#19 Rewrite Flask OIDC
Opened 10 months ago by zlopez. Modified 8 months ago

New initiative: Flask OIDC

What is this initiative about?

Migrate Flask OIDC from oauth2client to something else that is not deprecated.

Why this initiative?

The Flask OIDC is using oauth2client library for authentication. This library was deprecated in 2018.
We want to move your apps to OpenID Connect using the flask-oidc in most cases. And we already have some that are using it.
It is a security risk for your apps to use deprecated authentication library. So this will be a security benefit for all apps using flask framework.

Definition of success

The Flask OIDC is migrated to maintained authentication library.

Area/community impacted

This affects authentication process on every Fedora app using Flask framework.

Dependencies

It would be nice to have security expert on this initiative
Authentication expert would be nice as well

Deadline

As soon as possible, we don't want to use deprecated authentication library in our infra


Metadata Update from @amoloney:
- Issue tagged with: In Review

8 months ago

I did quite a bit of work with the authlib library on Bodhi to port it to OIDC, and it already has some support for Flask. I may be able to help with this initiative or with prototyping/scoping.

Issue tagged with: Accepted

8 months ago

Login to comment on this ticket.

Metadata
Boards 1
2022 Status: In Progress