Update the authentication process for remote storages #4241
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
shinyhappydan
commented
Sep 3, 2023
...orage/src/main/scala/ch/epfl/bluebrain/nexus/delta/plugins/storage/StoragePluginModule.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthenticateAs.scala
Outdated
Show resolved
Hide resolved
shinyhappydan
commented
Sep 3, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
shinyhappydan
commented
Sep 3, 2023
delta/kernel/src/main/scala/ch/epfl/bluebrain/nexus/delta/kernel/cache/KeyValueStore.scala
Outdated
Show resolved
Hide resolved
shinyhappydan
commented
Sep 3, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
shinyhappydan
commented
Sep 3, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/KeycloakAuthService.scala
Outdated
Show resolved
Hide resolved
shinyhappydan
commented
Sep 3, 2023
Comment on lines
36
to
43
| Encoder.AsObject.instance[TokenError] { | ||
| case TokenHttpError(r) => | ||
| JsonObject(keywords.tpe := "TokenHttpError", "reason" := r.reason) | ||
| case TokenNotFoundInResponse(r) => | ||
| JsonObject(keywords.tpe -> "TokenNotFoundInResponse".asJson, "reason" := r.message) | ||
| case ExpiryNotFoundInResponse(r) => | ||
| JsonObject(keywords.tpe -> "ExpiryNotFoundInResponse".asJson, "reason" := r.message) | ||
| } |
There was a problem hiding this comment.
I tried semi-automatic derivation, but the error messages are bad and I couldn't see the problem
There was a problem hiding this comment.
What do you mean ?
Also if you only use the message/reason from DecodingFailure/ HttpClientError because it is what we are interested in here, you should not run into this
There was a problem hiding this comment.
When using semi-automatic derivation for an Encoder[TokenError], there were errors which were unclear. I tried changing some obvious things, but could not fix the issue. I noticed that we had used this method elsewhere in the codebase, so I did that.
shinyhappydan
commented
Sep 3, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Show resolved
Hide resolved
imsdu
requested changes
Sep 5, 2023
| @@ -146,8 +147,12 @@ class StoragePluginModule(priority: Int) extends ModuleDef { | |||
|
|
|||
| many[ResourceShift[_, _, _]].ref[Storage.Shift] | |||
|
|
|||
| make[AuthTokenProvider].from { (cfg: StorageTypeConfig) => | |||
| AuthTokenProvider(cfg) | |||
| make[KeycloakAuthService].from { (httpClient: HttpClient @Id("storage"), realms: Realms, clock: Clock[UIO]) => | |||
There was a problem hiding this comment.
This needs to go in sdk and use the same http client as Identities
There was a problem hiding this comment.
I don't see any modules inside of sdk? Also it's using the config from the storage part
delta/kernel/src/main/scala/ch/epfl/bluebrain/nexus/delta/kernel/cache/KeyValueStore.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthenticateAs.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthenticateAs.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/KeycloakAuthService.scala
Outdated
Show resolved
Hide resolved
imsdu
requested changes
Sep 11, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
| case class Credentials(user: String, password: Secret[String], realm: Label) extends AuthMethod | ||
| object Credentials { | ||
| @nowarn("cat=unused") | ||
| implicit private val labelConfigReader: ConfigReader[Label] = ConfigReader.fromString(str => |
There was a problem hiding this comment.
We don't already have one for Label ?
There was a problem hiding this comment.
If we do I don't know where it is
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/Credentials.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/Credentials.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/Credentials.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
...e/src/main/scala/ch/epfl/bluebrain/nexus/delta/plugins/storage/storages/StoragesConfig.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/KeycloakAuthService.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/KeycloakAuthService.scala
Outdated
Show resolved
Hide resolved
imsdu
requested changes
Sep 11, 2023
...orage/src/main/scala/ch/epfl/bluebrain/nexus/delta/plugins/storage/StoragePluginModule.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/OpenIdAuthService.scala
Outdated
Show resolved
Hide resolved
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/error/AuthTokenError.scala
Show resolved
Hide resolved
docs/src/main/paradox/docs/getting-started/running-nexus/configuration/index.md
Outdated
Show resolved
Hide resolved
shinyhappydan
changed the title
imsdu
requested changes
Sep 12, 2023
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/OpenIdAuthService.scala
Outdated
Show resolved
Hide resolved
| @@ -114,6 +114,41 @@ Storages can no longer be created with credentials that would get stored: | |||
|
|
|||
| These should instead be defined in the Delta configuration. | |||
|
|
|||
| #### Remote storages | |||
There was a problem hiding this comment.
To put in the storages page and a link here to the chapter in the storage page
delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/auth/AuthTokenProvider.scala
Outdated
Show resolved
Hide resolved
delta/kernel/src/main/scala/ch/epfl/bluebrain/nexus/delta/kernel/cache/KeyValueStore.scala
Outdated
Show resolved
Hide resolved
|
imsdu
previously approved these changes
Sep 14, 2023
imsdu
approved these changes
Sep 14, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #4063
Remaining tasks: