Merge branch 'main' of github.com:sartography/spiffworkflow-backend into main

bin/boot_server_in_docker

@@ -51,4 +51,4 @@ export IS_GUNICORN="true"
 export PROCESS_WAITING_MESSAGES="true"
 
 # THIS MUST BE THE LAST COMMAND!
-exec poetry run gunicorn ${additional_args} --bind "0.0.0.0:$port" --workers="$workers" --timeout 90 --capture-output --access-logfile '-' --log-level debug wsgi:app
+exec poetry run gunicorn ${additional_args} --bind "0.0.0.0:$port" --workers="$workers" --limit-request-line 8192 --timeout 90 --capture-output --access-logfile '-' --log-level debug wsgi:app

migrations/env.py

@@ -1,3 +1,5 @@
+from __future__ import with_statement
+
 import logging
 from logging.config import fileConfig
 

migrations/versions/9e14b40371f3_.py

@@ -0,0 +1,341 @@
+"""empty message
+
+Revision ID: 9e14b40371f3
+Revises: 
+Create Date: 2022-10-19 19:31:20.431800
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '9e14b40371f3'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('admin_session',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('token', sa.String(length=50), nullable=True),
+    sa.Column('admin_impersonate_uid', sa.String(length=50), nullable=True),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('token')
+    )
+    op.create_table('bpmn_process_id_lookup',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('bpmn_process_identifier', sa.String(length=255), nullable=True),
+    sa.Column('bpmn_file_relative_path', sa.String(length=255), nullable=True),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index(op.f('ix_bpmn_process_id_lookup_bpmn_process_identifier'), 'bpmn_process_id_lookup', ['bpmn_process_identifier'], unique=True)
+    op.create_table('group',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('name', sa.String(length=255), nullable=True),
+    sa.Column('identifier', sa.String(length=255), nullable=True),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('message_model',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('identifier', sa.String(length=50), nullable=True),
+    sa.Column('name', sa.String(length=50), nullable=True),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index(op.f('ix_message_model_identifier'), 'message_model', ['identifier'], unique=True)
+    op.create_index(op.f('ix_message_model_name'), 'message_model', ['name'], unique=True)
+    op.create_table('permission_target',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('uri', sa.String(length=255), nullable=False),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('uri')
+    )
+    op.create_table('user',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('username', sa.String(length=255), nullable=False),
+    sa.Column('uid', sa.String(length=50), nullable=True),
+    sa.Column('service', sa.String(length=50), nullable=False),
+    sa.Column('service_id', sa.String(length=255), nullable=False),
+    sa.Column('name', sa.String(length=255), nullable=True),
+    sa.Column('email', sa.String(length=255), nullable=True),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('service', 'service_id', name='service_key'),
+    sa.UniqueConstraint('uid'),
+    sa.UniqueConstraint('username')
+    )
+    op.create_table('message_correlation_property',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('identifier', sa.String(length=50), nullable=True),
+    sa.Column('message_model_id', sa.Integer(), nullable=False),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['message_model_id'], ['message_model.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('identifier', 'message_model_id', name='message_correlation_property_unique')
+    )
+    op.create_index(op.f('ix_message_correlation_property_identifier'), 'message_correlation_property', ['identifier'], unique=False)
+    op.create_table('message_triggerable_process_model',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('message_model_id', sa.Integer(), nullable=False),
+    sa.Column('process_model_identifier', sa.String(length=50), nullable=False),
+    sa.Column('process_group_identifier', sa.String(length=50), nullable=False),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['message_model_id'], ['message_model.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('message_model_id')
+    )
+    op.create_index(op.f('ix_message_triggerable_process_model_process_group_identifier'), 'message_triggerable_process_model', ['process_group_identifier'], unique=False)
+    op.create_index(op.f('ix_message_triggerable_process_model_process_model_identifier'), 'message_triggerable_process_model', ['process_model_identifier'], unique=False)
