Skip to content

Commit

Permalink
Merge branch 'RESTAPI-960-add-authorization-header-name-env' into 'ma…
Browse files Browse the repository at this point in the history
…ster'

Apply environment variable F7T_AUTH_HEADER_NAME

See merge request firecrest/firecrest!251
  • Loading branch information
Juan Pablo Dorsch committed Nov 13, 2023
2 parents efe0aee + a5306c0 commit 9ff2b6b
Show file tree
Hide file tree
Showing 13 changed files with 13 additions and 13 deletions.
2 changes: 1 addition & 1 deletion .gitlab-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ tag_release:
if [ "$is_master" == "true" ]; then
if [[ $CI_COMMIT_TAG =~ "dev" ]]; then
env_tags="tds"
env_tags="$CI_COMMIT_TAG tds"
code_tag="tds"
echo "This is a TDS release"
else
Expand Down
2 changes: 1 addition & 1 deletion deploy/demo/common/common.env
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# name of header key used to get authentication:
# possible values: "Authorization" ("X-Userinfo" was disabled)
# Authorization: JWT token as generated by Keycloak: {"Authorization:", "Bearer fjfk..."}
# F7T_AUTH_HEADER_NAME=Authorization
F7T_AUTH_HEADER_NAME=Authorization
# If F7T_AUTH_HEADER_NAME = Authorization, it can also check REALM_RSA_PUBLIC_KEY: RSA key from KeyCloak Realm which signs token.
# F7T_REALM_RSA_PUBLIC_KEY="MII....QAB"
# use 1 line without headers ("-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----")
Expand Down
1 change: 1 addition & 0 deletions deploy/k8s/config/templates/cm.common.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
apiVersion: v1
data:
F7T_DEBUG_MODE: "{{ .Values.global.F7T_DEBUG_MODE }}"
F7T_AUTH_HEADER_NAME: "{{ .Values.F7T_AUTH_HEADER_NAME }}"
F7T_AUTH_REQUIRED_SCOPE: "{{ .Values.F7T_AUTH_REQUIRED_SCOPE }}"
F7T_AUTH_ROLE: "{{ .Values.F7T_AUTH_ROLE }}"
F7T_AUTH_TOKEN_AUD: "{{ .Values.F7T_AUTH_TOKEN_AUD }}"
Expand Down
1 change: 1 addition & 0 deletions deploy/k8s/values-dev.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ F7T_POLICY_PATH: v1/data/f7t/authz
F7T_CA_KEY_PATH: /ca-key
F7T_PUB_USER_KEY_PATH: /user-key.pub
# common
F7T_AUTH_HEADER_NAME: Authorization
F7T_AUTH_REQUIRED_SCOPE: firecrest
F7T_AUTH_ROLE: firecrest-sa
F7T_AUTH_TOKEN_AUD: ""
Expand Down
2 changes: 1 addition & 1 deletion src/certificator/certificator.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def get_boolean_var(var):
# 1
return var.upper() == "TRUE" or var.upper() == "YES" or var == "1"

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

AUTH_AUDIENCE = os.environ.get("F7T_AUTH_TOKEN_AUD", '').strip('\'"')
ALLOWED_USERS = os.environ.get("F7T_AUTH_ALLOWED_USERS", '').strip('\'"').split(";")
Expand Down
2 changes: 1 addition & 1 deletion src/common/common.env.template
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# name of header key used to get authentication:
# possible values: "Authorization" ("X-Userinfo" was disabled)
# Authorization: JWT token as generated by Keycloak: {"Authorization:", "Bearer fjfk..."}
# F7T_AUTH_HEADER_NAME=Authorization
F7T_AUTH_HEADER_NAME=Authorization
# If F7T_AUTH_HEADER_NAME = Authorization, it can also check REALM_RSA_PUBLIC_KEY: RSA key from KeyCloak Realm which signs token.
# F7T_REALM_RSA_PUBLIC_KEY="MII....QAB"
# use 1 line without headers ("-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----")
Expand Down
2 changes: 1 addition & 1 deletion src/common/cscs_api_common.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ def get_boolean_var(var):

DEBUG_MODE = get_boolean_var(os.environ.get("F7T_DEBUG_MODE", False))

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

REALM_RSA_PUBLIC_KEYS=os.environ.get("F7T_REALM_RSA_PUBLIC_KEY", '').strip('\'"').split(";")

Expand Down
2 changes: 1 addition & 1 deletion src/compute/compute.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@

from schedulers import Job

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

CERTIFICATOR_URL= os.environ.get("F7T_CERTIFICATOR_URL")
TASKS_URL = os.environ.get("F7T_TASKS_URL")
Expand Down
2 changes: 1 addition & 1 deletion src/reservations/reservations.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
from jaeger_client import Config
import opentracing

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

RESERVATIONS_PORT = os.environ.get("F7T_RESERVATIONS_PORT", 5050)

Expand Down
2 changes: 1 addition & 1 deletion src/status/status.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
import opentracing


AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

SYSTEMS_PUBLIC = os.environ.get("F7T_SYSTEMS_PUBLIC").strip('\'"').split(";")
# ; separated for system (related with SYSTEMS_PUBLIC length, and for each filesystem mounted inside each system, separated with ":")
Expand Down
2 changes: 1 addition & 1 deletion src/storage/storage.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@

STORAGE_PORT = os.environ.get("F7T_STORAGE_PORT", 5000)

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

# SYSTEMS_PUBLIC: list of allowed systems
# remove quotes and split into array
Expand Down
4 changes: 1 addition & 3 deletions src/tasks/tasks.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,7 @@
get_boolean_var, setup_logging, validate_input
import tasks_persistence as persistence



AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

KONG_URL = os.environ.get("F7T_KONG_URL")

Expand Down
2 changes: 1 addition & 1 deletion src/utilities/utilities.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
CERTIFICATOR_URL = os.environ.get("F7T_CERTIFICATOR_URL")
UTILITIES_PORT = os.environ.get("F7T_UTILITIES_PORT", 5000)

AUTH_HEADER_NAME = 'Authorization'
AUTH_HEADER_NAME = os.environ.get("F7T_AUTH_HEADER_NAME","Authorization")

UTILITIES_TIMEOUT = int(os.environ.get("F7T_UTILITIES_TIMEOUT", "5"))

Expand Down

0 comments on commit 9ff2b6b

Please sign in to comment.