-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
client.dandi_authenticate
blocks during programmatic use
#1362
Comments
@sneakers-the-rat Do you actually have a Dandi API key? If you do, you can set it via the |
I do not - would that fix this problem even when my API key wouldnt grant me access to an embargoed dataset, and is that the expected usage? This issue is mostly about not blocking for interactive input during non-interactive use, rather than how to input auth, but if one is always expected to use an API key that would be nice to have in the docs in a "getting started" page |
no -- if it is embargoed and you are not among its authors, you do not have access with or without key. Overall it feels not unlike discussions we are (still) having in datalad on telling an exactly desired behavior from it - should we interact or not. Or here more even -- should we try to authenticate or not. What you are really looking here is not to force authentication on you if you do not have the key, right @sneakers-the-rat ? |
Right right - for a programmatic mode where I can catch the auth error from a call to there are ways to work around the problem, but they feel like hacks / prevent using the straightforward It might be an opportunity to standardize some of the args pass through the relevant functions too, and like I said im happy to draft any PR depending on what approach yall like best |
Hello!
I'm downloading datasets programmatically, and ran into a stumbling block with auth.
Problem
Currently, when trying to download an embargoed dataset, the client (when invoked with the cli
download
command or the underlyingdownload
function) will stop and wait for user authentication input. This happens in theParsedDandiURL.navigation
method:dandi-cli/dandi/dandiarchive.py
Lines 170 to 180 in 10d076e
called by the
Downloader.download_generator
method:dandi-cli/dandi/download.py
Line 229 in 10d076e
This makes sense for interactive use, but makes programmatic use difficult - since the exception is not thrown, there is no way to catch it. So eg. when downloading a list of datasets where we aren't certain in advance whether we have access to them, i would want to skip the ones we don't have access to, but in order to do that I had to pre-check each dataset like this:
Options
Detect click
click allows you to check whether you are inside of a click context, so the
dandi_authenticate
method could check if we're in an interactive session and only ask for credentials if so (eg. before getting to the interactive block here: https://github.com/dandi/dandi-cli/blob/master/dandi/dandiapi.py#L499I see that there already is a
is_interactive
function, so not sure if that is the more appropriate check or whether looking for a click context is.Provide Auth explicitly
Currently the
authenticate
arg tonavigate
is a bool, and it's not possible to pass auth information from the top-leveldownload
function. If instead thedownload
function had acredentials
orkey
or whatever you want to call it arg, then absence of credentials could always raise an exception rather than prompting when not invoked via the click download command.It is currently possible to provide credentials to the
DandiAPIClient
object, though it is not possible to provide an already-instantiated client to thedownload
method, so it is possible to authenticate properly in a few ways, but it is not possible to purposely skip authentication when we intend/expect to fail auth. Propagating creds from the top-leveldownload
function would be one way of a) allowing explicit auth while also b) allowing explicit non-auth, depending on whether creds are provided.as usual, lmk if there is something i'm missing, or if there is an intended way to skip unauthorized downloads when using the API programmatically. I'd be happy to draft PRs for either of the above options or for docs if i'm just missing some intended use.
The text was updated successfully, but these errors were encountered: