Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement workflows-api auth login from swagger #134

Open
4 of 5 tasks
anayeaye opened this issue Apr 5, 2024 · 2 comments
Open
4 of 5 tasks

Implement workflows-api auth login from swagger #134

anayeaye opened this issue Apr 5, 2024 · 2 comments
Assignees
@botanical

Comments

@anayeaye
Copy link
Contributor

anayeaye commented Apr 5, 2024
edited by botanical
Loading

What

Currently administrators must manually post username and password to a token endpoint in the veda-backend ingest api and copy paste the token from the response for workflows operations. Update this auth flow to follow the more standard redirect to auth provider for a secure username and password form entry and redirect to the swagger docs.

AC

  • token auth urls are configurable by veda environment
  • cognito user pool updated to allow callback to veda data airflow workflows api docs
  • admins in the cognito user pool associated with backend stack can login via swagger docs
  • admins can successfully use authenticated endpoints like collections/ and ingestions/
  • attempted authenticated airflow pipelines triggers like discover-items and documented success or error response (there are networking issues that may block successful discovery pipelines that should not block the success of this issue)
@botanical botanical self-assigned this Apr 18, 2024
@botanical botanical mentioned this issue Apr 25, 2024
Merged
4 tasks
@botanical
Copy link
Member

#138

@botanical
Copy link
Member

Didn't address

cognito user pool updated to allow callback to veda data airflow workflows api docs
since we decided it would be easier for an admin to add the callback url manually via AWS console

@botanical botanical mentioned this issue Apr 29, 2024
Merged
botanical added a commit to NASA-IMPACT/veda-backend that referenced this issue Apr 29, 2024
@botanical
fix: update get_username function (#365)
28afca4 
### Issue

NASA-IMPACT/veda-data-airflow#134
#347

### What?

- Update get_username to fall back on `sub` if `username` doesn't exist
in token
- Added some more logging statements to make debugging easier in the
future

### Why?

- This fix is to enable a successful workflows API run since the
workflow API passes a token to backend API and it's currently erroring
- Also, `sub` is a more definitive identifier because it represents a
unique identifier compared to `username`

### Testing?

- Relevant testing details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@botanical botanical

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@anayeaye @botanical