Merge pull request #124 from shinybrar/main

OpenCADC Firefly

.gitignore

@@ -15,6 +15,7 @@ downloads/
 eggs/
 .eggs/
 lib/
+!science-containers/Dockerfiles/firefly/lib/
 lib64/
 parts/
 sdist/

.pre-commit-config.yaml

@@ -8,24 +8,24 @@ repos:
     - --line-width=88
     id: isort
   repo: https://github.com/pycqa/isort
-  rev: 5.12.0
+  rev: 5.13.2
 - hooks:
   - args:
     - --max-line-length=89
     - --max-complexity=15
     id: flake8
   repo: https://github.com/pycqa/flake8
-  rev: 6.0.0
+  rev: 7.1.1
 - hooks:
   - args:
     - --py36-plus
     id: pyupgrade
   repo: https://github.com/asottile/pyupgrade
-  rev: v3.3.1
+  rev: v3.19.1
 - hooks:
   - id: black
   repo: https://github.com/psf/black
-  rev: 23.1.0
+  rev: 24.10.0
 - hooks:
   - additional_dependencies:
     - types-attrs
@@ -37,7 +37,7 @@ repos:
     - --no-implicit-optional
     id: mypy
   repo: https://github.com/pre-commit/mirrors-mypy
-  rev: v1.0.0
+  rev: v1.14.1
 - hooks:
   - args:
     - --convention=google
@@ -48,7 +48,7 @@ repos:
 - hooks:
   - id: blacken-docs
   repo: https://github.com/asottile/blacken-docs
-  rev: 1.13.0
+  rev: 1.19.1
 - hooks:
   - exclude: ^docs/*
     id: trailing-whitespace
@@ -67,14 +67,14 @@ repos:
   - id: check-symlinks
   - id: detect-private-key
   repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v4.4.0
+  rev: v5.0.0
 - hooks:
   - args:
     - -iii
     - -lll
     id: bandit
   repo: https://github.com/PyCQA/bandit
-  rev: 1.7.4
+  rev: 1.8.2
 - hooks:
   - additional_dependencies:
     - radon
@@ -93,4 +93,4 @@ repos:
     stages:
     - commit-msg
   repo: https://github.com/commitizen-tools/commitizen
-  rev: v2.41.0
+  rev: v4.1.0

science-containers/Dockerfiles/firefly/Dockerfile

@@ -0,0 +1,15 @@
+FROM gradle:jdk21 AS builder
+
+COPY . /firefly
+WORKDIR /firefly/cadc-sso
+
+SHELL ["/bin/bash", "-eo", "pipefail", "-c"]
+
+RUN set -eux; \
+    gradle build --info \
+    && ls -l lib/build/libs/cadc-sso-*.jar
+
+FROM ipac/firefly:2024.3.5
+COPY --from=builder /firefly/cadc-sso/lib/build/libs/cadc-sso-*.jar /usr/local/tomcat/extensions/
+COPY --from=builder /firefly/launchTomcat.sh /usr/local/tomcat/
+

