Inconsistency between Orders' and Data's checksum parameters

[kevinlacaille]

Orders client: validate_checksum takes in the filename and the type of checksum (MD5 or SHA256)
Data client: validate_checksum takes in the asset and the filename and performs an MD5 checksum

This inconsistency dampens the UX when asking the client or CLI to perform a checksum. For instance, for the Data CLI, when performing your checksum after downloading an asset, you do not need to choose between MD5 and SHA256, because it'll simply perform an MD5 checksum.

I suggest we either ask the Data client to perform both checksums or make the Orders API only perform the MD5 checksum.

Previous
Orders client:

def validate_checksum(directory: Path, checksum: str):
    ...

Data client:

def validate_checksum(asset: dict, filename: Path):
    ...

Suggested change
Orders client:

def validate_checksum(filename: Path, checksum: str):
    ...

Data client:

def validate_checksum(asset: dict, filename: Path, checksum: str):
    ...

OR

Orders client:

def validate_checksum(filename: Path):
    ...

def validate_checksum(asset: dict, filename: Path):
    ...

[JSee98]

Hi @kevinlacaille, I'd like to pick this task up. I feel the first suggested method is better (that would prevent reducing the available functionality in the future version). As it hasn't been assigned as of now, could you assign it to me?

[JSee98]

Also, I checked out the code. The only way this might be possible is if the asset contains a "SHA256" hash as well to compare with the downloaded file's hash (referencing to this line

planet-client-python/planet/clients/data.py

Line 629 in 79d9a3c

origin_hash = asset['md5_digest']

).
I cannot get a dummy asset or its structure in the API docs if you can confirm this it would be a great help.

[kevinlacaille]

Hi @JSee98, thanks for your interest in Planet SDK! We're more than happy to have you contribute to our project.

After checking the API spec for the Data API , MD5 is the only checksum option available for the Data client. I suppose this is why we left the checksum keyword out of the Data client's validate_checksum() function in first place. That was a nice catch, I just assumed the Data API could do both!

Because the Data API only performs MD5 checksums and the Orders API can choose between MD5 and SHA256, I think the asymmetry between the two validate_checksum() functions will remain.

I feel as though this ticket can be closed without any changes to the two functions.

@JSee98, thank you for reducing our backlog and please do not let this discourage you in contributing to the project, there are many more tickets that need attention.