[auth] save userinfo to db

[MalinAhlberg]

Related issue(s) and PR(s)
This PR closes https://github.com/NBISweden/LocalEGA-SE-Deployment/issues/525.

Description

• a db user for auth is added
• auth connects to the db
• auth saves information about the user on oidc logins
• if the user logs in again, the old info is overwritten

How to test

• Use starter-kit-storage-and-interfaces, branch feature/auth-add-userinfo-to-db together with starter-kit-lsaai-mock, as described in the Readme.
• Visit http://localhost:8085/ from your browser and log in.
• Check that the logged in user's info is added to the db: docker exec -it postgres psql postgresql://postgres:rootpass@postgres/sda -At -c "select * from sda.userinfo"

Extra info I will be away next week, so I put the code here, in case someone wants to take care of it. It's working when tested manually with lsaai-mock, but there are no integration tests and also no unit tests for auth. Adding integration tests is not very straight forward, though, so it might be out of scope for this issue. Also the chart tests fail, but that might be unrelated to this PR.

[jbygdell]

The 13:th entry in the dbschema_version is missing from the 01_main.sql file While everything works for our prebuilt container it will not work for someone that uses the initdb.d folder to bootstrap a new database.

This is fixed in #1110, in case it get's merged first.

[MalinAhlberg]

Really great that you tested @nanjiangshu ! And sorry about the confusion. In starter-kit-storage-and-interfaces, the branch feature/auth-add-userinfo-to-db should be used. That uses the correct images, and also the lines .env that you commented on are now added. I had at some point introduced a bug into the code (not sure when, it was working earlier :stuck_out_tongue: ). It's fixed by 9c38e56. Thanks for testing :pray: !

[nanjiangshu]

Really great that you tested @nanjiangshu ! And sorry about the confusion. In starter-kit-storage-and-interfaces, the branch feature/auth-add-userinfo-to-db should be used. That uses the correct images, and also the lines .env that you commented on are now added. I had at some point introduced a bug into the code (not sure when, it was working earlier 😛 ). It's fixed by 9c38e56. Thanks for testing 🙏 !

Strange, I still get the same oauth2 error when trying to login from localhost:8085

The logs of auth seems the container should be fine

auth  | time="2024-11-22T10:18:39Z" level=info msg="reading config"
auth  | {"level":"info","msg":"The logs format is set to JSON","time":"2024-11-22T10:18:39Z"}
auth  | {"level":"info","msg":"Setting log level to 'debug'","time":"2024-11-22T10:18:39Z"}
auth  | {"level":"info","msg":"Reading Public key file","time":"2024-11-22T10:18:39Z"}
auth  | {"level":"info","msg":"Serving content using http","time":"2024-11-22T10:18:39Z"}
auth  | Iris Version: 12.2.11
auth  | 
auth  | Now listening on: 
auth  | > Network:  http://172.23.0.6:8080
auth  | > Local:    http://localhost:8080
auth  | Application started. Press CTRL+C to shut down.
auth  | {"level":"error","msg":"Failed to fetch oauth2 code","time":"2024-11-22T10:21:40Z"}
auth  | {"authType":"oidc","level":"error","msg":"authentication failed: oauth2: cannot fetch token: 404 Not Found\nResponse: Not Found","time":"2024-11-22T10:21:40Z"}

[jbygdell]

Tested this locally and the integration tests fail in the ingest-verify step.

[MalinAhlberg]

Tested this locally and the integration tests fail in the ingest-verify step.

Hm, they do pass for me. What was the error...? (also rebased on main)

[jbygdell]

Hm, they do pass for me. What was the error...? (also rebased on main)

Ingest failed to decrypt one file due to missing key hash.

But after the rebasing it works.

[MalinAhlberg]

Although I still have the login problem as mentioned at #1099 (comment), bug good that it works with others.

Did you try with https://github.com/GenomicDataInfrastructure/starter-kit-storage-and-interfaces/pull/57?

[MalinAhlberg]

I have rebased on main, fixed @jbygdell's comments (the ones about Name/Profile in related earlier commits), the ones about the tests in 78a54bd. Please resolve the comments if you think it's ok now.

[nanjiangshu]

Although I still have the login problem as mentioned at #1099 (comment), bug good that it works with others.

Did you try with GenomicDataInfrastructure/starter-kit-storage-and-interfaces#57?

Yes, I tried, but still not working. Something is weird with the network of my Docker setup.