From 217cf8f737bfae2dd36bba843c4d2b187e23ae3e Mon Sep 17 00:00:00 2001
From: Victor Rocheleau <victor.rocheleau@mcgill.ca>
Date: Mon, 21 Aug 2023 17:06:03 -0400
Subject: [PATCH] wes client auth

---
 src/api/mvc/variants/main.go  | 13 +++++++++----
 src/api/services/ingestion.go | 17 ++++++++++++-----
 src/api/workflows/vcf_gz.wdl  |  4 +++-
 3 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/src/api/mvc/variants/main.go b/src/api/mvc/variants/main.go
index 946edf6..d159547 100644
--- a/src/api/mvc/variants/main.go
+++ b/src/api/mvc/variants/main.go
@@ -104,8 +104,6 @@ func VariantsIngest(c echo.Context) error {
 	cfg := gc.Config
 	vcfPath := cfg.Api.VcfPath
 	drsUrl := cfg.Drs.Url
-	drsUsername := cfg.Drs.Username
-	drsPassword := cfg.Drs.Password
 
 	// query parameters
 	assemblyId := gc.AssemblyId
@@ -149,6 +147,13 @@ func VariantsIngest(c echo.Context) error {
 	}
 	//
 
+	// Authz related
+	authHeader := c.Request().Header.Get("Authorization")
+	datasetId := c.QueryParam("dataset")
+	projectId := c.QueryParam("project")
+
+	c.Logger().Debug(authHeader, datasetId)
+
 	dirName := c.QueryParam("directory")
 	if dirName != "" {
 		if strings.HasPrefix(dirName, cfg.Drs.BridgeDirectory) {
@@ -353,7 +358,7 @@ func VariantsIngest(c echo.Context) error {
 
 				// ---   push compressed to DRS
 				fmt.Printf("Uploading %s to DRS !\n", gzippedFileName)
-				drsFileId := ingestionService.UploadVcfGzToDrs(cfg, cfg.Drs.BridgeDirectory, gzippedFileName, drsUrl, drsUsername, drsPassword)
+				drsFileId := ingestionService.UploadVcfGzToDrs(cfg, cfg.Drs.BridgeDirectory, gzippedFileName, drsUrl, projectId, datasetId, authHeader)
 				if drsFileId == "" {
 					msg := "Something went wrong: DRS File Id is empty for " + gzippedFileName
 					fmt.Println(msg)
@@ -367,7 +372,7 @@ func VariantsIngest(c echo.Context) error {
 
 				// -- push tabix to DRS
 				fmt.Printf("Uploading %s to DRS !\n", tabixFileNameWithRelativePath)
-				drsTabixFileId := ingestionService.UploadVcfGzToDrs(cfg, cfg.Drs.BridgeDirectory, tabixFileNameWithRelativePath, drsUrl, drsUsername, drsPassword)
+				drsTabixFileId := ingestionService.UploadVcfGzToDrs(cfg, cfg.Drs.BridgeDirectory, tabixFileNameWithRelativePath, drsUrl, projectId, datasetId, authHeader)
 				if drsTabixFileId == "" {
 					msg := "Something went wrong: DRS Tabix File Id is empty for " + tabixFileNameWithRelativePath
 					fmt.Println(msg)
diff --git a/src/api/services/ingestion.go b/src/api/services/ingestion.go
index b70e23f..056a66e 100644
--- a/src/api/services/ingestion.go
+++ b/src/api/services/ingestion.go
@@ -19,6 +19,7 @@ import (
 	"io/ioutil"
 	"log"
 	"net/http"
+	"net/url"
 	"os"
 	"os/exec"
 	"path"
@@ -239,13 +240,13 @@ func (i *IngestionService) GenerateTabix(gzippedFilePath string) (string, string
 	return dir, file, nil
 }
 
-func (i *IngestionService) UploadVcfGzToDrs(cfg *models.Config, drsBridgeDirectory string, gzippedFileName string, drsUrl, drsUsername, drsPassword string) string {
+func (i *IngestionService) UploadVcfGzToDrs(cfg *models.Config, drsBridgeDirectory string, gzippedFileName string, drsUrl string, project_id, dataset_id string, authHeader string) string {
 
 	if cfg.Debug {
 		http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
 	}
 
-	data := fmt.Sprintf("{\"path\": \"%s/%s\"}", drsBridgeDirectory, gzippedFileName)
+	path := fmt.Sprintf("%s/%s", drsBridgeDirectory, gzippedFileName)
 
 	var (
 		drsId           string
@@ -257,10 +258,16 @@ func (i *IngestionService) UploadVcfGzToDrs(cfg *models.Config, drsBridgeDirecto
 	)
 	for {
 		// prepare upload request to drs
-		r, _ := http.NewRequest("POST", drsUrl+"/ingest", bytes.NewBufferString(data))
+		form := url.Values{}
+		form.Add("path", path)
+		form.Add("dataset_id", dataset_id)
+		form.Add("project_id", project_id)
+		form.Add("data_type", "variant")
 
-		r.SetBasicAuth(drsUsername, drsPassword)
-		r.Header.Add("Content-Type", "application/json")
+		r, _ := http.NewRequest("POST", drsUrl+"/ingest", strings.NewReader(form.Encode()))
+
+		r.Header.Add("Authorization", authHeader)
+		r.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 
 		client := &http.Client{}
 
diff --git a/src/api/workflows/vcf_gz.wdl b/src/api/workflows/vcf_gz.wdl
index 38d1704..66cd30c 100644
--- a/src/api/workflows/vcf_gz.wdl
+++ b/src/api/workflows/vcf_gz.wdl
@@ -12,6 +12,7 @@ workflow vcf_gz {
             input: gohan_url = service_url,
                    vcf_gz_file_name = file_name,
                    assembly_id = assembly_id,
+                   project = project_id,
                    dataset = dataset_id,
                    filter_out_references = filter_out_references,
                    access_token = secret__access_token,
@@ -23,6 +24,7 @@ task vcf_gz_gohan {
     String gohan_url
     String vcf_gz_file_name
     String assembly_id
+    String project
     String dataset
     String filter_out_references
     String access_token
@@ -30,7 +32,7 @@ task vcf_gz_gohan {
     command {
         echo "Using temporary-token : ${access_token}"
 
-        QUERY="fileNames=${vcf_gz_file_name}&assemblyId=${assembly_id}&dataset=${dataset}&filterOutReferences=${filter_out_references}"
+        QUERY="fileNames=${vcf_gz_file_name}&assemblyId=${assembly_id}&dataset=${dataset}&project=${project}&filterOutReferences=${filter_out_references}"
         AUTH_HEADER="Authorization: Bearer ${access_token}"
         
         # TODO: refactor