Disable failing patron authentication (DB Migration Required)#980
Disable failing patron authentication (DB Migration Required)#980RishiDiwanTT merged 5 commits intomainfrom
Conversation
Now instead of raising an error the authenticated_patron method will return a problem detail This is so the error is written to the DB and not rolled back at the end of the request
Moved the externalintegrationerrors to the configuration model file Added the migration for the externalintegrations model
There is also a random sampling built into the disable logic so the disabled integrations get sampled during the timeout window
f5a70bb to
60a8b45
Compare
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #980 +/- ##
==========================================
+ Coverage 89.30% 89.31% +0.01%
==========================================
Files 181 182 +1
Lines 32188 32249 +61
Branches 7190 7196 +6
==========================================
+ Hits 28744 28803 +59
- Misses 2283 2284 +1
- Partials 1161 1162 +1
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Looks good to me. Nice work, @RishiDiwanTT. I appreciated the comments and also the thorough test coverage.
|
|
||
| # 10 errors in the last 30 minutes | ||
| ERROR_WINDOW_DELTA = datetime.timedelta(minutes=30) | ||
| ERROR_WINDOW_COUNT = 10 |
There was a problem hiding this comment.
I forgot to draw attention to these numbers, they were chosen because they are numbers, and for no other reason.
Should they be changed to something with more rationale behind them?
@dbernstein @jonathangreen
There was a problem hiding this comment.
@RishiDiwanTT : I like numbers. Numbers are good. ;) It seems like as good a guess as any. I think 10 errors in 1/2 hour is a good place to start.
tdilauro
left a comment
There was a problem hiding this comment.
This is looking pretty good!
I have a couple concerns, which are discussed in the comments below, and one minor general general suggestion, which is to end sentences in comments and docstrings with a period/full stop.
api/authenticator.py
Outdated
| ) | ||
| return record | ||
|
|
||
| def _is_provider_available(self, _db, provider): |
There was a problem hiding this comment.
Can you provide type hints here?
core/model/configuration.py
Outdated
| class STATUS: | ||
| RED = 0 | ||
| GREEN = 1 |
There was a problem hiding this comment.
Any reason not to just make this an enum?
There was a problem hiding this comment.
Laziness. This has been fixed. Not in me, in the code.
There was a problem hiding this comment.
I was reading through my GitHub notifications this morning while I was eating breakfast, and this comment gave me a good laugh 🤣
This is more readable than an integer
|
@tdilauro I'll wait for your approval before merging. |
tdilauro
left a comment
There was a problem hiding this comment.
I think this is ready to go! 🏁
We are seeing elevated errors due to the auth filtering happening in migration intact. We will do further work and reenable in a future PR.
NOTE: This PR includes a database migration
Description
The LibraryAuthenticator skips authentication mechanisms based on their status
There is also a random sampling built into the disable logic
so the disabled integrations get sampled during the timeout window
Now instead of raising an error the authenticated_patron method will return a problem detail
This is so the error is written to the DB and not rolled back at the end of the request
Motivation and Context
Over the last several weeks, we have seen a number of patron authentication mechanisms fail (the remote ILS goes offline). Because these connections take some time to fail, they cause a backup of requests on the webserver, causing other library on the same CM not to be able to authenticate.
Notion
How Has This Been Tested?
Manually Set and unset the status while hitting an authenticated endpoint
New unit tests were written
Checklist