Conversation
|
When trying to run this branch in Docker (either via the image the CI built and uploaded to Harbor or building locally) I get an import error: EDIT: |
|
Grrrr. Yes I broke it but I made the linter happy. |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #154 +/- ##
===========================================
- Coverage 65.55% 47.91% -17.64%
===========================================
Files 9 12 +3
Lines 360 480 +120
Branches 13 0 -13
===========================================
- Hits 236 230 -6
- Misses 124 250 +126 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Asked Alan and he said it was originally an error to set to False and thought it had already been fixed
patrick-austin
left a comment
patrick-austin
left a comment
There was a problem hiding this comment.
Looks OK, the upload to codecov seems to be failing (but I don't have the permissions to dif to deeply so not sure?) but coverage is still 60% for me locally, and the new lines not covered are in a file that wasn't covered before either (routers/authentication.py).
There were a couple of places where we might be able use / benefit from SecretStr, but functionally this shouldn't change anything. Given it's last working day @ajkyffin I'm happy to approve this as is without bogging things down. Extending the use of SecretStr (if it's desirable) can be done as a follow up issue/PR.
| from typing import List, Self | ||
|
|
||
| from pydantic import BaseModel, ConfigDict | ||
| from pydantic import BaseModel, ConfigDict, model_validator |
There was a problem hiding this comment.
| from pydantic import BaseModel, ConfigDict, model_validator | |
| from pydantic import BaseModel, ConfigDict, model_validator, SecretStr |
To be used for secrets.
| display_name: str | ||
| configuration_url: str | ||
| client_id: str | ||
| client_secret: str = None |
There was a problem hiding this comment.
| client_secret: str = None | |
| client_secret: SecretStr = None |
SecretStr prevents secret values from appearing in logs, so might be useful here.
| oidc_providers: dict[str, OidcProviderConfig] = {} | ||
| oidc_redirect_uri: str = None | ||
| oidc_icat_authenticator: str = None | ||
| oidc_icat_authenticator_token: str = None |
There was a problem hiding this comment.
| oidc_icat_authenticator_token: str = None | |
| oidc_icat_authenticator_token: SecretStr = None |
Would this also benefit from being a SecretStr?
| providers[provider_id] = { | ||
| "display_name": provider_config.display_name, | ||
| "configuration_url": provider_config.configuration_url, | ||
| "client_id": provider_config.client_id, | ||
| "pkce": False if provider_config.client_secret else True, | ||
| "scope": provider_config.scope, | ||
| } |
There was a problem hiding this comment.
Could probably do this with a combination of exclude and serialization aliases, but if it works as is then that's fine too.
3 participants
This PR will close #135
Description
Adds endpoints for OIDC authentication
Testing Instructions