ansible
Remove oauth provider
SUMMARY
This removes the oauth provider functionality from awx. The oauth2_provider app and all references to it have been removed. Migrations to delete the two tables that locally overwrote oauth2_provider tables are included. This change does not include migrations to delete the tables provided by the oauth2_provider app.
ISSUE TYPE
- Breaking Change
COMPONENT NAME
- API
- Docs
AWX VERSION
ADDITIONAL INFORMATION
Shouldn't we also modify references of OAuth usage inside the awx_collection directory? The default login method for the collections right now seems to be OAuth.
cc @tvo318
https://github.com/ansible/awx/blob/devel/awx_collection/README.md#running
https://github.com/ansible/awx/blob/devel/awx_collection/TESTING.md
Shouldn't we also modify references of OAuth usage inside the
awx_collectiondirectory? The default login method for the collections right now seems to be OAuth.
Docs will definitely need to be changed. https://github.com/ansible/awx/pull/15554 should have fixed the collection to allow basic auth. I'm still working through test failures, though, so there may be further changes needed.
@adrisala @gravesm Yes I agree, the docs in the awx_collection need to be updated as well. Thanks for working on this!
I reviewed with an eye towards migrations. If we missed some code to delete or deleted too much we can fix that easily. An error is in the data is harder to retroactivity fix.
I found changes in the activity stream entries. I don't think I care.
Activity Stream
Steps to Recreate
-
docker volume rm tools_awx_db_15<-- blow away your db and start the dev env from thedevelbranch - Make an application via the API
- Make a token for the application ^^
- Edit the token
- Edit the application
- now swap to this branch and start the dev env (this will run the migrations)
- You now have some activity stream entries
I'll note how those activity stream entries change because of this PR.
App Creation - Before
{
"id": 21,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/21/](http://localhost:8013/api/v2/activity_stream/21/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)",
"o_auth2_application": [
"[/api/v2/applications/1/](http://localhost:8013/api/v2/applications/1/)"
]
},
"summary_fields": {
"o_auth2_application": [
{
"id": 1,
"name": "cmeyers app",
"description": ""
}
],
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:17:56.321841Z",
"operation": "create",
"changes": {
"name": "cmeyers app",
"description": "",
"client_type": "public",
"redirect_uris": "",
"authorization_grant_type": "password",
"skip_authorization": false,
"organization": "Default-1",
"id": 1
},
"object1": "o_auth2_application",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
App Creation - After
{
"id": 21,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/21/](http://localhost:8013/api/v2/activity_stream/21/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)"
},
"summary_fields": {
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:17:56.321841Z",
"operation": "create",
"changes": {
"name": "cmeyers app",
"description": "",
"client_type": "public",
"redirect_uris": "",
"authorization_grant_type": "password",
"skip_authorization": false,
"organization": "Default-1",
"id": 1
},
"object1": "o_auth2_application",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
Token Creation - Before
{
"id": 22,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/22/](http://localhost:8013/api/v2/activity_stream/22/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)",
"o_auth2_access_token": [
"[/api/v2/tokens/1/](http://localhost:8013/api/v2/tokens/1/)"
]
},
"summary_fields": {
"o_auth2_access_token": [
{
"id": 1,
"user_id": 1,
"description": "hello world 2",
"application_id": 1,
"scope": "read"
}
],
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:18:22.438100Z",
"operation": "create",
"changes": {
"description": "hello world",
"application": "cmeyers app",
"scope": "write",
"id": 1,
"token": "************"
},
"object1": "o_auth2_access_token",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
Token Creation - After
{
"id": 22,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/22/](http://localhost:8013/api/v2/activity_stream/22/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)"
},
"summary_fields": {
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:18:22.438100Z",
"operation": "create",
"changes": {
"description": "hello world",
"application": "cmeyers app",
"scope": "write",
"id": 1,
"token": "************"
},
"object1": "o_auth2_access_token",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
Application Edit - Before
{
"id": 23,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/23/](http://localhost:8013/api/v2/activity_stream/23/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)",
"o_auth2_access_token": [
"[/api/v2/tokens/1/](http://localhost:8013/api/v2/tokens/1/)"
]
},
"summary_fields": {
"o_auth2_access_token": [
{
"id": 1,
"user_id": 1,
"description": "hello world 2",
"application_id": 1,
"scope": "read"
}
],
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:18:32.145751Z",
"operation": "update",
"changes": {
"description": [
"hello world",
"hello world 2"
],
"scope": [
"write",
"read"
]
},
"object1": "o_auth2_access_token",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
Application Edit - After
{
"id": 23,
"type": "activity_stream",
"url": "[/api/v2/activity_stream/23/](http://localhost:8013/api/v2/activity_stream/23/)",
"related": {
"actor": "[/api/v2/users/1/](http://localhost:8013/api/v2/users/1/)"
},
"summary_fields": {
"actor": {
"id": 1,
"username": "admin",
"first_name": "",
"last_name": ""
}
},
"timestamp": "2024-11-18T13:18:32.145751Z",
"operation": "update",
"changes": {
"description": [
"hello world",
"hello world 2"
],
"scope": [
"write",
"read"
]
},
"object1": "o_auth2_access_token",
"object2": "",
"object_association": "",
"action_node": "awx-1",
"object_type": ""
}
Token edit before/after is also effected in the same way.
Thoughts
The migrations in this PR change the activity stream entries. Specifically, the deletion of the application and/or token can cause the summary_fields section to change.
We recommend that customers and users hook up external logging to their splunk/grafana-thing/elk to track these sorts of things long-term, so I guess it's OK that our activity stream entries change.
Unblocked now, because https://github.com/ansible/awx/pull/15647 is merged
Quality Gate passed
Issues
1 New issue
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
Closing this one as a duplicate with conflicts resolved + small patches has been merged already here: https://github.com/ansible/awx/pull/15666
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}