+    op.create_table('principal',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=True),
+    sa.Column('group_id', sa.Integer(), nullable=True),
+    sa.CheckConstraint('NOT(user_id IS NULL AND group_id IS NULL)'),
+    sa.ForeignKeyConstraint(['group_id'], ['group.id'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('group_id'),
+    sa.UniqueConstraint('user_id')
+    )
+    op.create_table('process_instance',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('process_model_identifier', sa.String(length=50), nullable=False),
+    sa.Column('process_group_identifier', sa.String(length=50), nullable=False),
+    sa.Column('process_initiator_id', sa.Integer(), nullable=False),
+    sa.Column('bpmn_json', sa.JSON(), nullable=True),
+    sa.Column('start_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('end_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('status', sa.String(length=50), nullable=True),
+    sa.Column('bpmn_version_control_type', sa.String(length=50), nullable=True),
+    sa.Column('bpmn_version_control_identifier', sa.String(length=255), nullable=True),
+    sa.ForeignKeyConstraint(['process_initiator_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index(op.f('ix_process_instance_process_group_identifier'), 'process_instance', ['process_group_identifier'], unique=False)
+    op.create_index(op.f('ix_process_instance_process_model_identifier'), 'process_instance', ['process_model_identifier'], unique=False)
+    op.create_table('process_instance_report',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('identifier', sa.String(length=50), nullable=False),
+    sa.Column('process_model_identifier', sa.String(length=50), nullable=False),
+    sa.Column('process_group_identifier', sa.String(length=50), nullable=False),
+    sa.Column('report_metadata', sa.JSON(), nullable=True),
+    sa.Column('created_by_id', sa.Integer(), nullable=False),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['created_by_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('process_group_identifier', 'process_model_identifier', 'identifier', name='process_instance_report_unique')
+    )
+    op.create_index(op.f('ix_process_instance_report_identifier'), 'process_instance_report', ['identifier'], unique=False)
+    op.create_index(op.f('ix_process_instance_report_process_group_identifier'), 'process_instance_report', ['process_group_identifier'], unique=False)
+    op.create_index(op.f('ix_process_instance_report_process_model_identifier'), 'process_instance_report', ['process_model_identifier'], unique=False)
+    op.create_table('secret',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('key', sa.String(length=50), nullable=False),
+    sa.Column('value', sa.Text(), nullable=False),
+    sa.Column('creator_user_id', sa.Integer(), nullable=False),
+    sa.ForeignKeyConstraint(['creator_user_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('key')
+    )
+    op.create_table('user_group_assignment',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=False),
+    sa.Column('group_id', sa.Integer(), nullable=False),
+    sa.ForeignKeyConstraint(['group_id'], ['group.id'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('user_id', 'group_id', name='user_group_assignment_unique')
+    )
+    op.create_table('active_task',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=False),
+    sa.Column('assigned_principal_id', sa.Integer(), nullable=True),
+    sa.Column('form_file_name', sa.String(length=50), nullable=True),
+    sa.Column('ui_form_file_name', sa.String(length=50), nullable=True),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('task_id', sa.String(length=50), nullable=True),
+    sa.Column('task_name', sa.String(length=50), nullable=True),
+    sa.Column('task_title', sa.String(length=50), nullable=True),
+    sa.Column('task_type', sa.String(length=50), nullable=True),
+    sa.Column('task_status', sa.String(length=50), nullable=True),
+    sa.Column('process_model_display_name', sa.String(length=255), nullable=True),
+    sa.Column('task_data', sa.Text(length=4294000000), nullable=True),
+    sa.ForeignKeyConstraint(['assigned_principal_id'], ['principal.id'], ),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('task_id', 'process_instance_id', name='active_task_unique')
+    )
+    op.create_table('file',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('name', sa.String(length=50), nullable=False),
+    sa.Column('type', sa.String(length=50), nullable=False),
+    sa.Column('content_type', sa.String(length=50), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=True),
