feat: jwt fetching and refreshing (#44)

* Added SubmissionAPISession class implemented as a context manager to dynamically manage token refreshing

* Added unit testing file for SubmissionAPISession, added tests for login and refresh

* Removed global credentials from submission_api_session file

* Updated session request method to allow for token requests in body as well as header

* Added tests for request method - successful first time and retries upon encoutering a 401

* Added unit tests for logout method and context manager functionality

* Fixed _set_command method in AnalyticsTES to use correct cli options for SQL runner. Added entrypoint to examples/analysis_examples.py

* Updated minio_client to use submission_api_session as opposed to a static token string

* Updated submit_task method in BaseTesClient so that token_session is injected and used to make the post request

* Updated AnalysisOrchestrator to accept SubmissionAPISession rather than static token and have this object injected accordingly in its methods

* Added skeleton integration and e2e tests for SubmissionAPIToken

* Added submission api credentials to the .env.example and have these initialised as defaults in the SubmissionAPISession constructor

* Added integration tests for SubmissionAPISession testing that login and refresh is successful on deployed 5STES version

* Added integration tests for minio client

* Update AnalysisRunner:run_analysis method to use SubmissionAPISession as a context manager

* Updated docstrings for SubmissionAPISession, added additional minio integration test, updated analysis runner to use context managed token session

* Updated pytest.ini to exclude integration tests by default, and tidied up integration tests

* Moved the error code parsing for invalid token from MinioClient._exchange_token_for_credentials to SubmisionAPISession.request to fix bug with access_token refreshing - updated tests accordingly.

* Added urlparse to minioclient

* Small refactor of SubmissionAPISession.request to include request sending and error handling is separate methods

* Use SubmissionAPIToken in metadata_runner responsible for running bunny on 5STES

* Reset analytics_tes.py to version on main for compatability with python container

* Modified constructor of SubmissionAPIToken to use a base keycloak url and build the token and logout endpoints from this using the standard keycloak endpoint patterns

* Updated example .env

Author: bp1183

.github/workflows/release.bunny.yml

@@ -6,8 +6,6 @@ name: Publish a Bunny CLI image compatible with Five Safes TES.
 on:
   schedule:
     - cron: "0 0 * * *"  
-  push: 
-    branches: ["add-ci-build-for-bunny-analytics-image"]
 env:
   image-name: five-safes-tes-analytics-bunny-cli
   repo-owner: ${{ github.repository_owner }}

analysis_orchestrator.py

@@ -1,16 +1,15 @@
-import json
 import time
 import os
 import tes
 from typing import List, Dict, Any, Tuple
 from dotenv import load_dotenv
+
 from tes_client import BaseTESClient
-from tes_client import get_status_description
 from minio_client import MinIOClient
 import polling
-from string import Template
+from submission_api_session import SubmissionAPISession 
+
 
-# Load environment variables from .env file
 load_dotenv()
 
 class AnalysisOrchestrator:
@@ -20,7 +19,12 @@ class AnalysisOrchestrator:
     Analysis-specific logic is handled by the AnalysisRunner class.
     """
 
-    def __init__(self, tes_client: BaseTESClient, token: str = None, project: str = None):
+    def __init__(
+        self, 
+        tes_client: BaseTESClient, 
+        token_session: SubmissionAPISession, 
+        project: str = None
+    ):
         """
         Initialize the analysis orchestrator.
 
@@ -29,21 +33,15 @@ def __init__(self, tes_client: BaseTESClient, token: str = None, project: str =
             token (str): Authentication token for TRE-FX services
             project (str): Project name for TES tasks (defaults to 5STES_PROJECT env var)
         """
-        if token is None:
-            token = os.getenv('5STES_TOKEN')
-            if not token:
-                raise ValueError("5STES_TOKEN environment variable is required when token parameter is not provided")
-        self.token = token
-        
-        # Set project from environment variable if not provided
         if project is None:
             project = os.getenv('5STES_PROJECT')
             if not project:
                 raise ValueError("5STES_PROJECT environment variable is required when project parameter is not provided")
-        
+            
+        self.token_session = token_session 
         self.project = project
         self.tes_client = tes_client
-        self.minio_client = MinIOClient(token)
+        self.minio_client = MinIOClient(token_session=token_session)
 
     def parse_tres(self, tres: str) -> List[str]:
         """
@@ -112,7 +110,7 @@ def _submit_and_collect_results(self,
         else:
             print(f"Submitting task to {n_results} TREs...")
 