science-containers/Dockerfiles/firefly/README.md

@@ -0,0 +1,48 @@
+# CADC SSO Library
+## Overview
+The CADC SSO library provides classes and interfaces for handling Single Sign-On (SSO) authentication within the CADC (Canadian Astronomy Data Centre) environment. The primary purpose of this library is to facilitate secure authentication and authorization mechanisms for accessing CADC services.
+
+## Key Components
+### TokenRelay Class
+The TokenRelay class is the core component of this library. It retrieves the authentication token from the SSO cookie and provides methods to interact with the token.
+
+#### Key Methods
+- `getAuthToken()`: Retrieves the authentication token from the SSO cookie. It first gets the request agent from the server context and then looks for the SSO cookie using the predefined cookie name. If the cookie is found, it extracts the token value and the domain of the cookie. The method then checks if the domain of the cookie is allowed. If the domain is allowed, it creates a new Token object with the token value and logs the successful retrieval. If the domain is not allowed or the cookie is not found, it logs the appropriate message and returns null.
+
+- `setAuthCredential(HttpServiceInput inputs)`: Sets the authorization credential for the given HTTP service input. This method retrieves an authentication token and, if the token is not null and the request URL requires an authorization credential, sets the "Authorization" header of the HTTP service input to "Bearer " followed by the token ID.
+
+- `getRequestAgent()`: Retrieves the request agent from the server context. This method is package-private to allow for testing with a mock request agent.
+
+## Environment Variables
+The library uses the following environment variables to configure the SSO cookie properties and downstream service properties:
+
+- `CADC_SSO_COOKIE_NAME`: The name of the SSO cookie. Default is "CADC_SSO".
+- `CADC_SSO_COOKIE_DOMAIN`: The domain of the SSO cookie. Default is ".canfar.net".
+- `CADC_ALLOWED_DOMAIN`: The domain of the downstream service. Default is ".canfar.net".
+
+## Build Instructions
+
+To build the project, use the provided Dockerfile and docker-compose.yaml.
+
+```bash
+git clone https://github.com/opencadc/science-containers.git
+cd science-containers/science-containers/Dockerfiles/firefly/
+```
+
+To build the Docker image, run the following command:
+
+```bash
+docker build --platform=linux/amd64 -t opencadc/firefly:latest .
+```
+
+Alternatively, using Docker Compose, navigate to the project directory containing the `docker-compose.yaml` file and run the following command:
+
+```bash
+docker-compose up
+```
+
+## Usage
+
+The Docker Compose setup will start the Firefly service on port 8080. You can access it via http://localhost:8080.
+
+

science-containers/Dockerfiles/firefly/cadc-sso/.gitattributes

@@ -0,0 +1,12 @@
+#
+# https://help.github.com/articles/dealing-with-line-endings/
+#
+# Linux start script should use lf
+/gradlew        text eol=lf
+
+# These are Windows script files and should use crlf
+*.bat           text eol=crlf
+
+# Binary files should be left untouched
+*.jar           binary
+

science-containers/Dockerfiles/firefly/cadc-sso/.gitignore

@@ -0,0 +1,11 @@
+# Ignore Gradle project-specific cache directory
+.gradle
+
+# Ignore Gradle build output directory
+build/
+
+# Ignore all files under build directories
+lib/build/**
+
+# Ignore Visual Studio Code settings folder
+.vscode/

