Skip to content

ADR 019: revamp auth managers #957

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 22, 2023
Merged

ADR 019: revamp auth managers #957

merged 4 commits into from
Aug 22, 2023

Conversation

robsdedude
Copy link
Member

@robsdedude robsdedude commented Aug 11, 2023
edited
Loading

This PR updates the preview feature "re-auth" (introduced in PR #890) significantly. The changes allow for catering to a wider range of use cases including simple password rotation.

(⚠️ Breaking) changes:

  • Removed TokenExpiredRetryable exception.
    Even though it wasn't marked preview, it was introduced with and only used for re-auth. It now longer serves any purpose.
  • The AuthManager and AsyncAuthManager abstract classes were changed.
    The method on_auth_expired(self, auth: _TAuth) -> None was removed in favor of def handle_security_exception(self, auth: _TAuth, error: Neo4jError) -> bool. See the API docs for more details.
  • The factories in AsyncAuthManagersa nd AuthManagers were changed.
    • expiration_based was renamed to bearer.
    • basic was added to cater for password rotation.

Depends on:

@robsdedude
ADR 019: revamp auth managers
6d9668f 
This PR updates the preview feature "re-auth" (introduced in
[PR neo4j#890](neo4j#890)) significantly.
The changes allow for catering to a wider range of use cases including simple
password rotation.

(⚠️ Breaking) changes:
 * Removed `TokenExpiredRetryable` exception.
   Even though it wasn't marked preview, it was introduced with and only used
   for re-auth. It now longer serves any purpose.
 * The `AuthManager` and `AsyncAuthManager` abstract classes were changed.
   The method `on_auth_expired(self, auth: _TAuth) -> None` was removed in
   favor of `def handle_security_exception(self, auth: _TAuth, error: Neo4jError) -> bool`.
   See the API docs for more details.
 * The factories in `AsyncAuthManagers`a nd `AuthManagers` were changed.
   * `expiration_based` was renamed to `bearer`.
   * `basic` was added to cater for password rotation.
@robsdedude
Adjust unit tests
4367281
@RichardIrons-neo4j RichardIrons-neo4j self-requested a review August 15, 2023 13:07
RichardIrons-neo4j
RichardIrons-neo4j approved these changes Aug 15, 2023
View reviewed changes
Copy link

@RichardIrons-neo4j RichardIrons-neo4j left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All looks fine to me.

@robsdedude robsdedude marked this pull request as ready for review August 22, 2023 10:04
@robsdedude robsdedude merged commit 79edb1a into neo4j:5.0 Aug 22, 2023
@robsdedude robsdedude deleted the re-auth-password-rotation branch August 22, 2023 15:02
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@RichardIrons-neo4j RichardIrons-neo4j RichardIrons-neo4j approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@robsdedude @RichardIrons-neo4j