WIP - Updating authenticators from latest in Tiled#81
WIP - Updating authenticators from latest in Tiled#81davidpcls wants to merge 13 commits intobluesky:mainfrom
Conversation
|
Wow, thanks @davidpcls! |
|
Thank you. I am going to try to fix the unit tests first, I may push a few commits. |
|
If either of you intend to commit more work to this PR, put it in Draft mode. Change the mode back when you are ready for final review. |
dmgav
force-pushed
the
auth_updates_from_tiled
branch
from
579d82a to
f54ef36
Compare
|
I fixed the unit tests. I also rebased the branch to main, so I had to force push the changes. |
|
Thanks for working on that @dmgav! I just got things setup so I can test with this against MS Entra, so I'll go about verifying there are no other changes required for this to work properly. Took a little longer than expected to get the Entra stuff worked out. |
This is working okay, although it doens't really work smoothly for the API based login and the http command based login isn't great, as it requires the user to copy and past token around. Compared to ldap which just logs the user in. So still some work to do here to smooth out the user experience.
This solves the problem that what was implemented was actually authenticating the application and not the user like expected. It worked but it required that the user input a code. This solves that problem so that when you click the login link, if you are already logged in with you SSO provider you'll just automatically log in to the HTTP Server. Likewise if you use the bluesky queueserver api, when you call RM.Login you'll automatically be logged in, no user interaction required.
These should correct some of the problems in the last CI workflow. I moved the LDAP and docker image into the continuous_integration folder so it matches tiled.
This addresses documentation problems, the levels were incorrect as I did not understand what the next level should have been in the docs. I've also updated the usage documentation a little to be more useful.
These allow for running the unit tests in a containerized system just like how they are done in the ci pipeline, but locally and in a way that can maximize processor usage and minimize runtime.
Testing with ms entra
|
I've added in these changes, I'm going to work on cleaning up failing unit tests now and then I will update the pull request description to match your style and provide information on testing. After that I will remove the WIP status. |
|
Please also see the related PR for the API: bluesky/bluesky-queueserver-api#62 |
4 participants
Description
These changes bring in the authenticators from Tiled into HTTP Bluesky. This allows us to use the same authentication setup as from Tiled deployements (at least at the current moment). The main other change is to remove the "mode" flag and instead use the class type to determine if it is an internal or external authenticator.
I'm creating this PR to determine if the community is okay with these changes. If so I will put in the effort to update unit tests, etc.
Motivation and Context
This solves the problem of having different authentication schemes to maintain between Tiled and HTTP server, which came from the same code around 3 years ago. Tiled has been updated but HTTP server was not. This addresses that.
Ideally this code would be moved into a common repo that both Tiled and HTTP server can pull from. This PR would enable that if there is desire to do this work, as it puts both Tiled and HTTP server onto the same code base.
Summary of Changes for Release Notes
Updated authenticators based off Tiled main.
Made minimal changes to app.py and authentication.py to support the changes.
Fixed
Added
Authenticators.py from Tiled (fd2a646e4ec73e08fb206f18deaa51c166ccd37a)
Changed
Removed
How Has This Been Tested?
TBD