Closed glpatcern closed 2 years ago
Hello Giuseppe,
I understand this is still WIP
so I won't touch on functionality.
Could I ask you to please split the change so far in two separate commits:
Cheers,
Mihai
A couple of questions/clarifications. Let's assume we do a TPC between Reva and a WLCG site powered by dCache. For the two cases:
1) dCache is the active side, Reva the passive. Is dCache expecting a TransferHeaderAuthorization
header in all cases, to be passed to the passive end (Reva) as Authorization: Bearer
token?
2) Reva is the active side, dCache is the passive end. How is GFAL supposed to get ~the two tokens~ the token (for Reva and for the passive end), so to put it as header in the COPY
request to Reva? For now we're taking it from the environment but I guess this relates to the discussion we had with @mpatrascoiu a few days ago, about the ability to have "custom tokens" for each request.
OK, it's confirmed we need auth bearer tokens in Reva, so the patch is ready for merge.
We'd still need to discuss about those points that concern the overall functionality, but that's independent from the PR.
As discussed today, this is likely NOT to be merged. Will deal with it after testing GFAL with standard bearer tokens.
Following successful tests with standard bearer tokens, I will create a separate PR to clean up some code that is not needed any longer.
This PR fixes the headers to use the standard
Authorization: Bearer
tokens against Reva and simplifies the whole authentication by requiring a single token to the user.