Anonymous authentication not used if credentials are set via env variables

audeering / audfactory

Communicating with Artifactory

https://audeering.github.io/audfactory/

Other

0 stars 0 forks source link

Anonymous authentication not used if credentials are set via env variables #23

Open chausner-audeering opened 3 years ago

chausner-audeering commented 3 years ago

When Artifactory credentials are set via environment variables ARTIFACTORY_USERNAME and ARTIFACTORY_API_KEY, audfactory.authentification('https://audeering.jfrog.io/artifactory/data-public') returns these credentials instead of "anonymous" which leads to issues.

In the build process of other projects, we are currently relying on the presence of these environment variables so if we can find a way to make it work while keeping them, it would be ideal.

Linux13524 commented 2 years ago

If I see it correctly, the logic of loading the credentials from the env variables is implemented in audfactory. So it should be possible to overwrite the credentials set by env variables somehow through the Python API. I think it would be good if we could set the login credentials together with the repository information, something like:

audb.Repository(
  name='data-public',
  host='https://audeering.jfrog.io/artifactory',
  backend='artifactory',
  credentials={
    'username': 'anonymous',
    'apikey': ''
    }
  )

@hagenw What do you think about this idea?

hagenw commented 2 years ago

In principle, this should indeed be possible. But we first need to extend audfactory.authentification() as at the moment it only accepts ENV variables or config entries for providing the credentials. But it should be easy to change it to:

def audfactory.authentification(url, *, username=None, api_key=None)

Afterwards we could indeed extend audb.Repository after your suggestion and then use different Artifactory servers with different credentials. This would be in general a nice feature as it would allow us to easier share another server with university.

hagenw commented 2 years ago

Turns out, this is slightly more complicated. Authentication with an Artifactory server is not a one time operation, but needs to be done every time to access it (e.g. for uploading, downloading, listing files, ...). This means we would need to extend every single function in audfactory with an username, api_key entry.

The handling of the Artifactory repositories used by audb is handled in the Artifactory backend implementation in audbackend, which also needs to be updated accordingly.