Scitoken authentication (!6) · Merge requests · IGWN Computing and Software / GWDataFind / GWDataFind Server

Duncan Meacher requested to merge scitokens into master Jan 04, 2022

Updated version of MR4 to handle scitokens instead of X.509 certificates. Functionality remains similar. One change is that the scitoken data is now set in the gwdatafind-server.ini file instead of at the top of authentication.py. This allows for different values to be used for testing purposes, where locally created SciTokens are used.

This has been tested using CILogon issued SciTokens, though further testing is required.

Gitlab CI unit tests have been added that repeat all the X509 view tests with the use of Scitokens. For this locally issued tokens are used, using the same setup functions as are used here: https://github.com/duncanmmacleod/igwn-auth-utils/blob/main/igwn_auth_utils/tests/conftest.py The public PEM key is then stored in a scitoken keycache, that can be accessed and used in authentication.py to deserialise the test token. One if "TEST" statements is used for the validator. A workaround needs to be developed before this can pushed to production.

Closes #3 (closed).

Edited Mar 10, 2022 by Duncan Meacher

Scitoken authentication

Merge request reports