-        result = self.tes_client.submit_task(tes_message, self.token)
+        result = self.tes_client.submit_task(tes_message, token_session=self.token_session)
 
         task_id = result['id']
         print(f"Task ID: {task_id}")

analysis_runner.py

@@ -4,18 +4,17 @@
 from tes_client import BaseTESClient
 from data_processor import DataProcessor
 from statistical_analyzer import StatisticalAnalyzer
+from submission_api_session import SubmissionAPISession 
 import numpy as np
 import os
 from string import Template
 
 
 class AnalysisRunner:
-    def __init__(self, 
-                    tes_client: BaseTESClient = AnalyticsTES(), 
-                    token: str = None, 
-                    project: str = None):
-        self.analysis_orchestrator = AnalysisOrchestrator(tes_client=tes_client, token=token, project=project)
-        self.tes_client = self.analysis_orchestrator.tes_client
+    def __init__(self, tes_client: BaseTESClient = AnalyticsTES(), project: str = None):
+        self.analysis_orchestrator = None 
+        self.tes_client = tes_client
+        self.project = project 
         # Own instances for aggregation and analysis
         self.data_processor = DataProcessor()
         self.statistical_analyzer = StatisticalAnalyzer()
@@ -43,57 +42,58 @@ def run_analysis(self,
         Returns:
             Dict[str, Any]: Analysis results
         """
+        with SubmissionAPISession() as token_session: 
+            self.analysis_orchestrator = AnalysisOrchestrator(self.tes_client, token_session=token_session, project=self.project)
 
-        task_name, task_description, bucket, tres = self.analysis_orchestrator.setup_analysis(analysis_type, task_name, task_description, bucket, tres)
-        
-        # Check if we should run on existing data (returns early if so)
-        existing_data_result = self.check_analysis_on_existing_data(analysis_type, user_query, tres)
-        if existing_data_result is not None:
-            return existing_data_result
-        
-        ### create the TES message for the analysis
-        
-        self.tes_client.set_tes_messages(
-            query=user_query,
-            analysis_type=analysis_type,
-            task_name=task_name,
-            task_description=task_description,
-            output_format="json",
-        )
-        self.tes_client.set_tags(tres=self.analysis_orchestrator.tres)
-        five_Safes_TES_message = self.tes_client.create_FiveSAFES_TES_message()
-                
-
-        # Submit task and collect results (common workflow)
-        try:
-            task_id, data = self.analysis_orchestrator._submit_and_collect_results(
-                five_Safes_TES_message,
-                bucket,
-                output_format="json",
-                submit_message=f"Submitting {analysis_type} analysis to {len(self.analysis_orchestrator.tres)} TREs..."
-            )
-
-            # Process and analyze data (aggregation moved to this class)
-            print("Processing and analyzing data...")
-            raw_aggregated_data = self.data_processor.aggregate_data(data, analysis_type)
+            task_name, task_description, bucket, tres = self.analysis_orchestrator.setup_analysis(analysis_type, task_name, task_description, bucket, tres)
 
-            analysis_result = self.statistical_analyzer.analyze_data(raw_aggregated_data, analysis_type)
+            # Check if we should run on existing data (returns early if so)
+            existing_data_result = self.check_analysis_on_existing_data(analysis_type, user_query, tres)
+            if existing_data_result is not None:
+                return existing_data_result
 
-            # Store the aggregated values in the centralized dict
-            self._store_aggregated_values(analysis_type)
+            ### create the TES message for the analysis
 
-            return {
-                'analysis_type': analysis_type,
-                'result': analysis_result,
-                'task_id': task_id,
-                'tres_used': tres,
-                'data_sources': len(data),
-                'complete_query': user_query
-            }
-            
-        except Exception as e:
-            print(f"Analysis failed: {str(e)}")
-            raise
+            self.tes_client.set_tes_messages(
+                query=user_query,
+                analysis_type=analysis_type,
+                task_name=task_name,
+                task_description=task_description,
+                output_format="json",
+            )
+            self.tes_client.set_tags(tres=self.analysis_orchestrator.tres)
+            five_Safes_TES_message = self.tes_client.create_FiveSAFES_TES_message()                 
+
+            # Submit task and collect results (common workflow)
+            try:
+                task_id, data = self.analysis_orchestrator._submit_and_collect_results(
+                    five_Safes_TES_message,
+                    bucket,
+                    output_format="json",
+                    submit_message=f"Submitting {analysis_type} analysis to {len(self.analysis_orchestrator.tres)} TREs..."
+                )
+
+                # Process and analyze data (aggregation moved to this class)
+                print("Processing and analyzing data...")
+                raw_aggregated_data = self.data_processor.aggregate_data(data, analysis_type)
+                
+                analysis_result = self.statistical_analyzer.analyze_data(raw_aggregated_data, analysis_type)
+                
+                # Store the aggregated values in the centralized dict
+                self._store_aggregated_values(analysis_type)
+                
+                return {
+                    'analysis_type': analysis_type,
+                    'result': analysis_result,
+                    'task_id': task_id,
+                    'tres_used': tres,
+                    'data_sources': len(data),
+                    'complete_query': user_query
+                }
+                
+            except Exception as e:
+                print(f"Analysis failed: {str(e)}")
+                raise
 
