orchestrator-core 4.1.0rc1__py3-none-any.whl → 4.1.0rc2__py3-none-any.whl

orchestrator/__init__.py

@@ -13,7 +13,7 @@
 
 """This is the orchestrator workflow engine."""
 
-__version__ = "4.1.0rc1"
+__version__ = "4.1.0rc2"
 
 from orchestrator.app import OrchestratorCore
 from orchestrator.settings import app_settings

orchestrator/api/api_v1/endpoints/processes.py

@@ -25,7 +25,7 @@ from fastapi.param_functions import Body, Depends, Header
 from fastapi.routing import APIRouter
 from fastapi.websockets import WebSocket
 from fastapi_etag.dependency import CacheHit
-from more_itertools import chunked
+from more_itertools import chunked, last
 from sentry_sdk.tracing import trace
 from sqlalchemy import CompoundSelect, Select, select
 from sqlalchemy.orm import defer, joinedload
@@ -56,6 +56,7 @@ from orchestrator.services.processes import (
 )
 from orchestrator.services.settings import get_engine_settings
 from orchestrator.settings import app_settings
+from orchestrator.utils.auth import Authorizer
 from orchestrator.utils.enrich_process import enrich_process
 from orchestrator.websocket import (
     WS_CHANNELS,
@@ -63,7 +64,7 @@ from orchestrator.websocket import (
     broadcast_process_update_to_websocket,
     websocket_manager,
 )
-from orchestrator.workflow import ProcessStatus
+from orchestrator.workflow import ProcessStat, ProcessStatus, StepList, Workflow
 from pydantic_forms.types import JSON, State
 
 router = APIRouter()
@@ -86,6 +87,48 @@ def check_global_lock() -> None:
         )
 
 
+def get_current_steps(pstat: ProcessStat) -> StepList:
+    """Extract past and current steps from the ProcessStat."""
+    remaining_steps = pstat.log
+    past_steps = pstat.workflow.steps[: -len(remaining_steps)]
+    return StepList(past_steps + [pstat.log[0]])
+
+
+def get_auth_callbacks(steps: StepList, workflow: Workflow) -> tuple[Authorizer | None, Authorizer | None]:
+    """Iterate over workflow and prior steps to determine correct authorization callbacks for the current step.
+
+    It's safest to always iterate through the steps. We could track these callbacks statefully
+    as we progress through the workflow, but if we fail a step and the system restarts, the previous
+    callbacks will be lost if they're only available in the process state.
+
+    Priority:
+    - RESUME callback is explicit RESUME callback, else previous START/RESUME callback
+    - RETRY callback is explicit RETRY, else explicit RESUME, else previous RETRY
+    """
+    # Default to workflow start callbacks
+    auth_resume = workflow.authorize_callback
+    # auth_retry defaults to the workflow start callback if not otherwise specified.
+    # A workflow SHOULD have both callbacks set to not-None. This enforces the correct default regardless.
+    auth_retry = workflow.retry_auth_callback or auth_resume  # type: ignore[unreachable, truthy-function]
+
+    # Choose the most recently established value for resume.
+    auth_resume = last(filter(None, (step.resume_auth_callback for step in steps)), auth_resume)
+    # Choose the most recently established value for retry, unless there is a more recent value for resume.
+    auth_retry = last(
+        filter(None, (step.retry_auth_callback or step.resume_auth_callback for step in steps)), auth_retry
+    )
+    return auth_resume, auth_retry
+
+
+def can_be_resumed(status: ProcessStatus) -> bool:
+    return status in (
+        ProcessStatus.SUSPENDED,  # Can be resumed
+        ProcessStatus.FAILED,  # Can be retried
+        ProcessStatus.API_UNAVAILABLE,  # subtype of FAILED
+        ProcessStatus.INCONSISTENT_DATA,  # subtype of FAILED
+    )
+
+
 def resolve_user_name(
     *,
     reporter: Reporter | None,
@@ -150,18 +193,25 @@ def new_process(
     dependencies=[Depends(check_global_lock, use_cache=False)],
 )
 def resume_process_endpoint(
-    process_id: UUID, request: Request, json_data: JSON = Body(...), user: str = Depends(user_name)
+    process_id: UUID,
+    request: Request,
+    json_data: JSON = Body(...),
+    user: str = Depends(user_name),
+    user_model: OIDCUserModel | None = Depends(authenticate),
 ) -> None:
     process = _get_process(process_id)
 
