Issue #112: Port user's auth to rida to use the new ipsilon API keys - fm-orchestrator

fm-orchestrator

#112 Port user's auth to rida to use the new ipsilon API keys

Closed: Fixed 7 years ago Opened 7 years ago by ralph.

Ask @puiterwijk, but we currently use cert authentication to authenticate users' requests to rida.

Rida then queries FAS directly to figure out if the user is in the packager group or not.

@puiterwijk has a new scheme of API keys that should allow us to 1) get rid of certs and 2) get rid of the query to FAS with an API key system he is setting up.

For this ticket, we should ping puiterwijk directly and figure out the appropriate code and configuration changes.

ralph commented 7 years ago

@puiterwijk says that this is standard OpenID Connect (OIDC) (which is an opinionated version of OAuth2).

We should look at "token introspection" for starters.

ralph commented 7 years ago

Just confirmed by asking @puiterwijk. We should still look at token introspection for OIDC to implement this.

@jkaluza changed the status to Closed

7 years ago

Metadata

Assignee

jkaluza

Tags

None

Blocking

None

Depending on

None

fm-orchestrator

Source Code

#112 Port user's auth to rida to use the new ipsilon API keys Closed: Fixed 7 years ago Opened 7 years ago by ralph.

Metadata

#112 Port user's auth to rida to use the new ipsilon API keys

Closed: Fixed 7 years ago Opened 7 years ago by ralph.