     def _store_aggregated_values(self, analysis_type: str):
         """

env.example

@@ -2,8 +2,14 @@
 # Copy this file to .env and update with your actual values
 # ALL VARIABLES BELOW ARE REQUIRED - the application will fail to start without them
 
-# Authentication
-5STES_TOKEN=your_jwt_token_here
+# Authentication 
+# Token and Logout URLs are derived from the SubmissionAPIBaseKeyCloakUrl
+SubmissionAPIKeyCloakClientId=your-keycloak_client-id
+SubmissionAPIKeyCloakSecret=your-keycloak-secret
+SubmissionAPIKeyCloakUsername=your-keycloak-user
+SubmissionAPIKeyCloakPassword=your-keycloak-password
+SubmissionAPIBaseKeyCloakUrl=https://<host>/realms/<realm>
+
 5STES_PROJECT=your_project_name
 
 # TES (Task Execution Service) Configuration

examples/analysis_examples.py

@@ -1,4 +1,14 @@
-# Example usage functions for common scenarios
+"""
+Example usage functions for common scenarios. 
+"""
+import os 
+from string import Template 
+from typing import List, Dict, Any 
+
+from analytics_tes import AnalyticsTES
+from analysis_runner import AnalysisRunner 
+
+
 def run_mean_analysis_example(analysis_runner: AnalysisRunner, concept_id: int, tres: List[str] = None) -> Dict[str, Any]:
     """
     Example function showing how to run a mean analysis.
@@ -16,7 +26,12 @@ def run_mean_analysis_example(analysis_runner: AnalysisRunner, concept_id: int,
 WHERE measurement_concept_id = $concept_id
 AND value_as_number IS NOT NULL""")
     user_query = query_template.safe_substitute(schema=sql_schema, concept_id=concept_id)
-    return analysis_runner.run_analysis("mean", user_query=user_query, tres=tres)
+    return analysis_runner.run_analysis(
+        analysis_type="mean",
+        task_name="DEMO: mean analysis test",
+        user_query=user_query, 
+        tres=tres
+    )
 
 
 def run_variance_analysis_example(analysis_runner: AnalysisRunner, concept_id: int, tres: List[str] = None) -> Dict[str, Any]:
@@ -97,4 +112,14 @@ def run_chi_squared_analysis_example(analysis_runner: AnalysisRunner, tres: List
 WHERE p.race_concept_id IN (38003574, 38003584)""")
 
     user_query = query_template.safe_substitute(schema=sql_schema)
-    return analysis_runner.run_analysis("chi_squared_scipy", user_query=user_query, tres=tres)
+    return analysis_runner.run_analysis("chi_squared_scipy", user_query=user_query, tres=tres)
+
+
+if __name__ == "__main__": 
+    tes_client = AnalyticsTES()
+    runner = AnalysisRunner(tes_client=tes_client)
+    
+    run_mean_analysis_example(
+        analysis_runner=runner, 
+        concept_id="43055141",
+    )

metadata_runner.py

@@ -3,15 +3,14 @@
 from bunny_tes import BunnyTES
 from tes_client import BaseTESClient
 from data_processor import DataProcessor
+from submission_api_session import SubmissionAPISession 
 import os
 
 class MetadataRunner:
-    def __init__(self, 
-                    tes_client: BaseTESClient = BunnyTES(), 
-                    token: str = None, 
-                    project: str = None):
-        self.analysis_orchestrator = AnalysisOrchestrator(tes_client=tes_client, token=token, project=project)
-        self.tes_client = self.analysis_orchestrator.tes_client
+    def __init__(self, tes_client: BaseTESClient = BunnyTES(), project: str = None):
+        self.analysis_orchestrator = None 
+        self.tes_client = tes_client
+        self.project = project 
         ## don't know whether to use the same processor, or create a new one.
         self.data_processor = DataProcessor()
 
