Applied Value Group: Knowledge Management System September 2023
This is my monthly dev-log on the Applied Value Kknowledge Management System.
Meeting 2023-09-12
- Sassja
- Need a discovery phase
- Good for orgs to discover how to work with AI
- Whois?
- Matti
- Need to setup admin priveleges
- Bruce
- Quality control
- Tags for quality control
- Adding more template tags like these
- Quality control
- Carl
- Don't reinvent the wheel
- We need to be careful about not creating too many maintenance dependencies
- I mostly agree - but we need some level of data pipeline nonetheless
Authorization
Authentication has been a sticking point earlier this month. Box makes it exceptionally difficult to set authorization settings. What I've learned so far...
- The authentication to authorization flow goes something like this right (JWT)
- The app token is created by craeting a custom app on the Box Dev Console
- The box token was created with Custom App mode and Enterprise access
- The real question is if this is even necessary, this will need to be tested in the future because it may not be wise to have this permissive a token.
- The latest
avg-kmsapp token does work however and crucially it works when performing API operations using user grants of any user.
Authenticating the BoxSDK Client (Python)
from boxsdk import Client, JWTAuth
auth = JWTAuth.from_settings_file(JWT_JSON_TOKEN_FROM_DEV_CONSOLE.json)
auth.authenticate_instance()
client = Client(auth)
client = self.get_client()
try:
# user = client.user(user_id=user_id).get()
user = client.user(user_id=user_id)
client = client.as_user(user)
username = client.user().get().name
print(f"Debug: Client should now act as user {username}")
except Exception as e:
print(f"Failed to authenticate as user {user_id}: {e}")
folder = self.client.folder(folder_id=dir_id)
items = [item for item in folder.get_items()]
print(items)This code snippet above creates an auth object from JWTAuth from boxsdk.
This will craete an auth object that has all of the authorization configurations of
the JWT token created from the Box Dev Console.
This can be used to create a Client object or client that
can be used to perform Box SDK operations, like viewing the contents of a folder.
First to be able to perform these operations as a different user,
you need to use the client authenticated with the JWTAuth,
to then use the client.as_user(client.user(user_id=SOME_USER_ID)),
which finally gets you an updated Client object that
now performs SDK operations as that user with user ID SOME_USER_ID.