Add ability to get api key with oauth token

Closes #110 (closed)

lib/galaxy/webapps/galaxy/services/authenticate.py

@@ -36,17 +36,28 @@ class AuthenticationService:
 
     def get_api_key(self, environ: Dict[str, Any], request: Request) -> APIKeyResponse:
         auth_header = environ.get("HTTP_AUTHORIZATION")
-        identity, password = self._decode_baseauth(auth_header)
-        # check if this is an email address or username
-        user = self._user_manager.get_user_by_identity(identity)
+        oauth_auth = False
+        if "Bearer " in auth_header:
+            oidc_access_token = auth_header.replace("Bearer ", "")
+            user = self._user_manager.by_oidc_access_token(oidc_access_token)
+            oauth_auth = True
+        else:
+            identity, password = self._decode_baseauth(auth_header)
+            # check if this is an email address or username
+            user = self._user_manager.get_user_by_identity(identity)
+
         if not user:
             raise exceptions.ObjectNotFound("The user does not exist.")
-        is_valid_user = self._auth_manager.check_password(user, password, request)
-        if is_valid_user:
+        if oauth_auth:
             key = self._api_keys_manager.get_or_create_api_key(user)
             return APIKeyResponse(api_key=key)
         else:
-            raise exceptions.AuthenticationFailed("Invalid password.")
+            is_valid_user = self._auth_manager.check_password(user, password, request)
+            if is_valid_user:
+                key = self._api_keys_manager.get_or_create_api_key(user)
+                return APIKeyResponse(api_key=key)
+            else:
+                raise exceptions.AuthenticationFailed("Invalid password.")
 
     def _decode_baseauth(self, encoded_str: Optional[Any]) -> Tuple[str, str]:
         """