Add OIDC backend configuration schema and validation #17274
Conversation
…used for all XML files. Mention accepted_audiences in oidc_backends_config.xml.sample
|
Hi @nuwang, I did this one when testing OIDC. KR, |
There was a problem hiding this comment.
It's a good idea to have schema for our config options, however I think we discussed removing all those little config files and just defining the config inline in galaxy.yml. In the meantime config/schemas is not the right location for this, I'd sugest lib/galaxy/authnz/xsd to follow the pattern used for other schemas.
change processing order for validation to occur after pre-processing the XML ensure validation is only done if lxml is available raise validation error, such that issue is immediately visible to the user.
mvdbeek
changed the title
| @@ -294,13 +294,22 @@ def unique_id(KEY_SIZE=128): | |||
| return md5(random_bits).hexdigest() | |||
|
|
|||
|
|
|||
| def parse_xml(fname: StrPath, strip_whitespace=True, remove_comments=True) -> ElementTree: | |||
| def parse_xml( | |||
| fname: StrPath, schemafname: Union[StrPath, None] = None, strip_whitespace=True, remove_comments=True | |||
There was a problem hiding this comment.
This could break the use of this method by third-party apps (via https://pypi.org/project/galaxy-util/ ), it would be safer to have schemafname be added as the last parameter).
There was a problem hiding this comment.
Do you want to open a followup or should I do it ?
| except etree.DocumentInvalid as e: | ||
| log.exception(f"Validation of file %s failed with error {e}" % fname) |
There was a problem hiding this comment.
This should have been:
except etree.DocumentInvalid:
log.exception("Validation of file %s failed", fname)
Add schema validation for oidc_backends_config.xml.
The base mechanism can be used for all XML files.
How to test the changes?
(Select all options that apply)
License