diff --git a/deriva/core/utils/core_utils.py b/deriva/core/utils/core_utils.py index 441abb3b..9d4d3d37 100644 --- a/deriva/core/utils/core_utils.py +++ b/deriva/core/utils/core_utils.py @@ -259,8 +259,7 @@ def get_credential(host, creds = credentials.get(host, credentials.get(host.lower(), dict())) # if present, load globus credentials and merge - globus_credentials = read_credential(globus_credential_file or DEFAULT_GLOBUS_CREDENTIAL_FILE, - create_default=True, default=dict()) + globus_credentials = read_credential(globus_credential_file or DEFAULT_GLOBUS_CREDENTIAL_FILE, create_default=True) if globus_credentials: scopes = get_oauth_scopes_for_host(host, config_file, force_refresh=force_scope_lookup) for resource, g_creds in globus_credentials.items(): @@ -269,7 +268,7 @@ def get_credential(host, creds["bearer-token"] = g_creds["access_token"] break - # 2. try to determine the scope to use based on host-to-scope(s) mappings in the config file + # 2. try to determine the scope to use based on host-to-scope(s) mappings if scopes: for k, v in scopes.items(): if v == g_creds["scope"]: diff --git a/deriva/core/utils/globus_auth_utils.py b/deriva/core/utils/globus_auth_utils.py index 1496ea41..453eaab5 100644 --- a/deriva/core/utils/globus_auth_utils.py +++ b/deriva/core/utils/globus_auth_utils.py @@ -443,7 +443,9 @@ def is_logged_in(self, hosts=None, requested_scopes=()): scopes = set(requested_scopes) scopes.update(self.hosts_to_scope_list(hosts)) logged_in = True - token_scopes = [token["scope"] for token in self.client.load_tokens().values()] + token_scopes = [item for sublist in + [token["scope"].split() for token in self.client.load_tokens().values()] + for item in sublist] for scope in scopes: if scope not in token_scopes: logged_in = False @@ -789,9 +791,8 @@ def login(args): no_browser=args.no_browser, refresh_tokens=args.refresh, force=args.force, - requested_scopes=args.requested_scopes, - additional_params={"access_type": "offline"}) - if args.show_response: + requested_scopes=args.requested_scopes) + if args.show_tokens: return response else: return "Login Successful" @@ -819,7 +820,7 @@ def login(args): help="Enable the use of refresh tokens to extend the login time until revoked.") parser.add_argument("--force", action="store_true", help="Force a login flow even if the current access token set is valid.") - parser.add_argument("--show-response", action="store_true", + parser.add_argument("--show-tokens", action="store_true", help="Display the tokens from the authorization response.") parser.set_defaults(func=login) @@ -835,12 +836,12 @@ def logout(args): mutex_group.add_argument("--hosts", metavar="[hostnames]", default=list(), type=lambda s: [item.strip() for item in s.split(',')], help="A comma-delimited list of host names to revoke tokens for. " - "An attempt to determine the required scope will be made by checking the local " + "An attempt to determine the associated scope(s) will be made by checking the local " "configuration or (if required) contacting each will be made.") mutex_group.add_argument("--requested-scopes", metavar="[scopes]", default=list(), type=lambda s: [item.strip() for item in s.split(',')], help="A comma-delimited list of scope names to revoke tokens for. " - "If not specified, an attempt will be made to determine the required scope by " + "If not specified, an attempt will be made to determine the associated scope(s) by " "checking the local configuration or (if required) contacting each .") parser.set_defaults(func=logout)