-
Notifications
You must be signed in to change notification settings - Fork 176
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[9.0] DISET version of the TokenManager service #7793
base: integration
Are you sure you want to change the base?
Conversation
Why not put this into 8.0? The TokenManager is the only tornado service I have |
result = Registry.getIDFromDN(dn) | ||
if result["OK"]: | ||
uid = result["Value"] | ||
# To do this, first find the refresh token stored in the database with the maximum scope | ||
result = self.__tokenDB.getTokenForUserProvider(uid, idpObj.name) | ||
if result["OK"] and result["Value"]: | ||
tokens = result["Value"] | ||
result = self.__checkProperties(dn, userGroup) | ||
if result["OK"]: | ||
# refresh token with requested scope | ||
result = idpObj.refreshToken(tokens.get("refresh_token"), group=userGroup, scope=scope) | ||
if result["OK"]: | ||
return result |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
result = Registry.getIDFromDN(dn) | |
if result["OK"]: | |
uid = result["Value"] | |
# To do this, first find the refresh token stored in the database with the maximum scope | |
result = self.__tokenDB.getTokenForUserProvider(uid, idpObj.name) | |
if result["OK"] and result["Value"]: | |
tokens = result["Value"] | |
result = self.__checkProperties(dn, userGroup) | |
if result["OK"]: | |
# refresh token with requested scope | |
result = idpObj.refreshToken(tokens.get("refresh_token"), group=userGroup, scope=scope) | |
if result["OK"]: | |
return result | |
result = Registry.getIDFromDN(dn) | |
if not result["OK"]: | |
continue | |
uid = result["Value"] | |
# To do this, first find the refresh token stored in the database with the maximum scope | |
result = self.__tokenDB.getTokenForUserProvider(uid, idpObj.name) | |
if not result["OK"] or not result["Value"]: | |
continue | |
tokens = result["Value"] | |
result = self.__checkProperties(dn, userGroup) | |
if not result["OK"]: | |
continue | |
# refresh token with requested scope | |
result = idpObj.refreshToken(tokens.get("refresh_token"), group=userGroup, scope=scope) | |
if result["OK"]: | |
return result |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PS: Shouldn't we first result = self.__checkProperties(dn, userGroup)
instead of getting getTokenForUserProvider
? Seems we can do that checkProperties before?
For each and every service for which we have the DIPS and HTTPs version, we have 2 files:
class NameOfHandlerMixin:
# logic end "export_"s here
class NameOfHandler(NotificationHandlerMixin, RequestHandler):
pass
class TornadoNameOfHandler(NotificationHandlerMixin, TornadoService):
pass which should be respected also here. So, at a minimum you need to modify accordingly also the "TornadoTokenManagerHandler.py". Or, at the 2 VERY different one from the other? BTW I think this should also go to v8. |
The 8.0 version of this one is in PR. As for the 9.0, I think we should scrap all the Tornado services related stuff (TokenManager was the last one in Tornado only). This would allow also to get rid of Tornado in the services framework leaving it only for the WebApp. |
The DISET version of the TokenManager service is added. This will help to eventually get rid of all the Tornado services.
BEGINRELEASENOTES
*Framework
NEW: DISET version of the TokenManager service
ENDRELEASENOTES