+    sa.Column('task_spec', sa.String(length=50), nullable=True),
+    sa.Column('irb_doc_code', sa.String(length=50), nullable=False),
+    sa.Column('md5_hash', sa.String(length=50), nullable=False),
+    sa.Column('data', sa.LargeBinary(), nullable=True),
+    sa.Column('size', sa.Integer(), nullable=True),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('user_uid', sa.String(length=50), nullable=True),
+    sa.Column('archived', sa.Boolean(), nullable=True),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.ForeignKeyConstraint(['user_uid'], ['user.uid'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('message_correlation',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=False),
+    sa.Column('message_correlation_property_id', sa.Integer(), nullable=False),
+    sa.Column('name', sa.String(length=255), nullable=False),
+    sa.Column('value', sa.String(length=255), nullable=False),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['message_correlation_property_id'], ['message_correlation_property.id'], ),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('process_instance_id', 'message_correlation_property_id', 'name', name='message_instance_id_name_unique')
+    )
+    op.create_index(op.f('ix_message_correlation_message_correlation_property_id'), 'message_correlation', ['message_correlation_property_id'], unique=False)
+    op.create_index(op.f('ix_message_correlation_name'), 'message_correlation', ['name'], unique=False)
+    op.create_index(op.f('ix_message_correlation_process_instance_id'), 'message_correlation', ['process_instance_id'], unique=False)
+    op.create_index(op.f('ix_message_correlation_value'), 'message_correlation', ['value'], unique=False)
+    op.create_table('message_instance',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=False),
+    sa.Column('message_model_id', sa.Integer(), nullable=False),
+    sa.Column('message_type', sa.String(length=20), nullable=False),
+    sa.Column('payload', sa.JSON(), nullable=True),
+    sa.Column('status', sa.String(length=20), nullable=False),
+    sa.Column('failure_cause', sa.Text(), nullable=True),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('created_at_in_seconds', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['message_model_id'], ['message_model.id'], ),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('permission_assignment',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('principal_id', sa.Integer(), nullable=False),
+    sa.Column('permission_target_id', sa.Integer(), nullable=False),
+    sa.Column('grant_type', sa.String(length=50), nullable=True),
+    sa.Column('permission', sa.String(length=50), nullable=True),
+    sa.ForeignKeyConstraint(['permission_target_id'], ['permission_target.id'], ),
+    sa.ForeignKeyConstraint(['principal_id'], ['principal.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('principal_id', 'permission_target_id', 'permission', name='permission_assignment_uniq')
+    )
+    op.create_table('spiff_logging',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=False),
+    sa.Column('bpmn_process_identifier', sa.String(length=255), nullable=False),
+    sa.Column('bpmn_task_identifier', sa.String(length=255), nullable=False),
+    sa.Column('bpmn_task_name', sa.String(length=255), nullable=True),
+    sa.Column('bpmn_task_type', sa.String(length=255), nullable=True),
+    sa.Column('spiff_task_guid', sa.String(length=50), nullable=False),
+    sa.Column('timestamp', sa.DECIMAL(precision=17, scale=6), nullable=False),
+    sa.Column('message', sa.String(length=255), nullable=True),
+    sa.Column('current_user_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['current_user_id'], ['user.id'], ),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('task_event',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=False),
+    sa.Column('spec_version', sa.String(length=50), nullable=True),
+    sa.Column('action', sa.String(length=50), nullable=True),
+    sa.Column('task_id', sa.String(length=50), nullable=True),
+    sa.Column('task_name', sa.String(length=50), nullable=True),
+    sa.Column('task_title', sa.String(length=50), nullable=True),
+    sa.Column('task_type', sa.String(length=50), nullable=True),
+    sa.Column('task_state', sa.String(length=50), nullable=True),
+    sa.Column('task_lane', sa.String(length=50), nullable=True),
+    sa.Column('form_data', sa.JSON(), nullable=True),
+    sa.Column('mi_type', sa.String(length=50), nullable=True),
+    sa.Column('mi_count', sa.Integer(), nullable=True),
+    sa.Column('mi_index', sa.Integer(), nullable=True),
