Reworked KBase user federation logic. Not quite working yet.

kbase · Jan 16, 2025 · 86a4917 · 86a4917
1 parent 94563de
commit 86a4917
Show file tree

Hide file tree

Showing 9 changed files with 389 additions and 212 deletions.
diff --git a/auth/kbase_auth_server.go b/auth/kbase_auth_server.go
@@ -59,27 +59,13 @@ func NewKBaseAuthServer(accessToken string) (*KBaseAuthServer, error) {
 		}
 
 		// verify that the access token works (i.e. that the client is logged in)
-		kbaseUser, err := server.kbaseUser()
+		_, err := server.kbaseUser()
 		if err != nil {
 			return nil, err
 		}
 
-		// register the local username under all its ORCIDs with our KBase user
-		// federation mechanism
-		for _, pid := range kbaseUser.Idents {
-			if pid.Provider == "OrcID" {
-				orcid := pid.UserName
-				err = SetKBaseLocalUsernameForOrcid(orcid, kbaseUser.Username)
-				if err != nil {
-					break
-				}
-			}
-		}
-
-		if err == nil {
-			// register this instance of the auth server
-			instances[accessToken] = &server
-		}
+		// register this instance of the auth server
+		instances[accessToken] = &server
 		return &server, err
 	}
 }

diff --git a/auth/kbase_user_federation.go b/auth/kbase_user_federation.go
diff --git a/auth/kbase_user_federation_test.go b/auth/kbase_user_federation_test.go
diff --git a/databases/jdp/database_test.go b/databases/jdp/database_test.go
@@ -18,11 +18,7 @@ databases:
   jdp:
     name: JGI Data Portal
     organization: Joint Genome Institue
-    url: https://files.jgi.doe.gov
     endpoint: globus-jdp
-    auth:
-      client_id: ${JGI_CLIENT_ID}
-      client_secret: ${JGI_CLIENT_SECRET}
 endpoints:
   globus-jdp:
     name: Globus NERSC DTN
@@ -105,7 +101,7 @@ func TestResources(t *testing.T) {
 	assert.Nil(err, "JDP resource query encountered an error")
 	assert.Equal(10, len(resources),
 		"JDP resource query didn't return requested number of results")
-	for i, _ := range resources {
+	for i := range resources {
 		jdpSearchResult := results.Resources[i]
 		resource := resources[i]
 		assert.Equal(jdpSearchResult.Id, resource.Id, "Resource ID mismatch")

diff --git a/databases/kbase/database.go b/databases/kbase/database.go
@@ -26,7 +26,6 @@ import (
 
 	"github.com/google/uuid"
 
-	"github.com/kbase/dts/auth"
 	"github.com/kbase/dts/databases"
 	"github.com/kbase/dts/frictionless"
 )
@@ -43,6 +42,8 @@ func NewDatabase(orcid string) (databases.Database, error) {
 		return nil, fmt.Errorf("No ORCID was given")
 	}
 
+	startUserFederation()
+
 	return &Database{
 		Id: "kbase",
 	}, nil
@@ -73,9 +74,7 @@ func (db *Database) StagingStatus(id uuid.UUID) (databases.StagingStatus, error)
 }
 
 func (db *Database) LocalUser(orcid string) (string, error) {
-	// for KBase user federation, we rely on a table maintained by our KBase
-	// auth server proxy
-	return auth.KBaseLocalUsernameForOrcid(orcid)
+	return usernameForOrcid(orcid)
 }
 
 func (db Database) Save() (databases.DatabaseSaveState, error) {

diff --git a/databases/kbase/database_test.go b/databases/kbase/database_test.go
@@ -0,0 +1,99 @@
+package kbase
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/kbase/dts/config"
+	"github.com/kbase/dts/databases"
+	"github.com/kbase/dts/dtstest"
+	"github.com/kbase/dts/endpoints"
+	"github.com/kbase/dts/endpoints/globus"
+)
+
+const kbaseConfig string = `
+databases:
+  kbase:
+    name: KBase Workspace Service (KSS)
+    organization: KBase
+    endpoint: globus-kbase
+endpoints:
+  globus-kbase:
+    name: KBase
+    id: ${DTS_GLOBUS_TEST_ENDPOINT}
+    provider: globus
+    auth:
+      client_id: ${DTS_GLOBUS_CLIENT_ID}
+      client_secret: ${DTS_GLOBUS_CLIENT_SECRET}
+`
+
+// this function gets called at the begіnning of a test session
+func setup() {
+	dtstest.EnableDebugLogging()
+	config.Init([]byte(kbaseConfig))
+	databases.RegisterDatabase("kbase", NewDatabase)
+	endpoints.RegisterEndpointProvider("globus", globus.NewEndpoint)
+}
+
+// this function gets called after all tests have been run
+func breakdown() {
+}
+
+func TestNewDatabase(t *testing.T) {
+	assert := assert.New(t)
+	orcid := os.Getenv("DTS_KBASE_TEST_ORCID")
+	db, err := NewDatabase(orcid)
+	assert.NotNil(db, "KBase database not created")
+	assert.Nil(err, "KBase database creation encountered an error")
+}
+
+func TestNewDatabaseWithoutOrcid(t *testing.T) {
+	assert := assert.New(t)
+	db, err := NewDatabase("")
+	assert.Nil(db, "Invalid KBase database somehow created")
+	assert.NotNil(err, "KBase database creation without ORCID encountered no error")
+}
+
+func TestSearch(t *testing.T) {
+	assert := assert.New(t)
+	orcid := os.Getenv("DTS_KBASE_TEST_ORCID")
+	db, _ := NewDatabase(orcid)
+	params := databases.SearchParameters{
+		Query: "prochlorococcus",
+		Pagination: struct {
+			Offset, MaxNum int
+		}{
+			Offset: 1,
+			MaxNum: 50,
+		},
+	}
+	_, err := db.Search(params)
+	assert.NotNil(err, "Search not implemented for kbase database!")
+}
+
+func TestResources(t *testing.T) {
+	assert := assert.New(t)
+	orcid := os.Getenv("DTS_KBASE_TEST_ORCID")
+	db, _ := NewDatabase(orcid)
+	_, err := db.Resources(nil)
+	assert.NotNil(err, "Resources not implemented for kbase database!")
+}
+
+func TestLocalUser(t *testing.T) {
+	assert := assert.New(t)
+	orcid := os.Getenv("DTS_KBASE_TEST_ORCID")
+	db, _ := NewDatabase(orcid)
+	username, err := db.LocalUser(orcid)
+	assert.Nil(err)
+	assert.True(len(username) > 0)
+}
+
+// this runs setup, runs all tests, and does breakdown
+func TestMain(m *testing.M) {
+	setup()
+	status := m.Run()
+	breakdown()
+	os.Exit(status)
+}