Scitoken authentication

Updated version of MR4 to handle scitokens instead of X.509 certificates. Functionality remains similar. One change is that the scitoken data is now set in the gwdatafind-server.ini file instead of at the top of authentication.py. This allows for different values to be used for testing purposes, where locally created SciTokens are used.

This has been tested using CILogon issued SciTokens, though further testing is required.

Gitlab CI unit tests have been added that repeat all the X509 view tests with the use of Scitokens. For this locally issued tokens are used, using the same setup functions as are used here: https://github.com/duncanmmacleod/igwn-auth-utils/blob/main/igwn_auth_utils/tests/conftest.py The public PEM key is then stored in a scitoken keycache, that can be accessed and used in authentication.py to deserialise the test token. One if "TEST" statements is used for the validator. A workaround needs to be developed before this can pushed to production.

Closes #3 (closed).

requested review from @duncanmmacleod

assigned to @duncan.meacher

added 1 commit

• dea5cb39 - Apply 1 suggestion(s) to 1 file(s)

Compare with previous version

added 1 commit

• e2531ed9 - Addressed comments for authentication.py

Compare with previous version

added 1 commit

• 8cb9fb92 - removed unused import

Compare with previous version

added 1 commit

• d2ca7bb8 - disable flake8 error for known F821 bug

Compare with previous version

added 1 commit

• 2ce1f560 - Addressing MR6 comments

Compare with previous version

added 1 commit

• b5f6c70e - fixed typo

Compare with previous version

added 1 commit

• 19b5c725 - Addressing third round of comments from MR6

Compare with previous version

added 1 commit

• c94b2d05 - fixed flake8 error

Compare with previous version

added 1 commit

• 2a7374b4 - Added full suite of unit tests for SciToken authentication

Compare with previous version

added 9 commits

• 2a7374b4...74a9267a - 8 commits from branch master
• 37b00d91 - Merge branch 'master' into 'scitokens'

Compare with previous version

changed the description

added 1 commit

• 1a55a29c - Switch to using keycache to store public key for deserializing test tokens

Compare with previous version

changed the description

added 1 commit

• f950d542 - removed if statement for token deserialisation

Compare with previous version

added 1 commit

• fb860094 - removed unused imports

Compare with previous version

added 1 commit

• 94c90a74 - Adding scitokens package build depenency

Compare with previous version

added 1 commit

• 28c15cbf - fixing test:buster failure

Compare with previous version

added 1 commit

• d2e988db - Removing POST requests for view methods

Compare with previous version

added 1 commit

• 9c0fa3d0 - updating test with post -> get method

Compare with previous version

changed the description

I have a feeling we need to wait for https://github.com/scitokens/scitokens/issues/143 before we can deploy this.

added 1 commit

• cc0535bb - Apply 1 suggestion(s) to 1 file(s)

Compare with previous version

changed milestone to %GWDataFind Server 1.2.0

added 30 commits

• cc0535bb...96841028 - 29 commits from branch master
• 6cc93d92 - Merge branch 'master' into 'scitokens' after MR17

Compare with previous version

added 1 commit

• 4fd3a45b - Fix change from merge conflict with MR17

Compare with previous version

added 1 commit

• ff5b074c - Adding python3-scitokens package for EL7 test

Compare with previous version

mentioned in merge request !20 (merged)

changed the description

added gwdatafind_server.authentication label

@duncan.meacher, can you rebase this, then we may be able to get it over the line.