science-containers/Dockerfiles/firefly/cadc-sso/README.md

@@ -0,0 +1,113 @@
+# Gradle Java Version Mismatch Issues
+
+## **Root Cause**
+
+When installing `gradle` on macOS using Homebrew, the `gradle` formula may not set the correct Java version for the **Launcher JVM**. This can lead to a mismatch between the **Launcher JVM** and **Daemon JVM**, causing class file version errors during the build process.
+
+## **Problem Description**
+
+When using Gradle, you may encounter a mismatch between the **Launcher JVM** and **Daemon JVM**, resulting in testing errors for linking the `firefly.server.security` package. The error message may look like:
+
+```
+class file has wrong version 67.0, should be 65.0
+```
+This typically occurs when:
+- The Gradle Launcher is using a different JDK version than the Daemon.
+- Gradle's Daemon JVM is configured correctly, but the Launcher JVM defaults to a globally installed JDK (e.g., OpenJDK 23 instead of OpenJDK 21).
+
+## **Symptoms**
+1. Gradle build fails with errors like:
+   ```
+   bad class file: <path_to_class>
+   class file has wrong version 67.0, should be 65.0
+   ```
+
+    This happens because the project is build using JAVA 21, but tested using JAVA 23.
+
+2. Running `gradle --version` shows:
+   ```
+   Launcher JVM:  23.0.2
+   Daemon JVM:    /opt/homebrew/opt/openjdk@21 (from org.gradle.java.home)
+   ```
+   The **Launcher JVM** is using a different version (e.g., OpenJDK 23) than the **Daemon JVM** (e.g., OpenJDK 21).
+
+## **Solution**
+
+To resolve this issue, you need to ensure both the **Launcher JVM** and **Daemon JVM** are using the same version of Java (in this case, OpenJDK 21).
+
+### **1. Set the Java Version for Gradle**
+#### Option A: Set `GRADLE_OPTS` Environment Variable
+Configure Gradle to use OpenJDK 21 by setting the `GRADLE_OPTS` environment variable:
+
+```bash
+export GRADLE_OPTS="-Dorg.gradle.java.home=/opt/homebrew/opt/openjdk@21/"
+```
+To make this permanent, add it to your shell configuration file (e.g., **~/.zshrc** or **~/.bashrc**):
+
+```bash
+echo 'export GRADLE_OPTS="-Dorg.gradle.java.home=/opt/homebrew/opt/openjdk@21/"' >> ~/.zshrc
+source ~/.zshrc
+```
+
+#### Option B: Set `JAVA_HOME` Globally
+Alternatively, configure `JAVA_HOME` globally to point to OpenJDK 21:
+
+```bash
+export JAVA_HOME=/opt/homebrew/opt/openjdk@21
+export PATH=$JAVA_HOME/bin:$PATH
+```
+To make this permanent:
+
+```bash
+echo 'export JAVA_HOME=/opt/homebrew/opt/openjdk@21' >> ~/.zshrc
+echo 'export PATH=$JAVA_HOME/bin:$PATH' >> ~/.zshrc
+source ~/.zshrc
+```
+
+### **2. Verify Gradle Java Version**
+After setting the environment variables, check if Gradle is using the correct Java version:
+
+```bash
+gradle --version
+```
+Expected output:
+```bash
+------------------------------------------------------------
+Gradle 8.12.1
+------------------------------------------------------------
+
+Build time:    2025-01-24 12:55:12 UTC
+Revision:      0b1ee1ff81d1f4a26574ff4a362ac9180852b140
+
+Kotlin:        2.0.21
+Groovy:        3.0.22
+Ant:           Apache Ant(TM) version 1.10.15 compiled on August 25 2024
+Launcher JVM:  21.0.6 (Homebrew 21.0.6)
+Daemon JVM:    /opt/homebrew/opt/openjdk@21 (from org.gradle.java.home)
+OS:            Mac OS X 14.7.1 aarch64
+```
+
+Both the **Launcher JVM** and **Daemon JVM** should now use Java 21.
+
+### **3. Stop and Restart Gradle Daemon**
+Kill any running Gradle daemons to ensure they pick up the new configuration:
+
+```bash
+gradle --stop
+```
+Then, rebuild the project:
+
+```bash
+gradle clean build --no-daemon
+```
+
+### **4. Rebuild the Project**
+If Gradle is now using the correct Java version, the build should succeed without errors:
+
+```bash
+gradle build --no-daemon
+```
+
+## **Summary**
+By ensuring both the Launcher JVM and Daemon JVM use the same Java version (OpenJDK 21), you can avoid class file version mismatch errors and ensure compatibility with your project requirements. Use the steps above to configure Gradle properly and verify your build environment.
+

science-containers/Dockerfiles/firefly/cadc-sso/gradle.properties

@@ -0,0 +1,6 @@
+# This file was generated by the Gradle 'init' task.
+# https://docs.gradle.org/current/userguide/build_environment.html#sec:gradle_configuration_properties
+
+
+org.gradle.parallel=true
+org.gradle.parallel.threads=8

science-containers/Dockerfiles/firefly/cadc-sso/gradle/libs.versions.toml

@@ -0,0 +1,10 @@
+# This file was generated by the Gradle 'init' task.
+# https://docs.gradle.org/current/userguide/platforms.html#sub::toml-dependencies-format
+
+[versions]
+commons-math3 = "3.6.1"
+guava = "33.3.1-jre"
+
+[libraries]
+commons-math3 = { module = "org.apache.commons:commons-math3", version.ref = "commons-math3" }
+guava = { module = "com.google.guava:guava", version.ref = "guava" }

science-containers/Dockerfiles/firefly/cadc-sso/gradle/wrapper/gradle-wrapper.properties

@@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists