Add option to not inject gitlab tokens #769
Conversation
There was a problem hiding this comment.
Why not write the logic in internal/revproxy/main.go, in RegisterHandlers() and initializeAuth()? It would be much simpler to follow and understand which middlewares are affected by the change of configuration.
When enableV1Services is false, then you can:
- Skip initialization of:
coreSvcIdTokenAuthdataGitlabAccessTokenAuthgitlabTokenAuthgitlabCliTokenAuthnotebooksGitlabAccessTokenAuth
- Update how the revproxy is initialized in
RegisterHandlers()
internal/revproxy/auth.go
Outdated
| Middleware() echo.MiddlewareFunc | ||
| } | ||
|
|
||
| func NewAuthMiddlewareProvider(ignoreGitlabTokens bool, options ...AuthOption) (AuthMiddlewareProvider, error) { |
There was a problem hiding this comment.
If I set ignoreGitlabTokens to true on a middleware that has nothing to do with GitLab, it will skip the auth entirely too, so the way the arguments are named here are an anti-pattern.
internal/config/config.yaml
Outdated
| revproxy: | ||
| renkuBaseUrl: "https://renkulab.io" | ||
| externalGitlabUrl: | ||
| ignoreGitlabTokens: false |
There was a problem hiding this comment.
Misnomer: use enableV1Services: false, or use skipGitlabTokens: true
| } | ||
| return srv, url | ||
| } | ||
| // TODO Unused code. Can it be deleted? |
There was a problem hiding this comment.
Probably yes. There may have been a test using this in the past.
ciyer
force-pushed
the
ciyer/no-inject-tokens
branch
from
b8bb8ca to
20d3471
Compare
Thanks for the review. I made the changes around wording to avoid confusion in the names and semantics of some of the variables and parameters. I agree that putting this logic in It looks like I will not be able to complete this task, and, since it overlaps with some tasks you have coming up, feel free to use the changes in this PR, or ignore them and implement it in a different way. |
|
Note: superseded by #770. |
No description provided.