Merge branch 'is7930/refactor-async-jobs-rpc-routes' of github.com:giancarloromeo/osparc-simcore into is7930/refactor-async-jobs-rpc-routes

Author: giancarloromeo

api/specs/web-server/_auth.py

@@ -153,17 +153,15 @@ async def logout(_body: LogoutBody):
 
 @router.get(
     "/auth:check",
-    operation_id="check_authentication",
     status_code=status.HTTP_204_NO_CONTENT,
     responses={
         status.HTTP_401_UNAUTHORIZED: {
             "model": EnvelopedError,
-            "description": "unauthorized reset due to invalid token code",
         }
     },
 )
 async def check_auth():
-    """checks if user is authenticated in the platform"""
+    """checks whether user request is authenticated"""
 
 
 @router.post(

services/static-webserver/client/source/class/osparc/dashboard/ResourceDetails.js

@@ -890,7 +890,7 @@ qx.Class.define("osparc.dashboard.ResourceDetails", {
         return;
       }
 
-      if (!osparc.study.Utils.canCreateFunction(this.__resourceData["workbench"])) {
+      if (!osparc.study.Utils.isPotentialFunction(this.__resourceData["workbench"])) {
         return;
       }
 

services/static-webserver/client/source/class/osparc/study/Utils.js

@@ -250,6 +250,22 @@ qx.Class.define("osparc.study.Utils", {
       return Array.from(services);
     },
 
+    extractComputationalServices: function(workbench) {
+      const computationals = Object.values(workbench).filter(node => {
+        const metadata = osparc.store.Services.getMetadata(node["key"], node["version"]);
+        return metadata && osparc.data.model.Node.isComputational(metadata);
+      });
+      return computationals;
+    },
+
+    extractDynamicServices: function(workbench) {
+      const dynamics = Object.values(workbench).filter(node => {
+        const metadata = osparc.store.Services.getMetadata(node["key"], node["version"]);
+        return metadata && osparc.data.model.Node.isDynamic(metadata);
+      });
+      return dynamics;
+    },
+
     extractFilePickers: function(workbench) {
       const parameters = Object.values(workbench).filter(srv => srv["key"].includes("simcore/services/frontend/file-picker"));
       return parameters;
@@ -277,20 +293,28 @@ qx.Class.define("osparc.study.Utils", {
       return parameters;
     },
 
-    canCreateFunction: function(workbench) {
+    isPotentialFunction: function(workbench) {
       // in order to create a function, the pipeline needs:
-      // - at least one parameter (or file-picker (file type parameter))
-      // - at least one probe
+      // - at least one parameter or one probe
+      //   - for now, only float types are allowed
+      // - at least one computational service
+      // - no dynamic services
 
       // const filePickers = osparc.study.Utils.extractFilePickers(workbench);
       // const parameters = osparc.study.Utils.extractParameters(workbench);
       // const probes = osparc.study.Utils.extractProbes(workbench);
       // return (filePickers.length + parameters.length) && probes.length;
 
-      // - for now, only float types are allowed
       const parameters = osparc.study.Utils.extractFunctionableParameters(workbench);
       const probes = osparc.study.Utils.extractFunctionableProbes(workbench);
-      return parameters.length && probes.length;
+      const computationals = osparc.study.Utils.extractComputationalServices(workbench);
+      const dynamics = osparc.study.Utils.extractDynamicServices(workbench);
+
+      return (
+        (parameters.length || probes.length) &&
+        computationals.length > 0 &&
+        dynamics.length === 0
+      );
     },
 
     getCantReadServices: function(studyServices = []) {

services/web/server/VERSION

@@ -1 +1 @@
-0.69.0
+0.69.1

services/web/server/setup.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.69.0
+current_version = 0.69.1
 commit = True
 message = services/webserver api version: {current_version} → {new_version}
 tag = False

services/web/server/src/simcore_service_webserver/api/v0/openapi.yaml

@@ -2,7 +2,7 @@ openapi: 3.1.0
 info:
   title: simcore-service-webserver
   description: Main service with an interface (http-API & websockets) to the web front-end
-  version: 0.69.0
+  version: 0.69.1
 servers:
 - url: ''
   description: webserver
@@ -238,13 +238,13 @@ paths:
       tags:
       - auth
       summary: Check Auth
-      description: checks if user is authenticated in the platform
-      operationId: check_authentication
+      description: checks whether user request is authenticated
+      operationId: check_auth
       responses:
         '204':
           description: Successful Response
         '401':
-          description: unauthorized reset due to invalid token code
+          description: Unauthorized
           content:
             application/json:
               schema:

services/web/server/src/simcore_service_webserver/application.py

@@ -29,6 +29,7 @@
 from .invitations.plugin import setup_invitations
 from .licenses.plugin import setup_licenses
 from .login.plugin import setup_login
+from .login_auth.plugin import setup_login_auth
 from .long_running_tasks import setup_long_running_tasks
 from .notifications.plugin import setup_notifications
 from .payments.plugin import setup_payments
@@ -169,6 +170,25 @@ def create_application() -> web.Application:
     return app
 