-    if process.last_status == ProcessStatus.COMPLETED:
-        raise_status(HTTPStatus.CONFLICT, "Resuming a completed workflow is not possible")
-
-    if process.last_status == ProcessStatus.RUNNING:
-        raise_status(HTTPStatus.CONFLICT, "Resuming a running workflow is not possible")
-
-    if process.last_status == ProcessStatus.RESUMED:
-        raise_status(HTTPStatus.CONFLICT, "Resuming a resumed workflow is not possible")
+    if not can_be_resumed(process.last_status):
+        raise_status(HTTPStatus.CONFLICT, f"Resuming a {process.last_status.lower()} workflow is not possible")
+
+    pstat = load_process(process)
+    auth_resume, auth_retry = get_auth_callbacks(get_current_steps(pstat), pstat.workflow)
+    if process.last_status == ProcessStatus.SUSPENDED:
+        if auth_resume is not None and not auth_resume(user_model):
+            raise_status(HTTPStatus.FORBIDDEN, "User is not authorized to resume step")
+    elif process.last_status == ProcessStatus.FAILED:
+        if auth_retry is not None and not auth_retry(user_model):
+            raise_status(HTTPStatus.FORBIDDEN, "User is not authorized to retry step")
 
     broadcast_invalidate_status_counts()
     broadcast_func = api_broadcast_process_data(request)

orchestrator/services/celery.py

@@ -19,6 +19,7 @@ import structlog
 from celery.result import AsyncResult
 from kombu.exceptions import ConnectionError, OperationalError
 
+from oauth2_lib.fastapi import OIDCUserModel
 from orchestrator import app_settings
 from orchestrator.api.error_handling import raise_status
 from orchestrator.db import ProcessTable, db
@@ -42,7 +43,11 @@ def _block_when_testing(task_result: AsyncResult) -> None:
 
 
 def _celery_start_process(
-    workflow_key: str, user_inputs: list[State] | None, user: str = SYSTEM_USER, **kwargs: Any
+    workflow_key: str,
+    user_inputs: list[State] | None,
+    user: str = SYSTEM_USER,
+    user_model: OIDCUserModel | None = None,
+    **kwargs: Any,
 ) -> UUID:
     """Client side call of Celery."""
     from orchestrator.services.tasks import NEW_TASK, NEW_WORKFLOW, get_celery_task
@@ -57,7 +62,7 @@ def _celery_start_process(
 
     task_name = NEW_TASK if wf_table.is_task else NEW_WORKFLOW
     trigger_task = get_celery_task(task_name)
-    pstat = create_process(workflow_key, user_inputs, user)
+    pstat = create_process(workflow_key, user_inputs=user_inputs, user=user, user_model=user_model)
     try:
         result = trigger_task.delay(pstat.process_id, workflow_key, user)
         _block_when_testing(result)

orchestrator/services/processes.py

@@ -467,9 +467,7 @@ def thread_start_process(
     user_model: OIDCUserModel | None = None,
     broadcast_func: BroadcastFunc | None = None,
 ) -> UUID:
-    pstat = create_process(workflow_key, user_inputs=user_inputs, user=user)
-    if not pstat.workflow.authorize_callback(user_model):
-        raise_status(HTTPStatus.FORBIDDEN, error_message_unauthorized(workflow_key))
+    pstat = create_process(workflow_key, user_inputs=user_inputs, user=user, user_model=user_model)
 