+    sa.Column('process_name', sa.String(length=50), nullable=True),
+    sa.Column('date', sa.DateTime(timezone=True), nullable=True),
+    sa.ForeignKeyConstraint(['process_instance_id'], ['process_instance.id'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('data_store',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('updated_at_in_seconds', sa.Integer(), nullable=True),
+    sa.Column('key', sa.String(length=50), nullable=False),
+    sa.Column('process_instance_id', sa.Integer(), nullable=True),
+    sa.Column('task_spec', sa.String(length=50), nullable=True),
+    sa.Column('spec_id', sa.String(length=50), nullable=True),
+    sa.Column('user_id', sa.String(length=50), nullable=True),
+    sa.Column('file_id', sa.Integer(), nullable=True),
+    sa.Column('value', sa.String(length=50), nullable=True),
+    sa.ForeignKeyConstraint(['file_id'], ['file.id'], ),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('message_correlation_message_instance',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('message_instance_id', sa.Integer(), nullable=False),
+    sa.Column('message_correlation_id', sa.Integer(), nullable=False),
+    sa.ForeignKeyConstraint(['message_correlation_id'], ['message_correlation.id'], ),
+    sa.ForeignKeyConstraint(['message_instance_id'], ['message_instance.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('message_instance_id', 'message_correlation_id', name='message_correlation_message_instance_unique')
+    )
+    op.create_index(op.f('ix_message_correlation_message_instance_message_correlation_id'), 'message_correlation_message_instance', ['message_correlation_id'], unique=False)
+    op.create_index(op.f('ix_message_correlation_message_instance_message_instance_id'), 'message_correlation_message_instance', ['message_instance_id'], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f('ix_message_correlation_message_instance_message_instance_id'), table_name='message_correlation_message_instance')
+    op.drop_index(op.f('ix_message_correlation_message_instance_message_correlation_id'), table_name='message_correlation_message_instance')
+    op.drop_table('message_correlation_message_instance')
+    op.drop_table('data_store')
+    op.drop_table('task_event')
+    op.drop_table('spiff_logging')
+    op.drop_table('permission_assignment')
+    op.drop_table('message_instance')
+    op.drop_index(op.f('ix_message_correlation_value'), table_name='message_correlation')
+    op.drop_index(op.f('ix_message_correlation_process_instance_id'), table_name='message_correlation')
+    op.drop_index(op.f('ix_message_correlation_name'), table_name='message_correlation')
+    op.drop_index(op.f('ix_message_correlation_message_correlation_property_id'), table_name='message_correlation')
+    op.drop_table('message_correlation')
+    op.drop_table('file')
+    op.drop_table('active_task')
+    op.drop_table('user_group_assignment')
+    op.drop_table('secret')
+    op.drop_index(op.f('ix_process_instance_report_process_model_identifier'), table_name='process_instance_report')
+    op.drop_index(op.f('ix_process_instance_report_process_group_identifier'), table_name='process_instance_report')
+    op.drop_index(op.f('ix_process_instance_report_identifier'), table_name='process_instance_report')
+    op.drop_table('process_instance_report')
+    op.drop_index(op.f('ix_process_instance_process_model_identifier'), table_name='process_instance')
+    op.drop_index(op.f('ix_process_instance_process_group_identifier'), table_name='process_instance')
+    op.drop_table('process_instance')
+    op.drop_table('principal')
+    op.drop_index(op.f('ix_message_triggerable_process_model_process_model_identifier'), table_name='message_triggerable_process_model')
+    op.drop_index(op.f('ix_message_triggerable_process_model_process_group_identifier'), table_name='message_triggerable_process_model')
+    op.drop_table('message_triggerable_process_model')
+    op.drop_index(op.f('ix_message_correlation_property_identifier'), table_name='message_correlation_property')
+    op.drop_table('message_correlation_property')
+    op.drop_table('user')
+    op.drop_table('permission_target')
+    op.drop_index(op.f('ix_message_model_name'), table_name='message_model')
+    op.drop_index(op.f('ix_message_model_identifier'), table_name='message_model')
+    op.drop_table('message_model')
+    op.drop_table('group')
+    op.drop_index(op.f('ix_bpmn_process_id_lookup_bpmn_process_identifier'), table_name='bpmn_process_id_lookup')
+    op.drop_table('bpmn_process_id_lookup')
+    op.drop_table('admin_session')
+    # ### end Alembic commands ###

poetry.lock

@@ -639,7 +639,7 @@ werkzeug = "*"
 type = "git"
 url = "https://github.com/sartography/flask-bpmn"
 reference = "main"
-resolved_reference = "42cebab51fe469ab9dcb45672917d34c1f30987a"
+resolved_reference = "6e1411dd134955a829bb9f3d59b4af121907cd35"
 
 [[package]]
 name = "Flask-Cors"
@@ -1847,8 +1847,8 @@ test = ["pytest"]
 
 [[package]]
 name = "SpiffWorkflow"
-version = "1.2.0"
+version = "1.2.1"
-description = "A workflow framework and BPMN/DMN Processor"
+description = ""
 category = "main"
 optional = false
 python-versions = "*"
@@ -1858,7 +1858,6 @@ develop = false
 celery = "*"
 configparser = "*"
 dateparser = "*"
-importlib-metadata = "<5.0"
 lxml = "*"
 pytz = "*"
 
@@ -1866,7 +1865,7 @@ pytz = "*"
 type = "git"
 url = "https://github.com/sartography/SpiffWorkflow"
 reference = "main"
-resolved_reference = "d9fcd45a384f8376a669cf58677564289d2c661c"
+resolved_reference = "a094adad8767f82e9c5fa806a46597e066252a72"
 
 [[package]]
 name = "SQLAlchemy"

src/spiffworkflow_backend/api.yml

@@ -951,6 +951,47 @@ paths:
               schema:
                 $ref: "#/components/schemas/ServiceTask"
 
+  /authentication_callback/{service}/{auth_method}:
+    parameters:
+      - name: service
+        in: path
+        required: true
+        description: The name of the service
+        schema:
+          type: string
+      - name: auth_method
+        in: path
+        required: true
+        description: The method
+        schema:
+          type: string
+      - name: response
+        in: query
+        required: true
+        description: The response
+        schema:
+          type: string
+      - name: token
+        in: query
+        required: true
+        description: The response
+        schema:
+          type: string
+    get:
+      # disable security so we can get the token from query params instead
+      security: []
+      tags:
+        - Authentications
+      operationId: spiffworkflow_backend.routes.process_api_blueprint.authentication_callback
+      summary: Callback to backend
+      responses:
+        "200":
+          description: All authentications
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ServiceTask"
+
   /tasks/{process_instance_id}/{task_id}:
     parameters:
       - name: task_id
@@ -1457,10 +1498,6 @@ components:
         category_id:
           type: string
           nullable: true
-        standalone:
-          type: boolean
-          example: false
-          default: false
         workflow_spec_category:
           $ref: "#/components/schemas/ProcessModelCategory"
         is_status:

src/spiffworkflow_backend/models/secret_model.py

@@ -16,7 +16,7 @@ class SecretModel(SpiffworkflowBaseDBModel):
     __tablename__ = "secret"
     id: int = db.Column(db.Integer, primary_key=True)
     key: str = db.Column(db.String(50), unique=True, nullable=False)
-    value: str = db.Column(db.String(255), nullable=False)
+    value: str = db.Column(db.Text(), nullable=False)
     creator_user_id: int = db.Column(ForeignKey(UserModel.id), nullable=False)
 
