Conversation
|
I have not started to review it, but could you also open a PR in |
HeloiseJoffe
force-pushed
the
feat/authdb-tables-cleanup
branch
from
db91f3a to
db5091d
Compare
HeloiseJoffe
force-pushed
the
feat/authdb-tables-cleanup
branch
from
db5091d to
f143436
Compare
| ) | ||
|
|
||
| async def clean_expired_refresh_token( | ||
| self, max_validity: int, max_retention: int |
There was a problem hiding this comment.
Minor comment: it might be clearer to mention the unit of max_validity in the docstring to avoid any ambiguous usage (the most expected guess if you don't read the code is that max_validity is expressed in seconds, at least in my mind)
There was a problem hiding this comment.
Same for max_retention by the way
|
|
||
| return res_auth.rowcount | ||
|
|
||
| async def clean_expired_device_flows(self, max_retention: int) -> int: |
There was a problem hiding this comment.
Same here, especially that you have 2 max_retention and they are not even in the same units.
To improve clarity, we could even always express max_validity and max_retention using the same units throughout the diracx-db layer to avoid any confusion.
What do you think?
| .values(status=RefreshTokenStatus.REVOKED) | ||
| ) | ||
|
|
||
| async def clean_expired_refresh_token( |
There was a problem hiding this comment.
| async def clean_expired_refresh_token( | |
| async def clean_expired_refresh_tokens( |
| max_retention=settings.revoked_refresh_token_retention_days, | ||
| ) | ||
| logger.info( | ||
| f"Deleted {expired_tokens} expired and {revoked_tokens} revoked refresh tokens" |
There was a problem hiding this comment.
To avoid string formatting if the log level is disabled.
| f"Deleted {expired_tokens} expired and {revoked_tokens} revoked refresh tokens" | |
| "Deleted %d expired and %d revoked refresh tokens", expired_tokens, revoked_tokens) |
| "cleanup-authdb", help="Delete expired tokens and flows from the AuthDB" | ||
| ) | ||
| cleanup_authdb_parser.add_argument( | ||
| "--db-url", required=True, help="URL to the AuthDB" |
There was a problem hiding this comment.
Do you need a db-url parameter?
Can't you get the DB URL from an environment variable ($DIRACX_DB_URL_AUTHDB)?
| stmt_expired = delete(RefreshTokens).where( | ||
| RefreshTokens.status == RefreshTokenStatus.CREATED, | ||
| RefreshTokens.jti < expired_date, | ||
| ) | ||
| res_expired = await self.conn.execute(stmt_expired) | ||
|
|
||
| revoked_date = str( | ||
| uuid7_from_datetime(substract_date(days=max_retention), randomize=False) | ||
| ) | ||
| stmt_revoked = delete(RefreshTokens).where( | ||
| RefreshTokens.status == RefreshTokenStatus.REVOKED, | ||
| RefreshTokens.jti < revoked_date, | ||
| ) | ||
| res_revoked = await self.conn.execute(stmt_revoked) |
There was a problem hiding this comment.
Minor comment but this could be split into 2 different functions to respect the single-responsibility principle: one function to delete expired refresh tokens, another one to delete old revoked refresh tokens.
| return await revoke_refresh_token_by_jti(auth_db=auth_db, subject=subject, jti=jti) | ||
|
|
||
|
|
||
| async def cleanup_expired_data(auth_db: AuthDB, settings: AuthSettings) -> None: |
There was a problem hiding this comment.
PENDING and READY flows never transition to a terminal state on their own from what I can see, do you confirm?
If one abandons the flow (stops polling, closes browser), the row stays forever.
I don't think we need any intermediate EXPIRED status because the status field is never consulted for expiration. The error messages are already returned based on time alone.
You should also delete PENDING/READY flows older than their max_retention time I think (note: we should make sure that max_retention is bigger than device/authorize_flow_expiration_seconds).
Any opinion?
4 participants
Closes DIRACGrid/diracx-charts#222
Changes:
The global cleanup function can be called with this kubernetes cronjob :
Where could I add documentation to guide administrators in setting up the cronjob?