uniqueg
commented
2 years ago Requested by Czech ELIXIR node, see here: https://docs.google.com/spreadsheets/d/1vBFhBQ-nFqhSL5dLjQfOWO6x9BzmV9x6l18p9GYRZdQ/edit#gid=0
Contacts: @xhejtman & @viktoriaas
Open uniqueg opened 2 years ago
uniqueg
commented
2 years ago Requested by Czech ELIXIR node, see here: https://docs.google.com/spreadsheets/d/1vBFhBQ-nFqhSL5dLjQfOWO6x9BzmV9x6l18p9GYRZdQ/edit#gid=0
Contacts: @xhejtman & @viktoriaas
Tokens passed by a client may expire during the lifetime of a task, even if they are valid when the original request is received. This may prevent TESK from being to able to use that token to get access to external services, such as DRS and TRS for data and container access, respectively.
TESK should therefore implement a mechanism for token renewal, as is discussed in https://github.com/elixir-cloud-aai/cwl-WES/issues/52.
For those cases where the token is expired upon reception of the request, it is probably fine to keep returning a
401response and have the client can take care of token refreshal and retrying, if applicable.