Skip to content

ADR 019: revamp auth managers #957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 22, 2023
Merged

ADR 019: revamp auth managers #957

merged 4 commits into from
Aug 22, 2023

Conversation

robsdedude
Copy link
Member

@robsdedude robsdedude commented Aug 11, 2023
edited
Loading

This PR updates the preview feature "re-auth" (introduced in PR #890) significantly. The changes allow for catering to a wider range of use cases including simple password rotation.

(⚠️ Breaking) changes:

  • Removed TokenExpiredRetryable exception.
    Even though it wasn't marked preview, it was introduced with and only used for re-auth. It now longer serves any purpose.
  • The AuthManager and AsyncAuthManager abstract classes were changed.
    The method on_auth_expired(self, auth: _TAuth) -> None was removed in favor of def handle_security_exception(self, auth: _TAuth, error: Neo4jError) -> bool. See the API docs for more details.
  • The factories in AsyncAuthManagersa nd AuthManagers were changed.
    • expiration_based was renamed to bearer.
    • basic was added to cater for password rotation.

Depends on:

@robsdedude
ADR 019: revamp auth managers
6d9668f 
This PR updates the preview feature "re-auth" (introduced in
[PR neo4j#890](neo4j#890)) significantly.
The changes allow for catering to a wider range of use cases including simple
password rotation.

(⚠️ Breaking) changes:
 * Removed `TokenExpiredRetryable` exception.
   Even though it wasn't marked preview, it was introduced with and only used
   for re-auth. It now longer serves any purpose.
 * The `AuthManager` and `AsyncAuthManager` abstract classes were changed.
   The method `on_auth_expired(self, auth: _TAuth) -> None` was removed in
   favor of `def handle_security_exception(self, auth: _TAuth, error: Neo4jError) -> bool`.
   See the API docs for more details.
 * The factories in `AsyncAuthManagers`a nd `AuthManagers` were changed.
   * `expiration_based` was renamed to `bearer`.
   * `basic` was added to cater for password rotation.
@robsdedude
Adjust unit tests
4367281
@RichardIrons-neo4j RichardIrons-neo4j self-requested a review August 15, 2023 13:07
RichardIrons-neo4j
RichardIrons-neo4j approved these changes Aug 15, 2023
View reviewed changes
Copy link

@RichardIrons-neo4j RichardIrons-neo4j left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All looks fine to me.

@robsdedude robsdedude marked this pull request as ready for review August 22, 2023 10:04
@robsdedude robsdedude merged commit 79edb1a into neo4j:5.0 Aug 22, 2023
@robsdedude robsdedude deleted the re-auth-password-rotation branch August 22, 2023 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RichardIrons-neo4j RichardIrons-neo4j RichardIrons-neo4j approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@robsdedude @RichardIrons-neo4j