Client Token tests

Owned by Thomas, Jyothish (STFC,RAL,SC)
Apr 08, 2024
1 min read

  1. install htgettoken-1.20-1.osg36.el8.x86_64

  2. eval `oidc-agent`

  3. if setting up the first time:

    1. oidc-gen -w device <username>

    2. connect to https://wlcg.cloud.cnaf.infn.it/ for dteam

    3. set max scopes

    4. go to the link provided and enter the OTP code

    5. create a password

  4. if you’ve already created a username

    1. oidc-add <username>

    2. enter the password

  5. ( export BEARER_TOKEN=$(oidc-token --scope=offline_access --scope=storage.read:/ --time=3600 cms_katy) ; unset X509_USER_PROXY ; gfal-stat davs://ceph-dev-gw4.gridpp.rl.ac.uk:1094/atlas:scratchdisk/rucio/user/jwalder/test/test1M ; )

    1. storage permissions are storage.read, storage.modify and storage.create.

    2. if for some reason this fails when it should work, create a new user (with the above setup instruction)