-
Notifications
You must be signed in to change notification settings - Fork 967
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OIDC backend configuration schema and validation #17274
Conversation
…used for all XML files. Mention accepted_audiences in oidc_backends_config.xml.sample
Hi @nuwang, I did this one when testing OIDC. KR, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a good idea to have schema for our config options, however I think we discussed removing all those little config files and just defining the config inline in galaxy.yml. In the meantime config/schemas is not the right location for this, I'd sugest lib/galaxy/authnz/xsd to follow the pattern used for other schemas.
change processing order for validation to occur after pre-processing the XML ensure validation is only done if lxml is available raise validation error, such that issue is immediately visible to the user.
@@ -294,13 +294,22 @@ def unique_id(KEY_SIZE=128): | |||
return md5(random_bits).hexdigest() | |||
|
|||
|
|||
def parse_xml(fname: StrPath, strip_whitespace=True, remove_comments=True) -> ElementTree: | |||
def parse_xml( | |||
fname: StrPath, schemafname: Union[StrPath, None] = None, strip_whitespace=True, remove_comments=True |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could break the use of this method by third-party apps (via https://pypi.org/project/galaxy-util/ ), it would be safer to have schemafname
be added as the last parameter).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you want to open a followup or should I do it ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can do it later.
except etree.DocumentInvalid as e: | ||
log.exception(f"Validation of file %s failed with error {e}" % fname) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should have been:
except etree.DocumentInvalid:
log.exception("Validation of file %s failed", fname)
Add schema validation for oidc_backends_config.xml.
The base mechanism can be used for all XML files.
How to test the changes?
(Select all options that apply)
License