feat: Backlog/monorepo refactor 2025/authenticate library

[lluisCM]

Resolves :

• CLICKUP-
• FT-
• SENTRY-
• ZENDESK-

• I have added automatic tests where applicable.
• The PR contains a description of what has been changed.
• The description contains manual test instructions.
• The PR contains update to the release notes.
• The PR contains update to the documentation.

This PR has been tested on :

• Windows.
• MacOs.
• Linux.

Overview

Purpose:
Authenticate and session library and Authenticator and session tools basic functionality is in.

Scope:

Implementation Details

Approach:

Reasoning:

Changes:

Trade-offs:

Testing

Tests Added:

Manual Testing:

Testing Environment:

Notes for Reviewers

Focus Areas:

Dependencies:

Known Issues:

[dennisweil]

I don't quite understand why an internal webserver is needed for the authentication.

[dennisweil]

Small, unimportant detail reg. code styling:
Imports should be alphabetically ordered.

[lluisCM]

To be discussed

[dennisweil]

This check should be moved into a setter method.
We might only want to check for the validity of the URL when actually trying to authenticate. We can safely tolerate a non-valid url unless we try to contact the server.

[lluisCM]

Lets talk about this one. I wanted to avoid a setter method here as I don't want to give access to anyone to change the server url.

[lluisCM]

Agreed on leaving it protected until we have another necessity.

[dennisweil]

Naming this methong simply create would be sufficient. The name/type of the factory class already makes it quite obvious what it will create.

[lluisCM]

I would prefer to make it specific. If we start using create build or this kind of generic names, it ends up beign very difficult to navigate through the code.

[lluisCM]

Agreed to change it to a more generic name "make".

[dennisweil]

We might have different methods for authentication. Naming should follow a pattern of .... I'd recommend to rename the method to authenticate_browser and in extension also rename the other authentication methods according to this schema.

[lluisCM]

I don't see the difference?
I mean I currently have browser_authenticate and credential_authenticate as methods. why flipping the order will make it best practice?

[lluisCM]

Agreed to change this to authenticate_browser and authenticate_credential. Because this way you can .authenticate_... and it will show you the available possibilities.

[dennisweil]

Instead of adding the actual exception into the log string, it's better to use the keyword argument exc_info=True, which will automatically add the error and the stack trace to the logging message.

General Discussion topic:
Where should exception handling happen? I have a small preference for deferring the handling of exceptions into the usage code, rather than the library code. We should raise here, but handling the exception should be done outside of this scope.

[lluisCM]

Lets talk about this.

[lluisCM]

Agreed on following exc_info "pattern". And agreed on always raising on libraries to propagate the error.

[dennisweil]

Concistency:

Use the TYPE_CHECKING mechanism for type hints as in the other files.

[lluisCM]

If you talk about the credentialProvider import. I can't use type_checking because I need it on the :
isinstance(value, CredentialProvider...

[lluisCM]

We will maintain consistency in the Typing checking using strings.

[dennisweil]

Consistency:

Using consistent patterns. This should also have a factory.

[lluisCM]

Why? this is equivalent to the authenticate module, not to the credential or webserver helpers.

[lluisCM]

Agreed to use it as it is for now until we start using it and we see what needs it has, then we will rename it or adapt it.

[dennisweil]

load_session implies that we're dealing with a stored/cached session while in reality, we're creating a new session.
Naming it new_session or create_session makes the intent clearer.
If the load refers to the cretendials, we should name it as new_session_from_stored_credentials.

[dennisweil]

I'd propose to use a more generic retry library. This is a good one:
https://github.com/jd/tenacity

[lluisCM]

I think might not be worth having a new dependency to a library here... But lets discuss it.

[lluisCM]

Agreed on improving names to connect to the event hub thread

[dennisweil]

If we have a function like this, we should use it and implement our ftrack checkers to be provided to this function.

However, the functionality seems generic enough, that python's builtin functionality should be more than enough:

url_valid = all([check_function(url) for check_function in checker_functions])

[lluisCM]

Interesting, lets talk about this.

[lluisCM]

Lets remove the url_checker and use the ftrack_url_checker everywhere.

[lluisCM]

I don't quite understand why an internal webserver is needed for the authentication.

It is needed to redirect the webbrowser authentication and read the credentials from there.

[dennisweil]

Approved except for a small discussion point regarding singular/plura.