 
+def create_application_auth() -> web.Application:
+    app = create_safe_application()
+    setup_settings(app)
+    setup_rest(app)
+    setup_db(app)
+
+    setup_login_auth(app)
+
+    # NOTE: *last* events
+    app.on_startup.append(_welcome_banner)
+    app.on_shutdown.append(_finished_banner)
+
+    _logger.debug(
+        "Routes in application-auth: \n %s", pformat(app.router.named_resources())
+    )
+
+    return app
+
+
 def run_service(app: web.Application, config: dict[str, Any]):
     web.run_app(
         app,
@@ -177,9 +197,3 @@ def run_service(app: web.Application, config: dict[str, Any]):
         # this gets overriden by the gunicorn config in /docker/boot.sh
         access_log_format='%a %t "%r" %s %b --- [%Dus] "%{Referer}i" "%{User-Agent}i"',
     )
-
-
-__all__: tuple[str, ...] = (
-    "create_application",
-    "run_service",
-)

services/web/server/src/simcore_service_webserver/application_settings.py

@@ -1,6 +1,6 @@
 import logging
 from functools import cached_property
-from typing import Annotated, Any, Final
+from typing import Annotated, Any, Final, Literal
 
 from aiohttp import web
 from common_library.basic_types import DEFAULT_FACTORY
@@ -95,6 +95,13 @@ class ApplicationSettings(BaseApplicationSettings, MixinLoggingSettings):
         Field(None, description="Stack name defined upon deploy (see main Makefile)"),
     ]
 
+    WEBSERVER_APP_FACTORY_NAME: Annotated[
+        Literal["WEBSERVER_FULL_APP_FACTORY", "WEBSERVER_AUTHZ_APP_FACTORY"],
+        Field(
+            description="Application factory to be lauched by the gunicorn server",
+        ),
+    ] = "WEBSERVER_FULL_APP_FACTORY"
+
     WEBSERVER_DEV_FEATURES_ENABLED: Annotated[
         bool,
         Field(

services/web/server/src/simcore_service_webserver/cli.py

@@ -1,4 +1,4 @@
-""" Application's command line .
+"""Application's command line .
 
 Why does this file exist, and why not put this in __main__?
 
@@ -15,13 +15,12 @@
 
 import logging
 import os
-from typing import Final
+from typing import Annotated, Final
 
 import typer
 from aiohttp import web
 from common_library.json_serialization import json_dumps
 from settings_library.utils_cli import create_settings_command
-from typing_extensions import Annotated
 
 from .application_settings import ApplicationSettings
 from .login import cli as login_cli
@@ -42,7 +41,6 @@ def _setup_app_from_settings(
     # NOTE: keeping imports here to reduce CLI load time
     from .application import create_application
     from .application_settings_utils import convert_to_app_config
-    from .log import setup_logging
 
     # NOTE: By having an equivalent config allows us
     # to keep some of the code from the previous
@@ -51,30 +49,39 @@ def _setup_app_from_settings(
     # given configs and changing those would not have
     # a meaningful RoI.
     config = convert_to_app_config(settings)
-
-    setup_logging(
-        level=settings.log_level,
-        slow_duration=settings.AIODEBUG_SLOW_DURATION_SECS,
-        log_format_local_dev_enabled=settings.WEBSERVER_LOG_FORMAT_LOCAL_DEV_ENABLED,
-        logger_filter_mapping=settings.WEBSERVER_LOG_FILTER_MAPPING,
-        tracing_settings=settings.WEBSERVER_TRACING,
-    )
-
     app = create_application()
     return (app, config)
 
 
 async def app_factory() -> web.Application:
     """Created to launch app from gunicorn (see docker/boot.sh)"""
+    from .application import create_application_auth
+    from .log import setup_logging
+
     app_settings = ApplicationSettings.create_from_envs()
-    assert app_settings.SC_BUILD_TARGET  # nosec
 
     _logger.info(
         "Application settings: %s",
         json_dumps(app_settings, indent=2, sort_keys=True),
     )
 
-    app, _ = _setup_app_from_settings(app_settings)
+    _logger.info(
+        "Using application factory: %s", app_settings.WEBSERVER_APP_FACTORY_NAME
+    )
+
+    setup_logging(
+        level=app_settings.log_level,
+        slow_duration=app_settings.AIODEBUG_SLOW_DURATION_SECS,
+        log_format_local_dev_enabled=app_settings.WEBSERVER_LOG_FORMAT_LOCAL_DEV_ENABLED,
+        logger_filter_mapping=app_settings.WEBSERVER_LOG_FILTER_MAPPING,
+        tracing_settings=app_settings.WEBSERVER_TRACING,
+    )
+
+    if app_settings.WEBSERVER_APP_FACTORY_NAME == "WEBSERVER_AUTHZ_APP_FACTORY":
+
+        app = create_application_auth()
+    else:
+        app, _ = _setup_app_from_settings(app_settings)
 
     return app
 

services/web/server/src/simcore_service_webserver/login/_controller/rest/auth.py

@@ -287,19 +287,3 @@ async def logout(request: web.Request) -> web.Response:
         await security_web.forget_identity(request, response)
 
         return response
-
-
-@routes.get(f"/{API_VTAG}/auth:check", name="check_authentication")
-@login_required
-async def check_auth(request: web.Request) -> web.Response:
-    # lightweight endpoint for checking if users are authenticated
-    # used primarily by Traefik auth middleware to verify session cookies
-
-    # NOTE: for future development
-    # if database access is added here, services like jupyter-math
-    # which load a lot of resources will have a big performance hit
-    # consider caching some properties required by this endpoint or rely on Redis
-
-    assert request  # nosec
-
-    return web.json_response(status=status.HTTP_204_NO_CONTENT)