DSDEEPB-2403: FireCloud OAuth login updates NIH link expiration time #180
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
most of the getProfile function is a cut-and-paste from the previous GetNIHStatus case. However, note I've removed the check on profile.isDbgapAuthorized, which added very little. See DSDEEPB-2404 for more context.
There was a problem hiding this comment.
I don't see any usages for this - I'm guessing this is for upcoming work?
|
👍 Looks good and functions as expected. Merging. |
rushtong
added a commit
that referenced
this pull request
Jan 6, 2016
DSDEEPB-2403: FireCloud OAuth login updates NIH link expiration time
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When logging in to FireCloud, if the current user:
then set the user's NIH link expiration to be 24 hours.
The implementation of this PR is, at first glance (and maybe the fifth glance), unconventional. The OAuth login would need to query Thurloe for NIH link keys, then inspect those keys and act appropriately. We already had an endpoint that queried and inspected those keys ... so I added the check-for-expiration feature into that code path. I like this approach also because it makes it trivially easy to enable the check-for-expiration feature in the /api/nih/status endpoint; in turn this may make it easy to call the check more often.
ProfileClient.scala has a bunch of code that moved around, so the diff shows bigger than it really is. I'll try to comment inline with details.