Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow OAuth 2.0 user defined file sources (w/Dropbox integration) #18272

Open
wants to merge 10 commits into
base: dev
Choose a base branch
from
Open

Allow OAuth 2.0 user defined file sources (w/Dropbox integration) #18272

wants to merge 10 commits into from
+2,963 −454

Conversation

jmchilton
Copy link
Member

Builds on #18222 (only the last commit is relevant to this PR beyond that one currently).

This implements oauth2 client capabilities with the user defined file sources framework. There would be some work to integrate this with user defined object stores also but that would be pretty minimal given the code overlap/shared abstractions used on the client and server.

This works currently more or less but I want to make sure it works with Scope requesting clients and on a second service so I going to wait until I've integrated a Google Drive plugin and documented that before taking it out of Draft/WIP.

This work integrates an initial oauth2 enabled plugin for Dropbox including admin documentation for how to configure it and how build and configure a Dropbox app within Dropbox for a Galaxy instance.

Documentation Screenshot

Screenshot 2024-05-30 at 12 48 35 PM

Documentation Screenshot
Screenshot 2024-05-30 at 12 48 56 PM

Documentation Screenshot

Screenshot 2024-05-30 at 12 49 08 PM

For oauth2 services - the plugin status framework has been updated to reflect some additional information. Hopefully we can use it down the road to know when refresh tokens need to be re-requested and such though nothing beyond initial creation and typical use is implemented here so far:

Screenshot 2024-05-30 at 12 53 18 PM

How to test the changes?

(Select all options that apply)

  • I've included appropriate automated tests.
  • Instructions for manual testing are as follows:
    1. Follow the instructions in the admin docs to create a service and try it out. The docs say the oauth2 callback URI needs to be https but it doesn't need to be if the hostname is localhost. I use http://localhost:8081/oauth2_callback in my local testing with the make client-dev-server proxy.

License

  • I agree to license these and all my past contributions to the core galaxy codebase under the MIT license.

@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch from 2ba6a75 to d8339fe Compare May 31, 2024 13:04
@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch 6 times, most recently from 7ddf7db to b02e537 Compare June 12, 2024 14:42
@jmchilton jmchilton mentioned this pull request Jun 13, 2024
Open
@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch 3 times, most recently from bdb037e to 8a93354 Compare June 19, 2024 15:16
@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch from 8a93354 to 8df6893 Compare July 9, 2024 14:35
@nuwang
Copy link
Member

nuwang commented Jul 9, 2024

This is very cool! Let me know when it's ready and I'd be happy to do some testing.

@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch 2 times, most recently from b15652c to 62137df Compare July 9, 2024 15:51
@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch 7 times, most recently from 94a0cc8 to ab70f15 Compare September 27, 2024 16:04
@jmchilton
Expand pre-checking of file source/object store configuration.
5bef045 
- UI for detailed display of errors.
- UI option to test configuration from management menu.
- API + UI for checking configuration before upgrading to new version of template.
- API + UI for checking configuration before updating current template's settings.
- Add an option during update/upgrade to allow forcing the update even if configuration doesn't validate - I don't allow creation of invalid things, but if there are problems with an existing thing - admins and power users should have recourse. It is their data.
@jmchilton
Allow oauth2 file sources with Dropbox initial implementation.
fc42aed
@jmchilton jmchilton force-pushed the oauth2_user_file_sources_dev branch 2 times, most recently from e66c9cb to b2033a4 Compare September 27, 2024 17:49
@jmchilton jmchilton marked this pull request as ready for review September 30, 2024 13:27
@github-actions github-actions bot added this to the 24.2 milestone Sep 30, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 8, 2024
View reviewed changes
lib/galaxy/webapps/galaxy/api/oauth2_callback.py
):
if error:
error_code = self._ensure_valid_oauth_error_code(error)
return RedirectResponse(f"{trans.request.url_path}{ERROR_REDIRECT_PATH}?error={error_code}")

Check warning

Code scanning / CodeQL

URL redirection from remote source Medium

Untrusted URL redirection depends on a
user-provided value
Loading
.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@itisAliRH itisAliRH Awaiting requested review from itisAliRH

@davelopez davelopez Awaiting requested review from davelopez

Assignees
No one assigned
Labels
area/API area/auth Authentication and authorization area/UI-UX kind/feature
Projects
None yet
Milestone
24.2
Development

Successfully merging this pull request may close these issues.
4 participants
@jmchilton @nuwang @itisAliRH @davelopez