Tuesday, 2023/10/24
10:00 am ET
Terrell Russell, Kory Draughn, Alan King, Martin Flores, Harry Kodden (SURF), Claudio Cacciari (SURF)
DISCUSSION
- OIDC/OAuth2 in HTTP API
- OIDC Merged - irods/irods_client_http_api#75
- Initial release coming this week
- process_stash PR
- Dockerization PR
- Builder (released/built image will be published)
- Runner
- Documentation PR
- After initial release
- Alternative user mapping to happen after initial release
- Refresh tokens
- Deprecating temporary passwords
- Maastricht looking into current usage
- Thinking usage can be moved to LimitedPassword
- Differences are minimal - obfuscation, TTL
- Python client does not yet support LimitedPassword API
- pam_password in 4.3
- Berlin reporting something is different in the prompting codepaths
- pam_password now prompting more consistently than 4.2 'pam'
- PamAuthCheck has not changed since 2016
- May actually want pam_interactive due to controlling the flow
- Current thinking - this may be behaving as expected/desired
- Consortium may need to write our own pam module for testing/confirmation
- Next meeting
- January 2024