     _safe_logstep_with_func = partial(safe_logstep, broadcast_func=broadcast_func)
     return _run_process_async(pstat.process_id, lambda: runwf(pstat, _safe_logstep_with_func))
@@ -506,7 +504,6 @@ def thread_resume_process(
     *,
     user_inputs: list[State] | None = None,
     user: str | None = None,
-    user_model: OIDCUserModel | None = None,
     broadcast_func: BroadcastFunc | None = None,
 ) -> UUID:
     # ATTENTION!! When modifying this function make sure you make similar changes to `resume_workflow` in the test code
@@ -515,8 +512,6 @@ def thread_resume_process(
         user_inputs = [{}]
 
     pstat = load_process(process)
-    if not pstat.workflow.authorize_callback(user_model):
-        raise_status(HTTPStatus.FORBIDDEN, error_message_unauthorized(str(process.workflow_name)))
 
     if pstat.workflow == removed_workflow:
         raise ValueError("This workflow cannot be resumed")
@@ -556,7 +551,6 @@ def resume_process(
     *,
     user_inputs: list[State] | None = None,
     user: str | None = None,
-    user_model: OIDCUserModel | None = None,
     broadcast_func: BroadcastFunc | None = None,
 ) -> UUID:
     """Resume a failed or suspended process.
@@ -565,7 +559,6 @@ def resume_process(
         process: Process from database
         user_inputs: Optional user input from forms
         user: user who resumed this process
-        user_model: OIDCUserModel of user who resumed this process
         broadcast_func: Optional function to broadcast process data
 
     Returns:
@@ -573,8 +566,6 @@ def resume_process(
 
     """
     pstat = load_process(process)
-    if not pstat.workflow.authorize_callback(user_model):
-        raise_status(HTTPStatus.FORBIDDEN, error_message_unauthorized(str(process.workflow_name)))
 
     try:
         post_form(pstat.log[0].form, pstat.state.unwrap(), user_inputs=user_inputs or [])

orchestrator/utils/auth.py

@@ -0,0 +1,9 @@
+from collections.abc import Callable
+from typing import TypeAlias
+
+from oauth2_lib.fastapi import OIDCUserModel
+
+# This file is broken out separately to avoid circular imports.
+
+# Can instead use "type Authorizer = ..." in later Python versions.
+Authorizer: TypeAlias = Callable[[OIDCUserModel | None], bool]

orchestrator/workflow.py

@@ -45,6 +45,7 @@ from orchestrator.db import db, transactional
 from orchestrator.services.settings import get_engine_settings
 from orchestrator.targets import Target
 from orchestrator.types import ErrorDict, StepFunc
+from orchestrator.utils.auth import Authorizer
 from orchestrator.utils.docs import make_workflow_doc
 from orchestrator.utils.errors import error_state_to_dict
 from orchestrator.utils.state import form_inject_args, inject_args
@@ -80,6 +81,8 @@ class Step(Protocol):
     name: str
     form: InputFormGenerator | None
     assignee: Assignee | None
+    resume_auth_callback: Authorizer | None = None
+    retry_auth_callback: Authorizer | None = None
 
     def __call__(self, state: State) -> Process: ...
 
@@ -90,7 +93,8 @@ class Workflow(Protocol):
     __qualname__: str
     name: str
     description: str
-    authorize_callback: Callable[[OIDCUserModel | None], bool]
+    authorize_callback: Authorizer
+    retry_auth_callback: Authorizer
     initial_input_form: InputFormGenerator | None = None
     target: Target
     steps: StepList
@@ -99,13 +103,20 @@ class Workflow(Protocol):
 
 
 def make_step_function(
-    f: Callable, name: str, form: InputFormGenerator | None = None, assignee: Assignee | None = Assignee.SYSTEM
+    f: Callable,
+    name: str,
+    form: InputFormGenerator | None = None,
+    assignee: Assignee | None = Assignee.SYSTEM,
+    resume_auth_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Step:
     step_func = cast(Step, f)
 
     step_func.name = name
     step_func.form = form
     step_func.assignee = assignee
+    step_func.resume_auth_callback = resume_auth_callback
+    step_func.retry_auth_callback = retry_auth_callback
     return step_func
 
 
@@ -167,6 +178,7 @@ class StepList(list[Step]):
 
 
 def _handle_simple_input_form_generator(f: StateInputStepFunc) -> StateInputFormGenerator:
+    """Processes f into a form generator and injects a pre-hook for user authorization."""
     if inspect.isgeneratorfunction(f):
         return cast(StateInputFormGenerator, f)
     if inspect.isgenerator(f):
@@ -191,7 +203,8 @@ def make_workflow(
     initial_input_form: InputStepFunc | None,
     target: Target,
     steps: StepList,
-    authorize_callback: Callable[[OIDCUserModel | None], bool] | None = None,
+    authorize_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Workflow:
     @functools.wraps(f)
     def wrapping_function() -> NoReturn:
@@ -202,6 +215,10 @@ def make_workflow(
     wrapping_function.name = f.__name__  # default, will be changed by LazyWorkflowInstance
     wrapping_function.description = description
     wrapping_function.authorize_callback = allow if authorize_callback is None else authorize_callback
+    # If no retry auth policy is given, defer to policy for process creation.
+    wrapping_function.retry_auth_callback = (
+        wrapping_function.authorize_callback if retry_auth_callback is None else retry_auth_callback
+    )
 
     if initial_input_form is None:
         # We always need a form to prevent starting a workflow when no input is needed.
@@ -270,9 +287,16 @@ def retrystep(name: str) -> Callable[[StepFunc], Step]:
     return decorator
 
 
-def inputstep(name: str, assignee: Assignee) -> Callable[[InputStepFunc], Step]:
+def inputstep(
+    name: str,
+    assignee: Assignee,
+    resume_auth_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
+) -> Callable[[InputStepFunc], Step]:
     """Add user input step to workflow.
 
+    Any authorization callbacks will be attached to the resulting Step.
+
     IMPORTANT: In contrast to other workflow steps, the `@inputstep` wrapped function will not run in the
     workflow engine! This means that it must be free of side effects!
 
@@ -299,7 +323,14 @@ def inputstep(name: str, assignee: Assignee) -> Callable[[InputStepFunc], Step]:
         def suspend(state: State) -> Process:
             return Suspend(state)
 
-        return make_step_function(suspend, name, wrapper, assignee)
+        return make_step_function(
+            suspend,
+            name,
+            wrapper,
+            assignee,
+            resume_auth_callback=resume_auth_callback,
+            retry_auth_callback=retry_auth_callback,
+        )
 
     return decorator
 
@@ -479,7 +510,8 @@ def workflow(
     description: str,
     initial_input_form: InputStepFunc | None = None,
     target: Target = Target.SYSTEM,
-    authorize_callback: Callable[[OIDCUserModel | None], bool] | None = None,
+    authorize_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Callable[[Callable[[], StepList]], Workflow]:
     """Transform an initial_input_form and a step list into a workflow.
 
@@ -500,7 +532,13 @@ def workflow(
 
     def _workflow(f: Callable[[], StepList]) -> Workflow:
         return make_workflow(
-            f, description, initial_input_form_in_form_inject_args, target, f(), authorize_callback=authorize_callback
+            f,
+            description,
+            initial_input_form_in_form_inject_args,
+            target,
+            f(),
+            authorize_callback=authorize_callback,
+            retry_auth_callback=retry_auth_callback,
         )
 
     return _workflow

orchestrator/workflows/utils.py

@@ -20,12 +20,12 @@ from more_itertools import first_true
 from pydantic import field_validator, model_validator
 from sqlalchemy import select
 
-from oauth2_lib.fastapi import OIDCUserModel
 from orchestrator.db import ProductTable, SubscriptionTable, db
 from orchestrator.forms.validators import ProductId
 from orchestrator.services import subscriptions
 from orchestrator.targets import Target
 from orchestrator.types import SubscriptionLifecycle
+from orchestrator.utils.auth import Authorizer
 from orchestrator.utils.errors import StaleDataError
 from orchestrator.utils.state import form_inject_args
 from orchestrator.utils.validate_data_version import validate_data_version
@@ -201,7 +201,8 @@ def create_workflow(
     initial_input_form: InputStepFunc | None = None,
     status: SubscriptionLifecycle = SubscriptionLifecycle.ACTIVE,
     additional_steps: StepList | None = None,
-    authorize_callback: Callable[[OIDCUserModel | None], bool] | None = None,
+    authorize_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Callable[[Callable[[], StepList]], Workflow]:
     """Transform an initial_input_form and a step list into a workflow with a target=Target.CREATE.
 
