Ensure that all Datalad Datasets are downloadable without extraneous logins

[dlq]

┆Attachments: diagram.png

[dlq]

➤ Shawn Brown commented:

Shawn needs to discuss with Loris team.

[dlq]

➤ Xavier Lecours commented:

Diagram v1 for discussion purposes

[dlq]

➤ Diana Le commented:

@Xavier Lecours ( https://app.asana.com/0/1122486104665252/list )@shawn.brown3 ( https://app.asana.com/0/1132781069302452/list ) Is this task considered complete?

[dlq]

➤ Shawn Brown commented:

No, and should be assigned to Xavier.

[dlq]

➤ Xavier Lecours commented:

Most of the work will be done for the CONP portal

[dlq]

➤ Diana Le commented:

@Xavier Lecours ( https://app.asana.com/0/1122486104665252/list ) and @Private User ( https://app.asana.com/0/1122486104665267/list ) to connect on some data access issues.

[dlq]

➤ Diana Le commented:

Currently not working on CONP portal. Emmet working on datalad 12 in an attempt to solve.

[dlq]

➤ Xavier Lecours commented:

We now need to sort out the ORCID login for prevent-ad. JB said that prevent-ad people agreed that making sure downloaders are authenticated by ORCID is enough to grant them access to the data. Questions: 1) If the conp-portal can authenticate a user with ORCID, how can we pass the token to datalad? In the current status of the prevent-ad datalad dataset, when trying to access a file on prevent-ad.loris.ca, datalad prompt for username and password. Can we skip that step by provinding the token to datalad? 2) Conceptually, in my opinion, requiring ORCID authentication is a constraint on the openness and fall under the registered access. Resource servers (e.g.: loris) MUST implement the authentication methods that restrict/grant access to the data.

[dlq]

➤ Xavier Lecours commented:

Marking this as completed because the "without extraneous logins" depends on the resource server capability. Taking PRevent-AD as an example, LORIS would need to support OAuth via ORCID. I created a task (OAuth support for ORCID authentication via CBRIAN) just for this.