From 5c1dbd0928a1ea9c0292ae30ccc7e1380dd2f413 Mon Sep 17 00:00:00 2001 From: Joshua Brown Date: Tue, 9 Apr 2024 12:52:09 -0400 Subject: [PATCH] Address static analyzer issues --- compose/build_repo_images_for_compose.sh | 4 +- scripts/dependency_install_functions.sh | 6 +-- scripts/generate_gsi-authz_config.sh | 4 +- scripts/globus/create_guest_collection.py | 57 ++------------------ scripts/globus/globus_cleanup.py | 3 +- scripts/globus/initialize_globus_endpoint.py | 5 +- 6 files changed, 12 insertions(+), 67 deletions(-) diff --git a/compose/build_repo_images_for_compose.sh b/compose/build_repo_images_for_compose.sh index 65cdb967e..3ab2994ce 100755 --- a/compose/build_repo_images_for_compose.sh +++ b/compose/build_repo_images_for_compose.sh @@ -7,10 +7,10 @@ SOURCE=$(dirname "$SCRIPT") PROJECT_ROOT=$(realpath "${SOURCE}/../") . "${PROJECT_ROOT}/scripts/dependency_versions.sh" -cd ${PROJECT_ROOT}/external/globus-connect-server-deploy/docker +cd "${PROJECT_ROOT}/external/globus-connect-server-deploy/docker" git checkout "$DATAFED_GCS_SUBMODULE_VERSION" docker build --progress plain --tag "gcs-ubuntu-base:latest" - < "./docker-files/Dockerfile.ubuntu-20.04" -cd ${PROJECT_ROOT} +cd "${PROJECT_ROOT}" docker build \ -f "${PROJECT_ROOT}/docker/Dockerfile.dependencies" \ "${PROJECT_ROOT}" \ diff --git a/scripts/dependency_install_functions.sh b/scripts/dependency_install_functions.sh index 102eabeb1..5b97d98c3 100644 --- a/scripts/dependency_install_functions.sh +++ b/scripts/dependency_install_functions.sh @@ -7,10 +7,10 @@ source "${SOURCE}/utils.sh" sudo_command # these are the dependencies to be installed by apt -apt_file_path="${PROJECT_ROOT}/tmp/apt_deps" -pip_file_path="${PROJECT_ROOT}/tmp/pip_deps" +export apt_file_path="${PROJECT_ROOT}/tmp/apt_deps" +export pip_file_path="${PROJECT_ROOT}/tmp/pip_deps" # these are the dependencies to be installed and built via cmake -ext_file_path="${PROJECT_ROOT}/tmp/ext_deps" +export ext_file_path="${PROJECT_ROOT}/tmp/ext_deps" if [ ! -d "${PROJECT_ROOT}/tmp" ]; then mkdir -p "${PROJECT_ROOT}/tmp" diff --git a/scripts/generate_gsi-authz_config.sh b/scripts/generate_gsi-authz_config.sh index 6abab4e6e..3482ce297 100755 --- a/scripts/generate_gsi-authz_config.sh +++ b/scripts/generate_gsi-authz_config.sh @@ -5,8 +5,8 @@ set -ef -o pipefail SCRIPT=$(realpath "$0") SOURCE=$(dirname "$SCRIPT") -PROJECT_ROOT=$(realpath ${SOURCE}/..) -source ${PROJECT_ROOT}/config/datafed.sh +PROJECT_ROOT=$(realpath "${SOURCE}/..") +source "${PROJECT_ROOT}/config/datafed.sh" PATH_TO_CONFIG_DIR=$(realpath "$SOURCE/../config") CONFIG_FILE_NAME="gsi-authz.conf" diff --git a/scripts/globus/create_guest_collection.py b/scripts/globus/create_guest_collection.py index 5a82814bb..872468a15 100644 --- a/scripts/globus/create_guest_collection.py +++ b/scripts/globus/create_guest_collection.py @@ -1,8 +1,6 @@ import globus_sdk -import subprocess +from globus_sdk import AccessTokenAuthorizer import utils -from globus_sdk import AuthClient, AccessTokenAuthorizer -import json import os import sys @@ -56,70 +54,21 @@ if local_username is None: raise Exception("DATAFED_REPO_USER is not defined.") -# client = globus_sdk.NativeAppAuthClient(CLIENT_ID) - -# manage_projects scope to create a project -# view_identities to user information for creating GCS server -# client.oauth2_start_flow(requested_scopes="openid profile email urn:globus:auth:scope:auth.globus.org:manage_projects urn:globus:auth:scope:auth.globus.org:view_identities", refresh_tokens=True) -# -# authorize_url = client.oauth2_get_authorize_url(query_params={"prompt": "login"}) -# print("Please go to this URL and login: \n", authorize_url) -# auth_code = input("Please enter the authorization code: ") -# -# token_response = client.oauth2_exchange_code_for_tokens(auth_code) -## Extract the token -# refresh_token_auth = token_response.by_resource_server['auth.globus.org']['refresh_token'] -# rt_authorizer = globus_sdk.RefreshTokenAuthorizer(refresh_token_auth, client) -## auth_client_refresh_token -# ac_rt = AuthClient(authorizer=rt_authorizer) -# -# userinfo = ac_rt.oauth2_userinfo() -## Will get the primary email and id -# identity_id = userinfo["sub"] -# email = userinfo["email"] -# username = userinfo["preferred_username"] -# organization = userinfo["identity_provider_display_name"] - if client_id is None: - client_id = getClientIdFromCredFile(CRED_FILE_PATH) + client_id = utils.getClientIdFromCredFile(CRED_FILE_PATH) if client_secret is None: - client_secret = getCredentialFromFile(CRED_FILE_PATH, client_id) + client_secret = utils.getCredentialFromFile(CRED_FILE_PATH, client_id) client = globus_sdk.ConfidentialAppAuthClient(client_id, client_secret) scopes = "openid profile email urn:globus:auth:scope:auth.globus.org:manage_projects urn:globus:auth:scope:auth.globus.org:view_identities" authorizer = globus_sdk.ClientCredentialsAuthorizer(client, scopes) -# cc_authorizer = globus_sdk.ClientCredentialsAuthorizer(confidential_client, -# scopes) - -# token_response = client.oauth2_client_credentials_tokens() - -# refresh_token_auth = token_response.by_resource_server['auth.globus.org']['refresh_token'] -# rt_authorizer = globus_sdk.RefreshTokenAuthorizer(refresh_token_auth, client) -# the useful values that you want at the end of this -# globus_auth_data = token_response.by_resource_server["auth.globus.org"] -# globus_transfer_data = -# token_response.by_resource_server["transfer.api.globus.org"] -# globus_auth_token = globus_auth_data["access_token"] -# globus_transfer_token = globus_transfer_data["access_token"] gcs_client = globus_sdk.GCSClient(DATAFED_GCS_URL, authorizer=authorizer) - -import globus_sdk from globus_sdk import scopes -# client credentials -# This client identity must have the needed permissions to create a guest -# collection on the mapped collection, and a valid mapping to a local account -# on the storage gateway that matches the local_username -# If using user tokens, the user must be the one with the correct permissions -# and identity mapping. -# client_id = "4de65cd7-4363-4510-b652-f8d15a43a0af" -# client_secret = "*redacted*" -# local_username = "datafed" - # The scope the client will need, note that primary scope is for the endpoint, # but it has a dependency on the mapped collection's data_access scope diff --git a/scripts/globus/globus_cleanup.py b/scripts/globus/globus_cleanup.py index 502c57733..0583f916b 100644 --- a/scripts/globus/globus_cleanup.py +++ b/scripts/globus/globus_cleanup.py @@ -1,8 +1,7 @@ import globus_sdk -from globus_sdk import AuthClient, GroupsClient, AccessTokenAuthorizer +from globus_sdk import AuthClient, GroupsClient from globus_sdk.scopes import GroupsScopes import subprocess -import json import sys import os import utils diff --git a/scripts/globus/initialize_globus_endpoint.py b/scripts/globus/initialize_globus_endpoint.py index 0f0e79334..b6fe6887a 100644 --- a/scripts/globus/initialize_globus_endpoint.py +++ b/scripts/globus/initialize_globus_endpoint.py @@ -1,14 +1,11 @@ import globus_sdk -import subprocess import utils -from globus_sdk import AuthClient, GroupsClient, AccessTokenAuthorizer +from globus_sdk import AuthClient, GroupsClient from globus_sdk.scopes import GroupsScopes -import json import os import sys - # Hard coded Native Client ID CLIENT_ID = "f8d0afca-7ac4-4a3c-ac05-f94f5d9afce8"