-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add gateway support to awxkit #15576
Conversation
@gravesm Codecov reports only 20.07% of your patched lines being hit: https://app.codecov.io/gh/ansible/awx/pull/15576?flags[0]=pytest. Could you look into increasing the test coverage there? |
I think I've gotten to a code problem now.
then run
This tries to do what is intended. But then it hits a server error on:
The server error is handled badly, both on the Gateway side and on the client side. But this does seem to get us to a high-level problem with the current approach. You can look up a user by its username or ansible_id, which can be had from the controller server. However, none of this can be done unauthenticated, which is the whole point here. It doesn't look like there is any support for accessing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't work because of API incompatibility, information to move forward should be sufficiently established
This test seems to give the expected steps for the DAB OAuth2 provider for the "login" flow, where you are unauthenticated, have a username/password, and wish to get a token. ping @relrod @john-westcott-iv data = {
"grant_type": "password",
"username": "user",
"password": "password",
"scope": "read",
}
resp = unauthenticated_api_client.post(
url,
data=urlencode(data),
content_type='application/x-www-form-urlencoded',
headers={'Authorization': 'Basic ' + base64.b64encode(f"{app.client_id}:{secret}".encode()).decode()},
) This is done to a |
9783c54
to
e33d9ea
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should still follow up with an issue about that server error
This updates awxkit to add support for gateway when fetching oauth tokens, which is used during the `login` subcommand. awxkit will first try fetching a token from gateway and if that fails, fallback to existing behavior. This change is backwards compatible. Signed-off-by: Mike Graves <mgraves@redhat.com>
This: * adds coverage for the get_oauth2_token() method * changes AuthUrls to a TypedDict * changes the url used for personal token access in gateway
This is just minor stylistic changes.
c47e8f8
to
c83af85
Compare
Quality Gate passedIssues Measures |
SUMMARY
This updates awxkit to add support for gateway when fetching oauth tokens, which is used during the
login
subcommand. awxkit will first try fetching a token from gateway and if that fails, fallback to existing behavior. This change is backwards compatible.ISSUE TYPE
COMPONENT NAME
AWX VERSION
ADDITIONAL INFORMATION