 

src/spiffworkflow_backend/routes/process_api_blueprint.py

@@ -13,11 +13,13 @@ from typing import Union
 import connexion  # type: ignore
 import flask.wrappers
 import jinja2
+import werkzeug
 from flask import Blueprint
 from flask import current_app
 from flask import g
 from flask import jsonify
 from flask import make_response
+from flask import redirect
 from flask import request
 from flask.wrappers import Response
 from flask_bpmn.api.api_error import ApiError
@@ -52,6 +54,7 @@ from spiffworkflow_backend.models.secret_model import SecretModel
 from spiffworkflow_backend.models.secret_model import SecretModelSchema
 from spiffworkflow_backend.models.spiff_logging import SpiffLoggingModel
 from spiffworkflow_backend.models.user import UserModel
+from spiffworkflow_backend.routes.user import verify_token
 from spiffworkflow_backend.services.error_handling_service import ErrorHandlingService
 from spiffworkflow_backend.services.file_system_service import FileSystemService
 from spiffworkflow_backend.services.git_service import GitService
@@ -780,11 +783,28 @@ def authentication_list() -> flask.wrappers.Response:
     response_json = {
         "results": available_authentications,
         "connector_proxy_base_url": current_app.config["CONNECTOR_PROXY_URL"],
+        "redirect_url": f"{current_app.config['SPIFFWORKFLOW_BACKEND_URL']}/v1.0/authentication_callback",
     }
 
     return Response(json.dumps(response_json), status=200, mimetype="application/json")
 
 
+def authentication_callback(
+    service: str,
+    auth_method: str,
+) -> werkzeug.wrappers.Response:
+    """Authentication_callback."""
+    verify_token(request.args.get("token"))
+    response = request.args["response"]
+    print(f"response: {response}")
+    SecretService().update_secret(
+        f"{service}/{auth_method}", response, g.user.id, create_if_not_exists=True
+    )
+    return redirect(
+        f"{current_app.config['SPIFFWORKFLOW_FRONTEND_URL']}/admin/authentications"
+    )
+
+
 def process_instance_report_show(
     process_group_id: str,
     process_model_id: str,

src/spiffworkflow_backend/services/secret_service.py

@@ -69,7 +69,8 @@ class SecretService:
     def update_secret(
         key: str,
         value: str,
-        creator_user_id: Optional[int] = None,
+        creator_user_id: int,
+        create_if_not_exists: Optional[bool] = False,
     ) -> None:
         """Does this pass pre commit?"""
         secret_model = SecretModel.query.filter(SecretModel.key == key).first()
@@ -80,16 +81,18 @@ class SecretService:
                 try:
                     db.session.commit()
                 except Exception as e:
-                    raise ApiError(
+                    db.session.rollback()
-                        error_code="update_secret_error",
+                    raise e
-                        message=f"There was an error updating the secret with key: {key}, and value: {value}",
-                    ) from e
             else:
                 raise ApiError(
                     error_code="update_secret_error",
                     message=f"User: {creator_user_id} cannot update the secret with key : {key}",
                     status_code=401,
                 )
+        elif create_if_not_exists:
+            SecretService.add_secret(
+                key=key, value=value, creator_user_id=creator_user_id
+            )
         else:
             raise ApiError(
                 error_code="update_secret_error",

src/spiffworkflow_backend/services/service_task_service.py

@@ -90,5 +90,4 @@ class ServiceTaskService:
             parsed_response = json.loads(response.text)
             return parsed_response
         except Exception as exception:
-            current_app.logger.error(exception)
             raise ConnectorProxyError(exception.__class__.__name__) from exception

tests/spiffworkflow_backend/integration/test_process_api.py

@@ -1560,6 +1560,16 @@ class TestProcessApi(BaseTest):
         assert response.json is not None
         assert len(response.json["results"]) == 2
 
+    # TODO: test the auth callback endpoint
+    # def test_can_store_authentication_secret(
+    #     self, app: Flask, client: FlaskClient, with_db_and_bpmn_file_cleanup: None
+    # ) -> None:
+    #     """Test_can_store_authentication_secret."""
+    #     response = client.get(
+    #         "/v1.0/authentication_callback",
+    #         headers=self.logged_in_headers(user),
+    #     )
+
     # def test_get_process_model(self):
     #
     #     load_test_spec('random_fact')