Conversation
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the WalkthroughJWT token authentication support was added to the CrateDB Python client. This includes updates to the connection and HTTP client classes to accept and pass JWT tokens, documentation and changelog updates, and new tests to verify JWT authentication behavior. Existing authentication mechanisms remain unchanged. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Connection
participant Client
participant Server
User->>Connection: connect(jwt_token=...)
Connection->>Client: __init__(jwt_token=...)
Client->>Server: request(..., jwt_token=...)
Server->>Server: Add Authorization: Bearer <jwt_token> header (if not set)
Server-->>Client: Response
Client-->>Connection: Response
Connection-->>User: Connection established
Poem
✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
seut
left a comment
seut
left a comment
There was a problem hiding this comment.
👍
Maybe adding a sanity check to give a good error if token and user/password auth is used in conjunction would be useful. Afaik, the user/password args would be used then instead (it will just override the Authorization header afaik) which may not be clear to a user.
|
Thank you for providing support for JWT! |
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
| # Sanity checks. | ||
| if jwt_token is not None and username is not None: | ||
| raise ValueError( | ||
| "Either JWT tokens are accepted, " | ||
| "or user credentials, but not both" | ||
| ) |
There was a problem hiding this comment.
Maybe adding a sanity check to give a good error if token and user/password auth is used in conjunction would be useful.
Good idea. a1ac249 just added this additional sanity check as suggested.
| def request( | ||
| self, | ||
| method, | ||
| path, | ||
| data=None, | ||
| stream=False, | ||
| headers=None, | ||
| username=None, | ||
| password=None, | ||
| jwt_token=None, | ||
| schema=None, | ||
| backoff_factor=0, | ||
| **kwargs, | ||
| ): |
There was a problem hiding this comment.
This breaks ABI for positional arguments. Please always add new arguments last.
But also in general a bit odd that the function takes jwt_token and headers, where the jwt_token ends up becoming part of the header. Might make sense to move this to the caller who provides the header?
There was a problem hiding this comment.
This breaks ABI for positional arguments. Please always add new arguments last.
Apologies. I received this too late for 2.1.0. I will change it and release 2.1.1 right away. ✅
| def __init__( | ||
| self, | ||
| servers=None, | ||
| timeout=None, | ||
| backoff_factor=0, | ||
| client=None, | ||
| verify_ssl_cert=True, | ||
| ca_cert=None, | ||
| error_trace=False, | ||
| cert_file=None, | ||
| key_file=None, | ||
| ssl_relax_minimum_version=False, | ||
| username=None, | ||
| password=None, | ||
| jwt_token=None, | ||
| schema=None, | ||
| pool_size=None, | ||
| socket_keepalive=True, | ||
| socket_tcp_keepidle=None, | ||
| socket_tcp_keepintvl=None, | ||
| socket_tcp_keepcnt=None, | ||
| converter=None, | ||
| time_zone=None, | ||
| ): |
There was a problem hiding this comment.
See other comment about positional arguments
There was a problem hiding this comment.
Thanks. Will fix and run an aftermath release.
5 participants
CrateDB 5.7.0 introduced JWT token authentication. Let's also implement it on the client sides.
/cc @matriv, @kneth