From 234f8a5d7f6fb7c20b95a89d4dd65f0d5fa91c04 Mon Sep 17 00:00:00 2001
From: jwlodek <jwlodek.dev@gmail.com>
Date: Tue, 29 Oct 2024 11:41:45 -0400
Subject: [PATCH] Update authentication method for sync experiment to be more
 robust in the case of dc server being down

---
 nslsii/sync_experiment/sync_experiment.py | 38 ++++++++++++++---------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/nslsii/sync_experiment/sync_experiment.py b/nslsii/sync_experiment/sync_experiment.py
index f9c88b6..3dfbd82 100644
--- a/nslsii/sync_experiment/sync_experiment.py
+++ b/nslsii/sync_experiment/sync_experiment.py
@@ -1,5 +1,5 @@
 from ldap3 import Server, Connection, NTLM
-from ldap3.core.exceptions import LDAPInvalidCredentialsResult
+from ldap3.core.exceptions import LDAPInvalidCredentialsResult, LDAPSocketOpenError
 
 import json
 import re
@@ -88,21 +88,31 @@ def validate_proposal(data_session_value, beamline) -> Dict[str, Any]:
 
 def authenticate(username):
 
-    auth_server = Server("dc2.bnl.gov", use_ssl=True)
+    authenticated = False
+    for server in ["1", "2", "3"]:
+        if authenticated:
+            break
+        auth_server = Server(f"dc{server}.bnl.gov", use_ssl=True)
+
+        try:
+            connection = Connection(
+                auth_server,
+                user=f"BNL\\{username}",
+                password=getpass("Password : "),
+                authentication=NTLM,
+                auto_bind=True,
+                raise_exceptions=True,
+            )
+            print(f"\nAuthenticated as : {connection.extend.standard.who_am_i()}")
+            authenticated = True
 
-    try:
-        connection = Connection(
-            auth_server,
-            user=f"BNL\\{username}",
-            password=getpass("Password : "),
-            authentication=NTLM,
-            auto_bind=True,
-            raise_exceptions=True,
-        )
-        print(f"\nAuthenticated as : {connection.extend.standard.who_am_i()}")
+        except LDAPInvalidCredentialsResult:
+            raise RuntimeError(f"Invalid credentials for user '{username}'.") from None
+        except LDAPSocketOpenError:
+            print(f"DC{server} server connection failed...")
 
-    except LDAPInvalidCredentialsResult:
-        raise RuntimeError(f"Invalid credentials for user '{username}'.") from None
+    if not authenticated:
+        raise RuntimeError("All authentication servers are unavailable.")
 
 
 def should_they_be_here(username, new_data_session, beamline):