Merge pull request #100 from kbase/kbase-user-mapping

Added provisional KBase user <-> ORCID federation
kbase · Jan 21, 2025 · 9a508fd · 9a508fd
2 parents 94563de + bda781b
commit 9a508fd
Show file tree

Hide file tree

Showing 10 changed files with 585 additions and 213 deletions.
diff --git a/auth/kbase_auth_server.go b/auth/kbase_auth_server.go
@@ -59,27 +59,13 @@ func NewKBaseAuthServer(accessToken string) (*KBaseAuthServer, error) {
 		}
 
 		// verify that the access token works (i.e. that the client is logged in)
-		kbaseUser, err := server.kbaseUser()
+		_, err := server.kbaseUser()
 		if err != nil {
 			return nil, err
 		}
 
-		// register the local username under all its ORCIDs with our KBase user
-		// federation mechanism
-		for _, pid := range kbaseUser.Idents {
-			if pid.Provider == "OrcID" {
-				orcid := pid.UserName
-				err = SetKBaseLocalUsernameForOrcid(orcid, kbaseUser.Username)
-				if err != nil {
-					break
-				}
-			}
-		}
-
-		if err == nil {
-			// register this instance of the auth server
-			instances[accessToken] = &server
-		}
+		// register this instance of the auth server
+		instances[accessToken] = &server
 		return &server, err
 	}
 }

diff --git a/auth/kbase_user_federation.go b/auth/kbase_user_federation.go
diff --git a/auth/kbase_user_federation_test.go b/auth/kbase_user_federation_test.go
diff --git a/databases/jdp/database_test.go b/databases/jdp/database_test.go
@@ -18,11 +18,7 @@ databases:
   jdp:
     name: JGI Data Portal
     organization: Joint Genome Institue
-    url: https://files.jgi.doe.gov
     endpoint: globus-jdp
-    auth:
-      client_id: ${JGI_CLIENT_ID}
-      client_secret: ${JGI_CLIENT_SECRET}
 endpoints:
   globus-jdp:
     name: Globus NERSC DTN
@@ -105,7 +101,7 @@ func TestResources(t *testing.T) {
 	assert.Nil(err, "JDP resource query encountered an error")
 	assert.Equal(10, len(resources),
 		"JDP resource query didn't return requested number of results")
-	for i, _ := range resources {
+	for i := range resources {
 		jdpSearchResult := results.Resources[i]
 		resource := resources[i]
 		assert.Equal(jdpSearchResult.Id, resource.Id, "Resource ID mismatch")

diff --git a/databases/kbase/database.go b/databases/kbase/database.go
@@ -26,7 +26,6 @@ import (
 
 	"github.com/google/uuid"
 
-	"github.com/kbase/dts/auth"
 	"github.com/kbase/dts/databases"
 	"github.com/kbase/dts/frictionless"
 )
@@ -43,6 +42,11 @@ func NewDatabase(orcid string) (databases.Database, error) {
 		return nil, fmt.Errorf("No ORCID was given")
 	}
 
+	err := startUserFederation()
+	if err != nil {
+		return nil, err
+	}
+
 	return &Database{
 		Id: "kbase",
 	}, nil
@@ -73,9 +77,7 @@ func (db *Database) StagingStatus(id uuid.UUID) (databases.StagingStatus, error)
 }
 
 func (db *Database) LocalUser(orcid string) (string, error) {
-	// for KBase user federation, we rely on a table maintained by our KBase
-	// auth server proxy
-	return auth.KBaseLocalUsernameForOrcid(orcid)
+	return usernameForOrcid(orcid)
 }
 
 func (db Database) Save() (databases.DatabaseSaveState, error) {