Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add token authentication support #12196

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Add token authentication support
khurtado committed Dec 5, 2024
commit f53a5b02eb641ded41783040916a288308889a3f
25 changes: 25 additions & 0 deletions etc/submit_py3.sh
Original file line number Diff line number Diff line change
@@ -192,6 +192,31 @@ else
fi
echo -e "======== WMAgent Python bootstrap finished at $(TZ=GMT date) ========\n"

echo -e "======= WMAgent token verification at $(TZ=GMT date) ========\n"
echo "Content under _CONDOR_CREDS: ${_CONDOR_CREDS}"
ls -l ${_CONDOR_CREDS}

if [ -f "${_CONDOR_CREDS}/cms.use" ]
then
echo "CMS token found, setting BEARER_TOKEN_FILE=${_CONDOR_CREDS}/cms.use"
export BEARER_TOKEN_FILE=${_CONDOR_CREDS}/cms.use

# Show token information
# This tool requires htgettoken package in the cmssw runtime apptainer image
if command -v httokendecode ls 2>&1 > /dev/null
then
httokendecode -H ${BEARER_TOKEN_FILE}
else
echo "Warning: [WMAgent Token verification] httokendecode tool could not be found."
echo "Warning: Token exists and can be used, but details will not be displayed."
fi
else
echo "[WMAgent token verification]: The bearer token file could not be found."
# Do not fail, we still support x509 proxies
# if we fail here in the future, we need to define an exit code number
# exit 1106
fi


echo "======== WMAgent Unpack the job starting at $(TZ=GMT date) ========"
# Should be ready to unpack and run this
4 changes: 4 additions & 0 deletions src/python/WMCore/BossAir/Plugins/SimpleCondorPlugin.py
Original file line number Diff line number Diff line change
@@ -520,6 +520,10 @@ def getJobParameters(self, jobList):
ad['Requirements'] = self.reqStr

ad['My.x509userproxy'] = classad.quote(self.x509userproxy)

# Allow oauth based token authentication
ad['use_oauth_services'] = "cms"

sites = ','.join(sorted(job.get('possibleSites')))
ad['My.DESIRED_Sites'] = classad.quote(str(sites))
sites = ','.join(sorted(job.get('potentialSites')))