Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: add SDK functionality for SSO Improvements #10096

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

ShreyaLnuHpe
Copy link
Contributor

@ShreyaLnuHpe ShreyaLnuHpe commented Oct 22, 2024

Ticket

DET-10456
DET-10406
DET-10402
DET-10399

Description

Test Plan

Checklist

  • Changes have been manually QA'd
  • New features have been approved by the corresponding PM
  • User-facing API changes have the "User-facing API Change" label
  • Release notes have been added as a separate file under docs/release-notes/
    See Release Note for details.
  • Licenses have been included for new code which was copied and/or modified from any external code

@ShreyaLnuHpe ShreyaLnuHpe requested a review from a team as a code owner October 22, 2024 18:20
@cla-bot cla-bot bot added the cla-signed label Oct 22, 2024
Copy link

codecov bot commented Oct 22, 2024

Codecov Report

Attention: Patch coverage is 21.66667% with 94 lines in your changes missing coverage. Please review.

Project coverage is 49.33%. Comparing base (34e4749) to head (8854901).
Report is 13 commits behind head on main.

Files with missing lines Patch % Lines
harness/determined/cli/token.py 11.36% 39 Missing ⚠️
harness/determined/common/experimental/token.py 32.65% 33 Missing ⚠️
harness/determined/common/api/authentication.py 7.14% 13 Missing ⚠️
...rness/determined/common/experimental/determined.py 30.76% 9 Missing ⚠️

❗ There is a different number of reports uploaded between BASE (34e4749) and HEAD (8854901). Click for more details.

HEAD has 12 uploads less than BASE
Flag BASE (34e4749) HEAD (8854901)
harness 16 5
web 2 1
Additional details and impacted files
@@            Coverage Diff             @@
##             main   #10096      +/-   ##
==========================================
- Coverage   54.39%   49.33%   -5.07%     
==========================================
  Files        1268     1227      -41     
  Lines      159317   157143    -2174     
  Branches     3631     3631              
==========================================
- Hits        86668    77521    -9147     
- Misses      72515    79488    +6973     
  Partials      134      134              
Flag Coverage Δ
harness 44.05% <21.66%> (-28.50%) ⬇️
web 53.94% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
...rness/determined/common/experimental/determined.py 26.66% <30.76%> (-20.04%) ⬇️
harness/determined/common/api/authentication.py 15.93% <7.14%> (-71.32%) ⬇️
harness/determined/common/experimental/token.py 32.65% <32.65%> (ø)
harness/determined/cli/token.py 16.07% <11.36%> (-0.10%) ⬇️

... and 195 files with indirect coverage changes

Copy link

netlify bot commented Oct 22, 2024

Deploy Preview for determined-ui ready!

Name Link
🔨 Latest commit 8854901
🔍 Latest deploy log https://app.netlify.com/sites/determined-ui/deploys/6717ecf163efe6000824d3c2
😎 Deploy Preview https://deploy-preview-10096--determined-ui.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.



class TokenType(enum.Enum):
# UNSPECIFIED is internal to the bound API and is not be exposed to the front end
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this comment seems to be leftover from copy/paste?

ACCESS_TOKEN = bindings.v1TokenType.ACCESS_TOKEN.name


class AccessToken:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's just call this Token, that's what it is in the CLI after all

)
return token.AccessToken._from_bindings(resp.tokenInfo, self._session)

def list_tokens(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think all 3 of these new methods: describe_token, describe_tokens, and list_tokens should be combined into a singular list_tokens that takes in all the parameters.

the CLI and SDK roughly overlap in functionality, but the methods shouldn't be an exact replica. in the CLI, we have to be careful about which methods to expose and how because the UI is limited to the command line, so we generally value convenience and modularity. but the SDK has a bit of a different philosophy. it's in code and made for developers, so the methods we expose can be more powerful and more robust. (see list_experiments here as an example)

the functionality in describe_token, describe_tokens, and list_tokens can be captured with a single list_tokens method, and the user can pass in exactly what they want, just like in code. i'm thinking list_tokens would have a signature like:

def list_tokens(
        self,
        username: Optional[str],
        token_ids: Optional[List[int]],
        include_inactive: bool,
        sort_by: token.TokenSortBy = token.TokenSortBy.NAME,
        order_by: OrderBy = OrderBy.ASCENDING,
    ) -> List[token.Token]:

this is nice because it basically mirrors the actual bindings API call, the user isn't limited by separate methods, and the method is representative of the actual query we make in the system. we should also include sort/order as accepted parameters.

return token.AccessToken._from_bindings(resp.tokenInfo, self._session)

def create_token(
self, user_id: int, lifespan: Optional[str] = None, description: Optional[str] = None
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's make user_id username here, since the other methods in the SDK use that as the standard identifier.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also, we've decided to accept days, so let's just make it expiration_days here.


def reload(self) -> None:
resp = bindings.get_GetAccessTokens(
session=self._session, tokenIds=[self.id], showInactive=True
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does self.id exist? either change this to self.token_id or add a property to this class:

@property
    def id(self) -> int:
        return self._id

).tokenInfo
self._hydrate(resp[0])

def edit_token(self, desc) -> None:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's make this set_description to follow standard for other SDK methods.

)
self.reload()

def revoke_token(self) -> None:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's call this revoke, we're already on the token object, no need for the extra verbosity.


@classmethod
def _from_bindings(
cls, AccessToken_bindings: List[bindings.v1TokenInfo], session: api.Session
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

casing is weird with AccessToken_bindings. just call it token_bindings?

@classmethod
def _from_bindings(
cls, AccessToken_bindings: List[bindings.v1TokenInfo], session: api.Session
) -> "AccessToken | List[AccessToken]":
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this method should always just return a single Token object, because it lives on the Token class. it's up to the caller to create the list.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think it'd be great if the Determined SDK client class accepted a token: Optional[str] parameter as well to be able to use the SDK with these access tokens.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants