Add ORNL specific logic when loggin in from NOVA (b8bd6b58) · Commits · NDIP / Galaxy

lib/galaxy/authnz/custos_authnz.py

+0 −1

Original line number	Diff line number	Diff line
		@@ -590,7 +590,6 @@ class OIDCAuthnzBase(IdentityProvider):

		custos_authnz_token = self._get_custos_authnz_token(sa_session, user_id, self.config.provider)
		user = custos_authnz_token.user if custos_authnz_token else None
		self.refresh(sa_session, custos_authnz_token, 90)
		return user, decoded_jwt

+0 −1

Original line number	Diff line number	Diff line
		@@ -329,7 +329,6 @@ class PSAAuthnz(IdentityProvider):
		user_id = decoded_jwt["unique_name"]
		authnz_token = self._get_authnz_token(sa_session, user_id, self.config["provider"])
		user = authnz_token.user if authnz_token else None
		self.refresh(sa_session, authnz_token, 90)
		return user, decoded_jwt

		@staticmethod

+14 −0

Original line number	Diff line number	Diff line
		@@ -4168,3 +4168,17 @@ mapping:
		Number of seconds before file source content listings are refreshed. Shorter times will result in more
		queries while browsing a file sources. Longer times will result in fewer requests to file sources but
		outdated contents might be displayed to the user. Currently only affects s3fs file sources.

		ornl_nova_redirect_url:
		type: str
		default: https://nova-test.ornl.gov
		required: false
		desc: \|
		ORNL Only. The url to return to when logging in through Galaxy via NOVA.

		ornl_nova_login_origin_cookie:
		type: str
		default: galaxy-nova-login
		required: false
		desc: \|
		ORNL Only. The name of the cookie to check whether the user was sent from NOVA to log in.
		No newline at end of file

+2 −0

Original line number	Diff line number	Diff line
		@@ -233,6 +233,8 @@ class ConfigSerializer(base.ModelSerializer):
		"enable_help_forum_tool_panel_integration": _use_config,
		"disable_batch_input": _use_config,
		"llm_api_configured": lambda item, key, **context: bool(item.openai_api_key),
		"ornl_nova_redirect_url": _defaults_to("https://nova-test.ornl.gov"),
		"ornl_nova_login_origin_cookie": _defaults_to("galaxy-nova-login")
		}

+11 −0

Original line number	Diff line number	Diff line
		@@ -91,6 +91,12 @@ class OIDC(JSAppLauncher):
		trans.set_cookie(value="/", name=LOGIN_NEXT_COOKIE_NAME)
		success, message, redirect_uri = trans.app.authnz_manager.authenticate(provider, trans, idphint)
		if success:

		# ORNL ONLY logic
		nova_login = trans.get_cookie(trans.app.config.ornl_nova_login_origin_cookie)
		if nova_login == "true":
		return trans.response.send_redirect(url_for(redirect_uri))

		return {"redirect_uri": redirect_uri}
		else:
		raise exceptions.AuthenticationFailed(message)
		@@ -149,6 +155,11 @@ class OIDC(JSAppLauncher):
		trans.set_cookie(value=provider, name=PROVIDER_COOKIE_NAME)
		# Clear the login next cookie back to default.
		trans.set_cookie(value="/", name=LOGIN_NEXT_COOKIE_NAME)

		# ORNL ONLY logic
		nova_login = trans.get_cookie(trans.app.config.ornl_nova_login_origin_cookie)
		if nova_login == "true":
		return trans.response.send_redirect(url_for(trans.app.config.ornl_nova_redirect_url))
		return trans.response.send_redirect(url_for(redirect_url))

		@web.expose