add them, thx.
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
be6422e
to
e95c926
Compare
openhexa/toolbox/hexa/api.py
Outdated
| elif with_token: | ||
| self.session.headers.update({"Authorization": f"Bearer {with_token}"}) | ||
| try: | ||
| self.query("""query{me {user {id}}}""") |
There was a problem hiding this comment.
Are you sure it's not the opposite ? IMO it's the auth with username/password that would require the 2FA and not the token auth.
openhexa/toolbox/hexa/hexa.py
Outdated
| when a login or authentication error | ||
|
|
||
| Examples: | ||
| >>> from openhexa.toolbox.hexa import openHEXA |
There was a problem hiding this comment.
This is not correct, it's OpenHEXA per your file
openhexa/toolbox/hexa/hexa.py
Outdated
| or | ||
|
|
||
| >>> from openhexa.toolbox.hexa import openHEXA | ||
| >>> hexa = openHEXA(server_url="http://iaso-staging.bluesquare.org",token="token") |
docs/hexa.md
Outdated
| # We can authenticate using username / password | ||
| hexa_client = OpenHEXA("https://app.demo.openhexa.org", username="username", password="password") | ||
|
|
||
| # You can also use the token provided by OpenHEXA on the pipelines but make two-factor authentication is disabled else it will not work |
There was a problem hiding this comment.
| # You can also use the token provided by OpenHEXA on the pipelines but make two-factor authentication is disabled else it will not work | |
| # You can also use the token provided by OpenHEXA on the pipelines but make sure two-factor authentication is disabled for it to work |
docs/hexa.md
Outdated
|
|
||
| # You can also use the token provided by OpenHEXA on the pipelines but make two-factor authentication is disabled else it will not work | ||
| hexa_client = OpenHEXA("https://app.demo.openhexa.org", token="token") | ||
| page=1,per_page=10 |
cheikhgwane
force-pushed
the
feat/hexa-client
branch
2 times, most recently
from
92a68ff
to
32e9b4e
Compare
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
32e9b4e
to
4cb1dc5
Compare
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
a37b8dc
to
cb7871d
Compare
openhexa/toolbox/hexa/api.py
Outdated
| ) | ||
| resp.raise_for_status() | ||
| data = resp.json()["data"] | ||
| if data["login"]["success"]: |
There was a problem hiding this comment.
The correct way to ensure that the person has no 2FA is to check the errors on the result of the login mutation.
cheikhgwane
force-pushed
the
feat/hexa-client
branch
from
5b054bb
to
d015db7
Compare
https://bluesquare.atlassian.net/jira/software/c/projects/HEXA/boards/330?assignee=712020%3A1d0055ff-af59-47b7-b48d-4d37e2a0d0b9&selectedIssue=HEXA-994