@@ -29,54 +28,56 @@ def get_metadata(self,
 
         analysis_type = "metadata"
 
-        task_name, task_description, bucket, tres = self.analysis_orchestrator.setup_analysis(analysis_type, task_name, task_description, bucket, tres)
-
-        ### create the TES message for the metadata
-        metadata_tes = self.analysis_orchestrator.tes_client
-        metadata_tes.set_tes_messages(task_name=task_name, task_description=task_description)
-        metadata_tes.set_tags(tres=self.analysis_orchestrator.tres)
-        metadata_tes.create_FiveSAFES_TES_message()
-
-        try:
-            task_id, data = self.analysis_orchestrator._submit_and_collect_results(
-                metadata_tes.task,
-                bucket,
-                output_format="json",
-                submit_message=f"Submitting {analysis_type} analysis to {len(self.analysis_orchestrator.tres)} TREs..."
-            )
-
-            # Process and analyze data
-            print("Processing and analyzing data...")
-
-            # TODO: Implement proper metadata aggregation
-            # For now, just pass through the raw data as a placeholder
-            # The aggregation logic for metadata is different from analytics
-            # and needs to be implemented separately
-            raw_aggregated_data = data  # Placeholder: no aggregation yet
-            
-            ## placeholder for now, this is where the postprocessing will go.
-            #analysis_result = self.statistical_analyzer.analyze_data(raw_aggregated_data, analysis_type)
-            metadata_result = self.postprocess_metadata(raw_aggregated_data)
-
-            # Store the aggregated values in the centralized dict
-            # Note: Metadata storage may differ from analysis results
-            if isinstance(raw_aggregated_data, dict):
-                self.aggregated_data.update(raw_aggregated_data)
-            else:
-                self.aggregated_data['raw_data'] = raw_aggregated_data
-            
-
-            return {
-                'analysis_type': "metadata",
-                'result': metadata_result,
-                'task_id': task_id,
-                'tres_used': tres,
-                'data_sources': len(data)
-            }
-
-        except Exception as e:
-            print(f"Metadata analysis failed: {str(e)}")
-            raise
+        with SubmissionAPISession() as token_session: 
+            self.analysis_orchestrator = AnalysisOrchestrator(self.tes_client, token_session, self.project)
+            task_name, task_description, bucket, tres = self.analysis_orchestrator.setup_analysis(analysis_type, task_name, task_description, bucket, tres)
+
+            ### create the TES message for the metadata
+            metadata_tes = self.tes_client
+            metadata_tes.set_tes_messages(task_name=task_name, task_description=task_description)
+            metadata_tes.set_tags(tres=self.analysis_orchestrator.tres)
+            metadata_tes.create_FiveSAFES_TES_message()
+
+            try:
+                task_id, data = self.analysis_orchestrator._submit_and_collect_results(
+                    metadata_tes.task,
+                    bucket,
+                    output_format="json",
+                    submit_message=f"Submitting {analysis_type} analysis to {len(self.analysis_orchestrator.tres)} TREs..."
+                )
+
+                # Process and analyze data
+                print("Processing and analyzing data...")
+
+                # TODO: Implement proper metadata aggregation
+                # For now, just pass through the raw data as a placeholder
+                # The aggregation logic for metadata is different from analytics
+                # and needs to be implemented separately
+                raw_aggregated_data = data  # Placeholder: no aggregation yet
+                
+                ## placeholder for now, this is where the postprocessing will go.
+                #analysis_result = self.statistical_analyzer.analyze_data(raw_aggregated_data, analysis_type)
+                metadata_result = self.postprocess_metadata(raw_aggregated_data)
+
+                # Store the aggregated values in the centralized dict
+                # Note: Metadata storage may differ from analysis results
+                if isinstance(raw_aggregated_data, dict):
+                    self.aggregated_data.update(raw_aggregated_data)
+                else:
+                    self.aggregated_data['raw_data'] = raw_aggregated_data
+                
+
+                return {
+                    'analysis_type': "metadata",
+                    'result': metadata_result,
+                    'task_id': task_id,
+                    'tres_used': tres,
+                    'data_sources': len(data)
+                }
+
+            except Exception as e:
+                print(f"Metadata analysis failed: {str(e)}")
+                raise
 
 
     def postprocess_metadata(self, raw_data: Any) -> Any: