#12075 OIDC request for Konflux cluster for fedora
Closed: Fixed 6 months ago by zlopez. Opened 6 months ago by humaton.

  • What is the application main URL? https://console-openshift-console.apps.kfluxfedorap01.toli.p1.openshiftapps.com
  • Who will be the main contact for the application, or will this be core infrastructure? -- Gal Ben Haim, Konflunx Infra (konflux-infra@redhat.com)
  • What privacy policy will be applicable to the application, or will this be -- Not Sure
    the standard Fedora privacy policy?
    Some more OIDC specific information then:
  • Which redirect URI(s) will the application use?
  • flask-oidc defaults to: <APPLICATION_URL>/oidc_callback
    but it's configurable (so double-check)
  • Does the application need the user names, or will an application-specific
    pseudonym suffice?
  • ie: using flask-oidc, do you ever rely on OIDC.user_getfield('sub') to
    get the user's username. If not, this question likely does not matter for
    your application
  • Which authorization flow does the application use?
  • flask-oidc: authorization_code
  • Which token authentication method does the application use?
  • flask-oidc: client_secret_post
  • Which response type does the application rely on?
  • flask-oidc: Code

Metadata Update from @humaton:
- Issue assigned to zlopez

6 months ago

I created entry in ipsilon for staging, so we can test that out.

Metadata Update from @kevin:
- Issue priority set to: Waiting on Assignee (was: Needs Review)

6 months ago

The konflux-ci is now authenticating correctly on staging :-)

Metadata Update from @zlopez:
- Issue priority set to: Needs Review (was: Waiting on Assignee)

6 months ago

Metadata Update from @zlopez:
- Issue priority set to: Waiting on Assignee (was: Needs Review)

6 months ago

Production OIDC entry was created for konflux-ci.

The konflux-ci folks confirmed that the OIDC entry works for them. I asked to reach to me if they need anything else.

Closing this as fixed.

Metadata Update from @zlopez:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

6 months ago

Log in to comment on this ticket.

Metadata
Boards 1
ops Status: Backlog