-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add Client.logout and context manager #381
Conversation
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
FL-1008 Add logout function to Substra SDK
ContextSecurity assessment V7 (the Audit page on Notion has links to the detailed report) Risk score: 3/12 (low)
SpecificationAdd a new endpoint to the backend that revokes the current ImplicitBearerToken Add a It would be nice to also add a context manager because it would look professional:
Acceptance criteriaSubstra SDK has a |
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
e0009db
to
e8c5ac7
Compare
I'm unsure what to document or test exactly. This change is mostly transparent for users, and I would be mocking a lot of stuff. |
def __enter__(self): | ||
return self | ||
|
||
def __exit__(self, exc_type, exc_value, traceback): | ||
self.logout() | ||
|
||
def __del__(self): | ||
self.logout() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unsure whether context manager is still needed with __del__
defined, but people online say not to rely on it and using with
is preferable. However that does mean updating our documentation.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What part of the documentation are you reffering to ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean that in the documentation all examples of the form:
client = Client(...)
do_stuff(client)
should be replaced with:
with Client(...) as client:
do_stuff(client)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some scripts (such as the examples) need the client
for more than a thousand lines, so I would not replace the old version, maybe just indicate that the context manager is also a valid option ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added it in the sdk.Client
reference, under the username
argument.
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR :)
Concerning the fact that we define a logout function only for the remote backend, I am not 100% convince... There is a login method defined in locals backend too, I think for the hybrid mode. You should take a look at it to ensure what we should do for this mode I think. (cf sdk/backends/local/dal.py
.
For the tests, you could check that the token is deleted the using the context manager with
or when deleting the object (del client
).
This test can be useful to mock minimally
substra/tests/sdk/test_client.py
Line 92 in eae5d52
def test_client_with_password(mocker): |
def __enter__(self): | ||
return self | ||
|
||
def __exit__(self, exc_type, exc_value, traceback): | ||
self.logout() | ||
|
||
def __del__(self): | ||
self.logout() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What part of the documentation are you reffering to ?
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
c59391b
to
1370803
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few small comments and will be good to me ! do you think we need a run of CI on it before merging ? No strong opinion on it on my side.
Co-authored-by: Thibault Fouqueray <thibault.fouqueray@owkin.com> Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
1f782f6
to
c809973
Compare
I ran one yesterday but let's run a new one just to be sure ^^ |
Ah ok ok :) you're not using the /e2e command ? |
I am, just from the backend PR instead of this one |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks a lot :)
- Solve the issue of sometimes issuing tokens that are about to expire, by just issuing an new token every time and relying on the SDK to clean them up - Add a new `server.allowImplicitLogin` option, allowing node admins to disable the option altogether in order to improve security practices. - Extend `/active-api-tokens -X DELETE` to also be able to delete `ImplicitBearerToken`, adding an `id` field to `ImplicitBearerToken` for this purpose. This is to enable users to terminate their sessions, as per security recommendations Closes FL-1067, FL-1140 Companion to Substra/substra-documentation#336 Leveraged by Substra/substra#381 Signed-off-by: Olivier Léobal <olivier.leobal@owkin.com>
except requests.exceptions.Timeout as e: | ||
raise exceptions.Timeout.from_request_exception(e) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to retry on Timeout? Or is it already handled at a higher level?
In all cases, I'm not sure if we want to raise uncaught exceptions to the user, or just have a warning logged 🤔
Summary
Add a
Client.logout
function, which deletes a token obtained byClient.login
(if any).Add a context manager, making the following snippet legal:
Requires Substra/substra-backend#698
Closes FL-1008
Notes
Please check if the PR fulfills these requirements