Add auth to State by nemanjabogdanovic · Pull Request #10 · box-id/workflow_engine

nemanjabogdanovic · 2026-05-18T12:44:18Z

No description provided.

bdebinska

I'm not entirely convinced this is necessary. Why does "auth" have to be a top level key? Can't it be part of the action itself?

bdebinska · 2026-05-18T12:46:54Z

        max_retries: max_retries,
        decode_body: decode_body
      )
      |> Req.update(


maybe use Req.merge?

Good catch, but it's older code and not super-relevant for this PR, so I'd prefer handling it separately if that's okay

bdebinska · 2026-05-18T12:50:18Z

Another comment from my side: This branch and PR should be linked to the ticket

nemanjabogdanovic · 2026-05-18T12:55:54Z

I'm not entirely convinced this is necessary. Why does "auth" have to be a top level key? Can't it be part of the action itself?

It's so that the services themselves (e.g. Batch Service) can generate and set the auth key outside a single action/step (a step shouldn't be involved in the auth of the calling services).

bdebinska · 2026-05-18T13:02:42Z

I'm not entirely convinced this is necessary. Why does "auth" have to be a top level key? Can't it be part of the action itself?

It's so that the services themselves (e.g. Batch Service) can generate and set the auth key outside a single action/step (a step shouldn't be involved in the auth of the calling services).

Bad formulation on my side sorry. I meant more that it seems that having a separate "auth" action/step, instead of having it in the state directly seems more fitting to me.

nemanjabogdanovic · 2026-05-18T13:22:03Z

I'm not entirely convinced this is necessary. Why does "auth" have to be a top level key? Can't it be part of the action itself?

It's so that the services themselves (e.g. Batch Service) can generate and set the auth key outside a single action/step (a step shouldn't be involved in the auth of the calling services).

Bad formulation on my side sorry. I meant more that it seems that having a separate "auth" action/step, instead of having it in the state directly seems more fitting to me.

Hm, maybe.. My line of thinking was always that the current workflows shouldn't be affected/touched, so I put everything on the services. We could discuss this other way as well

iStefo · 2026-05-18T14:25:18Z

Hi all 👋

I'd like to throw a different suggestion into the ring: Make authentication a callback-based operation (optional of course). This brings flexibility while keeping complexity out of workflow engine.

While I haven't fully thought this through, I could image it looking like this:

defmodule MyApp.WorkflowEngine do
  use WorkflowEngine, …

  def authenticate(:http, target, auth_context) do
    {:ok, {:bearer, "foobar"}}
  end

  def authenticate(_action_type, _target, _auth_context), do: {:ok, nil}
end

where :http is hardcoded based on the action type, target would depend on the action type (for HTTP it could be either the full URL or a {method, host, path} tuple) and auth_context is a struct with

%{
  state: %WorkflowEngine.State{},
  action: %{}, # action JSON being executed
  workflow: %{} # whole workflow JSON definition or identifier?
}

Information about the acting entity would be placed into a new key in the workflow engine's state when calling execute. But then no token needs to be fetched or created if the workflow doesn't even ask for auth, while automatically centralizing authentication code for all workflow executions.

The return format would depend on the action type, for HTTP you could initially support {:ok, nil} or {:ok, {:bearer, "token"}} and then later also basic auth etc. when needed. Other actions might need different auth formats (SSH or API keys, client certificates...)

To make it easy to use, WorkflowEngine should add/generate a get_auth method that can be used by actions to fetch auth for the current action if the callback has been implemented by the hosting application.

nemanjabogdanovic · 2026-05-19T07:16:32Z

Hi all 👋

I'd like to throw a different suggestion into the ring: Make authentication a callback-based operation (optional of course). This brings flexibility while keeping complexity out of workflow engine.

While I haven't fully thought this through, I could image it looking like this:
...

Heyy, thanks for the suggestion! I like the idea overall, I'll try and see if I can cook something up around it

bdebinska

Code-wise looks good, but I'm still not convinced we should add this feature if we won't be meaningfully using it in the foreseeable future

mpneuried

Code wise it looks good.
Only some small doc extensions would be nice.

I partially agree with BDE, on the other side we now put effort in it and it's covered by tests. So I'm fine with it.

nemanjabogdanovic added 2 commits May 18, 2026 14:33

Add auth to State

5c6a13d

Add auth to README

7e17ffd

nemanjabogdanovic requested a review from a team May 18, 2026 12:44

nemanjabogdanovic self-assigned this May 18, 2026

nemanjabogdanovic added the enhancement New feature or request label May 18, 2026

bdebinska reviewed May 18, 2026

View reviewed changes

nemanjabogdanovic changed the title ~~Add auth to State~~ PD-4147 Add auth to State May 18, 2026

Switch Auth to a callback variant

75aa7ed

nemanjabogdanovic changed the title ~~PD-4147 Add auth to State~~ Add auth to State May 20, 2026

bdebinska approved these changes May 20, 2026

View reviewed changes

mpneuried approved these changes May 20, 2026

View reviewed changes

Comment thread lib/auth.ex Outdated

Comment thread README.md Outdated

Add Req auth docs

a34744d

nemanjabogdanovic requested review from bdebinska and mpneuried May 20, 2026 13:19

bdebinska approved these changes May 20, 2026

View reviewed changes

nemanjabogdanovic merged commit 3a21fbd into main May 20, 2026
11 checks passed

nemanjabogdanovic deleted the add_auth_to_state branch May 20, 2026 13:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add auth to State#10

Add auth to State#10
nemanjabogdanovic merged 4 commits into
mainfrom
add_auth_to_state

nemanjabogdanovic commented May 18, 2026

Uh oh!

bdebinska left a comment

Uh oh!

bdebinska May 18, 2026

Uh oh!

nemanjabogdanovic May 18, 2026

Uh oh!

bdebinska commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 18, 2026

Uh oh!

bdebinska commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 18, 2026

Uh oh!

iStefo commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 19, 2026

Uh oh!

bdebinska left a comment •

edited

Loading

Uh oh!

mpneuried left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

nemanjabogdanovic commented May 18, 2026

Uh oh!

bdebinska left a comment

Choose a reason for hiding this comment

Uh oh!

bdebinska May 18, 2026

Choose a reason for hiding this comment

Uh oh!

nemanjabogdanovic May 18, 2026

Choose a reason for hiding this comment

Uh oh!

bdebinska commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 18, 2026

Uh oh!

bdebinska commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 18, 2026

Uh oh!

iStefo commented May 18, 2026

Uh oh!

nemanjabogdanovic commented May 19, 2026

Uh oh!

bdebinska left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

mpneuried left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

bdebinska left a comment •

edited

Loading