feat: Support Bearer Token Authentication

[dzleidig]

We will soon be passing a client_credentials (service-to-service) bearer token to programs when executing in the context of Igor. Web will validate the bearer token (and only the bearer token, no user token needed) when receiving an API request.

Programs internally call the transcriptic library (this repo) to form an API Connection.

The change in this PR involves changing the Connection instantiation routine to recognize if the token is a Bearer token and, if so, set the standard OAuth Authorization header (and no X-User-Token header). This is opposed to a non-bearer token, which will result in the usual X-User-Token header.

Jira Issue: SEA-271

[yangchoo]

I think this is generally fine as a workaround, but I would like us to consider putting in more design work around this, especially if we foresee adding more authentication types (e.g. OAuth) in the future.

[yangchoo]

Had a discussion where it was decided that its fine to overload the token field for now.

The main decision point here is that we do not have upcoming authentication types in the horizon.

[yangchoo]

lgtm, thanks for adding in the validations

[dzleidig]

I'll take a final round of review on this when you get a chance, @yangchoo.

I'm getting some lint errors on Travis, but I did not change these files and I have latest master merged into my branch:

black....................................................................Failed
- hook id: black
- files were modified by this hook
reformatted /home/travis/build/strateos/transcriptic/transcriptic/analysis/spectrophotometry.py
reformatted /home/travis/build/strateos/transcriptic/transcriptic/cli.py
reformatted /home/travis/build/strateos/transcriptic/transcriptic/commands.py
reformatted /home/travis/build/strateos/transcriptic/transcriptic/routes.py

[yangchoo]

@dzleidig the issue with the local lint is due to a mismatch between your local black version and what's used in Travis. #168 should address this issue.

[yangchoo]

the core logic seems straightforward enough (adding to the authorization headers).

Minor nits on some extraneous keys. Additional clarification/messaging around specification of multiple tokens would be good as well.

[yangchoo]

Thanks for addressing nits. New behavior for handling token/bearer-token case looks good to me.

Please rebase w/ master to address the CI-lint errors.

[dzleidig]

Hmm, after installing the extra dependencies (e.g. pip install '.[docs]'`), the pre-commit passes locally without issue:

~/dev/transcriptic  SEA-271-oauth-token ✗                                                                                                                                                             1d ◒  
▶ pre-commit run --all-files                            
Check Yaml...............................................................Passed
Fix End of Files.........................................................Passed
Trim Trailing Whitespace.................................................Passed
black....................................................................Passed
Pylint...................................................................Passed
(env) 

[yangchoo]

Can confirm that I'm unable to reproduce this issue locally. After doing some further digging, I suspect it may be related to pylint concurrency. Based on pylint-dev/pylint#3611

I pushed a commit to limit the concurrency to 1 for now.

Let's see if this works. There's a big backlog on travis right now, so things are slower than usual on that front.

[yangchoo]

Seems like the concurrency limitations didn't fix the issue. For now, adding an explicit ignore so that it doesn't block this diff. Something to continue to look into

[dzleidig]

Ah, that's too bad. Can you approve once again so I can merge?

[yangchoo]

Formal approval. Lint error seems to have been fixed after reverting accidental comment change.