Uploaded image for project: 'Request For Comments'
  1. Request For Comments
  2. RFC-487

Add PyJWT and "cryptography" dependencies for DAX

    XMLWordPrintable

    Details

    • Type: RFC
    • Status: Retired
    • Resolution: Done
    • Component/s: DM
    • Labels:
      None

      Description

      In order to support JSON Web Tokens, a form of authentication token given by OAuth 2/OpenID Connect providers, in our DAX Python web applications, we need library support for parsing and validating JWTs, and associated underlying support for verifying cryptographic signatures.

      This RFC is to add PyJWT (https://github.com/jpadilla/pyjwt) and Cryptography (https://cryptography.io/en/latest/) to eups for use in dax_webserv builds via pip install in the python environment.

        Attachments

          Issue Links

            Activity

            Hide
            kennylo Kenny Lo added a comment - - edited

            DM-14193 for  imgserv  is definitely one triggering ticket.

            Show
            kennylo Kenny Lo added a comment - - edited DM-14193 for  imgserv   is definitely one triggering ticket.
            Hide
            tjenness Tim Jenness added a comment -

            Added. You can add more if you have them.

            Show
            tjenness Tim Jenness added a comment - Added. You can add more if you have them.
            Hide
            ktl Kian-Tat Lim added a comment -

            The triggered tickets should be ones that implement the RFC, not ones that use the result of implementing the RFC. I don't think that DM-14193 qualifies. Brian Van Klaveren must add another.

            Show
            ktl Kian-Tat Lim added a comment - The triggered tickets should be ones that implement the RFC, not ones that use the result of implementing the RFC. I don't think that DM-14193 qualifies. Brian Van Klaveren must add another.
            Hide
            bvan Brian Van Klaveren added a comment -

            We've talked this over, and we'd like to add cryptography and PyJWT to the lsst conda dependencies for now.

            We will plan on rewriting the DAX services to consume a stack container or perform a binary install and then, using setuptools, install in that environment, but that will require several different things to implement properly, including a change in CI.

            I've created a triggering issue, and a follow up issue to convert DAX services to a setuptools-based system (with the goal of removing the conda dependencies as well)

            Show
            bvan Brian Van Klaveren added a comment - We've talked this over, and we'd like to add cryptography and PyJWT to the lsst conda dependencies for now. We will plan on rewriting the DAX services to consume a stack container or perform a binary install and then, using setuptools, install in that environment, but that will require several different things to implement properly, including a change in CI. I've created a triggering issue, and a follow up issue to convert DAX services to a setuptools-based system (with the goal of removing the conda dependencies as well)
            Hide
            bvan Brian Van Klaveren added a comment -

            The DAX APIs have changed how they consume the stack and work with dependencies, in part because of the lack of consensus on how to handle this issue. The DAX APIs now consume a stack docker image and layer on top the dependencies they need via a requirements.txt file.

            Show
            bvan Brian Van Klaveren added a comment - The DAX APIs have changed how they consume the stack and work with dependencies, in part because of the lack of consensus on how to handle this issue. The DAX APIs now consume a stack docker image and layer on top the dependencies they need via a requirements.txt file.

              People

              Assignee:
              bvan Brian Van Klaveren
              Reporter:
              bvan Brian Van Klaveren
              Watchers:
              Alexander Withers [X] (Inactive), Brian Van Klaveren, Fritz Mueller, Gabriele Comoretto [X] (Inactive), John Swinbank, Joshua Hoblitt, Kenny Lo, Kian-Tat Lim, Tim Jenness, Xiuqin Wu [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Planned End:

                  CI Builds

                  No builds found.