From 8a7c9b412fc5e26d3ae05c72c32330f12341866d Mon Sep 17 00:00:00 2001
From: Stefaan Lippens <stefaan.lippens@vito.be>
Date: Fri, 29 Mar 2024 11:37:45 +0100
Subject: [PATCH] Some more user_proxy related notes #275
 eu-cdse/openeo-cdse-infra#56

---
 openeo_driver/backend.py       | 5 +++++
 openeo_driver/config/config.py | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/openeo_driver/backend.py b/openeo_driver/backend.py
index 5fc163de..72d236f1 100644
--- a/openeo_driver/backend.py
+++ b/openeo_driver/backend.py
@@ -753,6 +753,11 @@ def summarize_exception(self, error: Exception) -> Union[ErrorSummary, Exception
 
     def set_preferred_username_getter(self, getter: Callable[[User], Optional[str]]):
         # TODO #275 this "proxy_user" feature is YARN/Spark/VITO specific. Move it to oppeno-geopyspark-driver?
+        # TODO this method talks about "preferred_username" but is currently used to propagate
+        #      the YARN proxy_user (which must be unique and does align very well with a user chosen preferred username)
+        #      In other cases (eu-cdse/openeo-cdse-infra#56) we might generate the YARN proxy_user
+        #      in an even more constrained way, completely separate from any preferred username.
+        #      In short: this method's name might set wrong expectations.
         self.batch_jobs.set_proxy_user_getter(getter)
 
     def user_access_validation(self, user: User, request: flask.Request) -> User:
diff --git a/openeo_driver/config/config.py b/openeo_driver/config/config.py
index b110e0ff..ecbf368d 100644
--- a/openeo_driver/config/config.py
+++ b/openeo_driver/config/config.py
@@ -55,7 +55,7 @@ class OpenEoBackendConfig:
 
     # Mapping of `(oidc_provider id, token_sub) to extra user info dictionary, with:
     # - `token_sub`: OIDC token "sub" field, identifying a user (or client in case of client credentials grant).
-    # Example use case: specifying the YARN proxy user to use for batch jobs of service accounts.
+    # Example use case: specifying the YARN proxy user to run batch jobs with for service accounts (client credentials).
     oidc_user_map: Dict[Tuple[str, str], dict] = attrs.Factory(dict)
 
     # General Flask related settings