Skip to content

Commit

Permalink
improve docs for proof_authenticate, pushing users towards more secur…
Browse files Browse the repository at this point in the history 
…e use of the fxn
  • Loading branch information
@sckott
sckott committed Aug 26, 2024
1 parent 5de3e90 commit 974a122
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 14 deletions.
4 changes: 4 additions & 0 deletions R/auth.R
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@ proof_header <- function(req, token = NULL) {
#' @inheritSection proof_status Timeout
#' @return A single token (character) for bearer authentication with
#' the PROOF API
#' @details We strongly recommend to not supply `password` as plain text like
#' `proof_authenticate(username = "jane", password = "mypassword")`, but rather
#' pull in your password from an environment variable stored outside of R like
#' `proof_authenticate(username = "jane", password = Sys.getenv("HUTCH_PWD"))`
proof_authenticate <- function(username, password) {
assert(username, "character")
assert(password, "character")
Expand Down
6 changes: 6 additions & 0 deletions man/proof_authenticate.Rd
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

26 changes: 14 additions & 12 deletions vignettes/proofr.Rmd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,17 +12,19 @@ vignette: >
Load `proofr`


```r
``` r
library(proofr)
```

## Authenticate with the PROOF API

Run the function `proof_authenticate()`, which calls the PROOF API with your username and password, and returns an API token (an alphanumeric string).
Run the function `proof_authenticate()`, which calls the PROOF API with your HutchNet username and password, and returns an API token (an alphanumeric string).

We strongly recommend to not supply `password` to `proof_authenticate` as plain text like, and instead pull in your password from an environment variable stored outside of R. For a description of different options for where to store your HutchNet password see the [R Startup chapter](https://rstats.wtf/r-startup) in the book _What They Forgot to Teach You About R_.

```r
my_proof_token <- proof_authenticate("username", "password")

``` r
my_proof_token <- proof_authenticate(username = "username", password = Sys.getenv("HUTCHNET_PWD"))
my_proof_token
#> xyGKibGctQ92rmMKKb39q43XgPxGCmrWoX7NZtamTjDP
```
Expand All @@ -32,7 +34,7 @@ my_proof_token
Alternatively, save your API token directly as an environment variable named `PROOF_TOKEN` so that it can be used by other `proofr` functions without exposing your token in your code. To do so, run the following:


```r
``` r
Sys.setenv("PROOF_TOKEN" = proof_authenticate("username", "password"))
```

Expand All @@ -41,15 +43,15 @@ Sys.setenv("PROOF_TOKEN" = proof_authenticate("username", "password"))
Start a PROOF server using the `proof_start()` function:


```r
``` r
proof_start()
```
Note: `proofr` assumes you only have one server running; if you've started a server using the app, you'll need to stop that server before starting one in R via `proofr`.

Get metadata about the PROOF server you have started, including the URL of the API, using `wait=TRUE` so that it doesn't return data until the server is fully ready to use.


```r
``` r
metadata <- proof_status(wait = TRUE)
cromwell_url <- metadata$cromwellUrl
cromwell_url
Expand All @@ -60,7 +62,7 @@ cromwell_url
Load `rcromwell`


```r
``` r
if (!requireNamespace("rcromwell", quietly=TRUE)) {
install.packages("pak")
pak::pak("rcromwell")
Expand All @@ -74,21 +76,21 @@ There are two options for setting the URL in `rcromwell`.
The first option is to set the Cromwell server URL to be recognized by `rcromwell` with `cromwell_config`


```r
``` r
cromwell_config(cromwell_url)
```

The other option is to pass the url to each function, for example:


```r
``` r
cromwell_jobs(url = cromwell_url)
```

In addition to setting the Cromwell URL, your PROOF API token is also required for HTTP requests to your server. After getting your PROOF token you can set it as the env var `PROOF_TOKEN`, or pass it to the `rcromwell` functions, for example:


```r
``` r
cromwell_jobs(url = cromwell_url, token = my_proof_token)
```

Expand All @@ -98,7 +100,7 @@ cromwell_jobs(url = cromwell_url, token = my_proof_token)
As an example, `cromwell_version()` checks the version of your Cromwell server


```r
``` r
cromwell_version()
#> $cromwell
#> [1] "84"
Expand Down
6 changes: 4 additions & 2 deletions vignettes/proofr.Rmd.og
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,12 @@ library(proofr)

## Authenticate with the PROOF API

Run the function `proof_authenticate()`, which calls the PROOF API with your username and password, and returns an API token (an alphanumeric string).
Run the function `proof_authenticate()`, which calls the PROOF API with your HutchNet username and password, and returns an API token (an alphanumeric string).

We strongly recommend to not supply `password` to `proof_authenticate` as plain text like, and instead pull in your password from an environment variable stored outside of R. For a description of different options for where to store your HutchNet password see the [R Startup chapter](https://rstats.wtf/r-startup) in the book _What They Forgot to Teach You About R_.

```{r auth}
my_proof_token <- proof_authenticate("username", "password")
my_proof_token <- proof_authenticate(username = "username", password = Sys.getenv("HUTCHNET_PWD"))
my_proof_token
#> xyGKibGctQ92rmMKKb39q43XgPxGCmrWoX7NZtamTjDP
```
Expand Down

0 comments on commit 974a122

Please sign in to comment.