@@ -234,6 +235,7 @@ def create_workflow(
             Target.CREATE,
             steplist,
             authorize_callback=authorize_callback,
+            retry_auth_callback=retry_auth_callback,
         )
 
     return _create_workflow
@@ -243,7 +245,8 @@ def modify_workflow(
     description: str,
     initial_input_form: InputStepFunc | None = None,
     additional_steps: StepList | None = None,
-    authorize_callback: Callable[[OIDCUserModel | None], bool] | None = None,
+    authorize_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Callable[[Callable[[], StepList]], Workflow]:
     """Transform an initial_input_form and a step list into a workflow.
 
@@ -278,6 +281,7 @@ def modify_workflow(
             Target.MODIFY,
             steplist,
             authorize_callback=authorize_callback,
+            retry_auth_callback=retry_auth_callback,
         )
 
     return _modify_workflow
@@ -287,7 +291,8 @@ def terminate_workflow(
     description: str,
     initial_input_form: InputStepFunc | None = None,
     additional_steps: StepList | None = None,
-    authorize_callback: Callable[[OIDCUserModel | None], bool] | None = None,
+    authorize_callback: Authorizer | None = None,
+    retry_auth_callback: Authorizer | None = None,
 ) -> Callable[[Callable[[], StepList]], Workflow]:
     """Transform an initial_input_form and a step list into a workflow.
 
@@ -323,6 +328,7 @@ def terminate_workflow(
             Target.TERMINATE,
             steplist,
             authorize_callback=authorize_callback,
+            retry_auth_callback=retry_auth_callback,
         )
 
     return _terminate_workflow

{orchestrator_core-4.1.0rc1.dist-info → orchestrator_core-4.1.0rc2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: orchestrator-core
-Version: 4.1.0rc1
+Version: 4.1.0rc2
 Summary: This is the orchestrator workflow engine.
 Requires-Python: >=3.11,<3.14
 Classifier: Intended Audience :: Information Technology

{orchestrator_core-4.1.0rc1.dist-info → orchestrator_core-4.1.0rc2.dist-info}/RECORD

