Implement changes mentioned in DataBiosphere/data-store#80
Making the OIDC layer more flexible involves several aspects:
generalizing the security decorator on various API endpoints to work better with whatever OIDC provider we happen to be using
making it easier to swap out which OIDC provider we're using, without having to do a bunch of copypasta of existing methods
allowing us to save code for the existing Fusillade auth approach, but also swap it out with Auth0 for our short-term effort
Definition of Done: the code in dss/util/security.py has been broken out into several parts that are more modular:
security decorator can take arbitrary args/kwargs and pass them to auth backend
auth backend is object-oriented, one class per auth provider (Fusillade, Auth0, etc.)
auth provider base class provides one public method, which must be implemented by every auth provider, and which is called by the security decorator, and which is passed arbitrary args/kwargs by the security decorator
Implement changes mentioned in DataBiosphere/data-store#80
Making the OIDC layer more flexible involves several aspects:
Definition of Done: the code in
dss/util/security.py
has been broken out into several parts that are more modular:This is underway and mostly done in #103 (merged)
Also done in #113 (merged)