dvstans
commented
2 years ago The approach will be to support basic auth to the DataFed API (in addition to OAuth for browser), then have the client (non browser) simply store the received JWT in a secure local location (file in datafed config directory in user home).
The current use of ZeroMQ based authorization must be replaced with an HTTP-compatible technology. The web application will use a standard OAuth flow to authenticate users, but this mechanism will not work from non-browser clients. Need to design a mechanism that will allow secure authentication from command line clients and support non-interactive use cases. A possible approach is to securely store some form of access credentials after an initial manual authentication process.