@@ -1,4 +1,4 @@
-orchestrator/__init__.py,sha256=tOY8a4U2sGqlMaBFFS05G5fpTsG5MQWrMraMt7i-SW0,1066
+orchestrator/__init__.py,sha256=rvhBWDPCO-2bbuNrSMvfh1UqquJITXBYE2zo4tsKmWo,1066
 orchestrator/app.py,sha256=7UrXKjBKNSEaSSXAd5ww_RdMFhFqE4yvfj8faS2MzAA,12089
 orchestrator/exception_handlers.py,sha256=UsW3dw8q0QQlNLcV359bIotah8DYjMsj2Ts1LfX4ClY,1268
 orchestrator/log_config.py,sha256=1tPRX5q65e57a6a_zEii_PFK8SzWT0mnA5w2sKg4hh8,1853
@@ -8,7 +8,7 @@ orchestrator/settings.py,sha256=TFIv09JIKY-lXqd04lH_XEcijEEyheaz3zTcgeG8DEI,4339
 orchestrator/targets.py,sha256=WizBgnp8hWX9YLFUIju7ewSubiwQqinCvyiYNcXHbHI,802
 orchestrator/types.py,sha256=qzs7xx5AYRmKbpYRyJJP3wuDb0W0bcAzefCN0RWLAco,15459
 orchestrator/version.py,sha256=b58e08lxs47wUNXv0jXFO_ykpksmytuzEXD4La4W-NQ,1366
-orchestrator/workflow.py,sha256=T_3Z1PrlF70C16ehAthKRF1hd3jpwV-MREDVxSLfxOw,44063
+orchestrator/workflow.py,sha256=N4KGmH_Nf0U6nTxs62-qby7WVIoppHF6uKrZKCdxwfQ,45285
 orchestrator/api/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n8XzmLU,571
 orchestrator/api/error_handling.py,sha256=YrPCxSa-DSa9KwqIMlXI-KGBGnbGIW5ukOPiikUH9E4,1502
 orchestrator/api/helpers.py,sha256=s0QRHYw8AvEmlkmRhuEzz9xixaZKUF3YuPzUVHkcoXk,6933
@@ -17,7 +17,7 @@ orchestrator/api/api_v1/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n
 orchestrator/api/api_v1/api.py,sha256=m4iDktsSpzxUDaudkdgXeZ83a6B4wfc3pczQsa-Pb-8,2866
 orchestrator/api/api_v1/endpoints/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n8XzmLU,571
 orchestrator/api/api_v1/endpoints/health.py,sha256=iaxs1XX1_250_gKNsspuULCV2GEMBjbtjsmfQTOvMAI,1284
-orchestrator/api/api_v1/endpoints/processes.py,sha256=i5GRoszvdmpZqOxSqON83DNuc0UIV-ohOqbAa0OhESE,13564
+orchestrator/api/api_v1/endpoints/processes.py,sha256=Ah_Dc9ONXDpaFzLTqSNdhkGPHC7vUBkWmx1fWsEwbzo,16076
 orchestrator/api/api_v1/endpoints/product_blocks.py,sha256=kZ6ywIOsS_S2qGq7RvZ4KzjvaS1LmwbGWR37AKRvWOw,2146
 orchestrator/api/api_v1/endpoints/products.py,sha256=BfFtwu9dZXEQbtKxYj9icc73GKGvAGMR5ytyf41nQlQ,3081
 orchestrator/api/api_v1/endpoints/resource_types.py,sha256=gGyuaDyOD0TAVoeFGaGmjDGnQ8eQQArOxKrrk4MaDzA,2145
@@ -260,11 +260,11 @@ orchestrator/schemas/subscription.py,sha256=-jXyHZIed9Xlia18ksSDyenblNN6Q2yM2FlG
 orchestrator/schemas/subscription_descriptions.py,sha256=Ft_jw1U0bf9Z0U8O4OWfLlcl0mXCVT_qYVagBP3GbIQ,1262
 orchestrator/schemas/workflow.py,sha256=VqQ9XfV4fVd6MjY0LRRQzWBJHmlPsAamWfTwDx1cZkg,2102
 orchestrator/services/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n8XzmLU,571
-orchestrator/services/celery.py,sha256=SmAUsN755yE7cZ3og92qTvPPeRIpdEKlbaLih7o38h8,5089
+orchestrator/services/celery.py,sha256=PsIgRBJsmA3vKwAUaqPq9ynLwDsXHY2ggDWc-nQAwgM,5232
 orchestrator/services/fixed_inputs.py,sha256=kyz7s2HLzyDulvcq-ZqefTw1om86COvyvTjz0_5CmgI,876
 orchestrator/services/input_state.py,sha256=HF7wl9fWdaAW8pdCCqbuYoKyNj8dY0g8Ff8vXis8z5A,2211
 orchestrator/services/process_broadcast_thread.py,sha256=D44YbjF8mRqGuznkRUV4SoRn1J0lfy_x1H508GnSVlU,4649
-orchestrator/services/processes.py,sha256=rTH6zLNsun3qDCPguz2LYS87MQR_LJREIPrgkGS6kwk,30494
