[DAPS, Foxx, Core] - Feature, adjust UserGetAccessRequest to work with Mapped Collection UUID #1215

JoshuaSBrown · 2025-01-07T17:49:43Z

Description

This is in support of moving document to and from mapped collections. We need someway of checking to make sure that a token exists if a mapped collection is being used.

Does a token already exist if it is a mapped collection or do we need to trigger a consent flow.
To avoid latency issues, we should only check if the token is expired and not make calls to Globus.

Below is relevant content in the datafed-ws.js file, this should be adjusted in a separte issue, it is shown here to indicate the connection between the web server and the core service.

app.get('/ui/ep/dir/list', ( a_req, a_resp ) => {

    // Aaron should do some work here to determine the collection type

    // if it is a mapped collection – might need if statement, need to check if we need to go through consent flow or not
    // if it is a mapped collection Collection UUID and Collection type need to be included in UserGetAccessTokenRequest message
    // If token is already stored and not expired needs to be returned here.
    // If token is expired need to indicate if token is valid
    sendMessage( "UserGetAccessTokenRequest", {}, a_req, a_resp, function( reply ) {

        const opts = {
            hostname: 'transfer.api.globusonline.org',
            method: 'GET',
            path: '/v0.10/operation/endpoint/' + encodeURIComponent(a_req.query.ep) + '/ls?path=' + encodeURIComponent(a_req.query.path) + '&show_hidden=' + a_req.query.hidden,
            rejectUnauthorized: true,
            headers:{
                Authorization: ' Bearer ' + reply.access
            }
        };

        const req = https.request( opts, (res) => {
            var data = '';

            res.on('data', (chunk) => {
                data += chunk;
            });
            res.on('end', () => {
                a_resp.json(JSON.parse(data));
            });
        });

        req.on('error', (e) => {
            a_resp.status( 500 );
            a_resp.send( "Globus endpoint directoy listing failed." );
        });

        req.end();
    });

});

Four branches –

If token is in database for mapped collection, check expiration if valid return token, needs_consent bool is false
If token is in database for mapped collection, check expiration, if invalid use refresh token to create new access token, save in database, return needs_consent bool false
If token is in database for mapped collection, check expiration, if invalid refresh token fails, return needs_consent true
If token is not in database, return needs_consent: true

What needs to go in this if the access token does not exist for a mapped collection

message UserAccessTokenReply
{
required string access = 1; // Globus access token
required uint32 expires_in = 2; // Access token expiration in seconds
}

Acceptance

The four branches described above should work and have valid test cases.

The text was updated successfully, but these errors were encountered:

JoshuaSBrown assigned t-ramz Jan 7, 2025

JoshuaSBrown added this to the DataFed Mapped Collection Consent Support milestone Jan 7, 2025

JoshuaSBrown added the Priority: High Highest priority label Jan 7, 2025

t-ramz linked a pull request Feb 4, 2025 that will close this issue

Feature DAPS 1215 foxx UserGetAccessTokenRequest mapped collection support #1284

Open

7 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[DAPS, Foxx, Core] - Feature, adjust UserGetAccessRequest to work with Mapped Collection UUID #1215

[DAPS, Foxx, Core] - Feature, adjust UserGetAccessRequest to work with Mapped Collection UUID #1215

JoshuaSBrown commented Jan 7, 2025

[DAPS, Foxx, Core] - Feature, adjust UserGetAccessRequest to work with Mapped Collection UUID #1215

[DAPS, Foxx, Core] - Feature, adjust UserGetAccessRequest to work with Mapped Collection UUID #1215

Comments

JoshuaSBrown commented Jan 7, 2025

Description

Acceptance