+orchestrator/services/processes.py,sha256=gXWdsJK8m_KwM4g-8LBQMb1tEcjUJWWIKmqobTE7OmU,29903
 orchestrator/services/products.py,sha256=BP4KyE8zO-8z7Trrs5T6zKBOw53S9BfBJnHWI3p6u5Y,1943
 orchestrator/services/resource_types.py,sha256=_QBy_JOW_X3aSTqH0CuLrq4zBJL0p7Q-UDJUcuK2_qc,884
 orchestrator/services/settings.py,sha256=HEWfFulgoEDwgfxGEO__QTr5fDiwNBEj1UhAeTAdbLQ,3159
@@ -275,6 +275,7 @@ orchestrator/services/tasks.py,sha256=NjPkuauQoh9UJDcjA7OcKFgPk0i6NoKdDO7HlpGbBJ
 orchestrator/services/translations.py,sha256=GyP8soUFGej8AS8uulBsk10CCK6Kwfjv9AHMFm3ElQY,1713
 orchestrator/services/workflows.py,sha256=iEkt2OBuTwkDru4V6ZSKatnw0b96ZdPV-VQqeZ9EOgU,4015
 orchestrator/utils/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n8XzmLU,571
+orchestrator/utils/auth.py,sha256=IWn0amdquLobt1mRNwhgKT0ErCBjLGDtLdsDuaY8rlE,309
 orchestrator/utils/crypt.py,sha256=18eNamYWMllPkxyRtWIde3FDr3rSF74R5SAL6WsCj9Y,5584
 orchestrator/utils/datetime.py,sha256=a1WQ_yvu7MA0TiaRpC5avwbOSFdrj4eMrV4a7I2sD5Q,1477
 orchestrator/utils/deprecation_logger.py,sha256=oqju7ecJcB_r7cMnldaOAA79QUZYS_h69IkDrFV9nAg,875
@@ -302,14 +303,14 @@ orchestrator/workflows/__init__.py,sha256=NzIGGI-8SNAwCk2YqH6sHhEWbgAY457ntDwjO1
 orchestrator/workflows/modify_note.py,sha256=l6QtijRPv8gnHxzwTz_4nWIPcZ0FcKQh_yFbtjYEDMg,2163
 orchestrator/workflows/removed_workflow.py,sha256=V0Da5TEdfLdZZKD38ig-MTp3_IuE7VGqzHHzvPYQmLI,909
 orchestrator/workflows/steps.py,sha256=ulpheoHaCOE1qh71Bja4KW4pItQh1Z6q4QU4tn5GtNk,6067
-orchestrator/workflows/utils.py,sha256=yBwfITlseimyLEzbwI0ehOAlr-xI1N3WGVudFz4boXk,13778
+orchestrator/workflows/utils.py,sha256=9j0hQOvGnjXUuVUMMzSIpdiyT5NzijhLh1sBXbd5QJA,14008
 orchestrator/workflows/tasks/__init__.py,sha256=GyHNfEFCGKQwRiN6rQmvSRH2iYX7npjMZn97n8XzmLU,571
 orchestrator/workflows/tasks/cleanup_tasks_log.py,sha256=BfWYbPXhnLAHUJ0mlODDnjZnQQAvKCZJDVTwbwOWI04,1624
 orchestrator/workflows/tasks/resume_workflows.py,sha256=MzJqlSXUvKStkT7NGzxZyRlfAer_ezYm-kjUqaZi0yc,2359
 orchestrator/workflows/tasks/validate_product_type.py,sha256=paG-NAY1bdde3Adt8zItkcBKf5Pxw6f5ngGW6an6dYU,3192
 orchestrator/workflows/tasks/validate_products.py,sha256=GZJBoFF-WMphS7ghMs2-gqvV2iL1F0POhk0uSNt93n0,8510
 orchestrator/workflows/translations/en-GB.json,sha256=ST53HxkphFLTMjFHonykDBOZ7-P_KxksktZU3GbxLt0,846
-orchestrator_core-4.1.0rc1.dist-info/licenses/LICENSE,sha256=b-aA5OZQuuBATmLKo_mln8CQrDPPhg3ghLzjPjLn4Tg,11409
-orchestrator_core-4.1.0rc1.dist-info/WHEEL,sha256=G2gURzTEtmeR8nrdXUJfNiB3VYVxigPQ-bEQujpNiNs,82
-orchestrator_core-4.1.0rc1.dist-info/METADATA,sha256=hyIGgttPRSo2gjx2V1kbbpd5MvEbnCttnUJ2LzZEyP4,5073
-orchestrator_core-4.1.0rc1.dist-info/RECORD,,
+orchestrator_core-4.1.0rc2.dist-info/licenses/LICENSE,sha256=b-aA5OZQuuBATmLKo_mln8CQrDPPhg3ghLzjPjLn4Tg,11409
+orchestrator_core-4.1.0rc2.dist-info/WHEEL,sha256=G2gURzTEtmeR8nrdXUJfNiB3VYVxigPQ-bEQujpNiNs,82
+orchestrator_core-4.1.0rc2.dist-info/METADATA,sha256=Ls33kV9YCHIfgDAD1pZ-7e4_EcsKBpWZ8iRSZCDQk-Y,5073
+orchestrator_core-4.1.0rc2.dist-info/RECORD,,